Malware Analysis Report

2024-11-30 02:05

Sample ID 240329-t944gsdc95
Target ChromeSetup.exe
SHA256 a4db9afee79ce6d345ec93014d0fca5d54dd509bec8a429990cd5ef2777434dc
Tags
rhadamanthys discovery persistence spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a4db9afee79ce6d345ec93014d0fca5d54dd509bec8a429990cd5ef2777434dc

Threat Level: Known bad

The file ChromeSetup.exe was found to be: Known bad.

Malicious Activity Summary

rhadamanthys discovery persistence spyware stealer

Suspicious use of NtCreateUserProcessOtherParentProcess

Rhadamanthys

Reads user/profile data of web browsers

Legitimate hosting services abused for malware hosting/C2

Modifies Installed Components in the registry

Adds Run key to start application

Maps connected drives based on registry

Enumerates connected drives

Sets file execution options in registry

Checks computer location settings

Drops file in System32 directory

Suspicious use of SetThreadContext

Drops file in Windows directory

Registers COM server for autorun

Loads dropped DLL

Drops file in Program Files directory

Executes dropped EXE

Checks installed software on the system

Enumerates physical storage devices

Program crash

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Script User-Agent

Suspicious use of FindShellTrayWindow

Enumerates processes with tasklist

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: AddClipboardFormatListener

Modifies data under HKEY_USERS

Modifies Internet Explorer settings

Uses Task Scheduler COM API

Checks processor information in registry

Modifies system certificate store

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious behavior: GetForegroundWindowSpam

Checks SCSI registry key(s)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-29 16:46

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-03-29 16:46

Reported

2024-03-29 17:05

Platform

win10v2004-20231215-es

Max time kernel

1135s

Max time network

1136s

Command Line

sihost.exe

Signatures

Rhadamanthys

stealer rhadamanthys

Suspicious use of NtCreateUserProcessOtherParentProcess

Description Indicator Process Target
PID 4668 created 2956 N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe C:\Windows\system32\sihost.exe

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet" C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\R: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\T: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\T: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\U: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\L: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\Q: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\R: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\W: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\V: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\Z: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\W: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\B: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\Z: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\G: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\K: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\V: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\Q: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\M: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\K: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\E: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\X: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\B: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\B: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\T: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\X: C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
File opened (read-only) \??\E: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\P: C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A

Maps connected drives based on registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\Count C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\Count C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\Count C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\Count C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\123.0.6312.86\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level --channel=stable" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SysWOW64\SET8C2C.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File created C:\Windows\SysWOW64\SET8C2C.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\SysWOW64\msvcp50.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\flags\is-9CKT6.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files\Google\Chrome\Temp\source5980_1005147792\Chrome-bin\123.0.6312.86\libGLESv2.dll C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping3656_251748559\_locales\ur\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\t3.nbd C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\is-3AUTG.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\is-KGTB5.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\is-BSIEB.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\is-G61RT.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\is-9OATE.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_gu.dll C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_hr.dll C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page17.htm C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\lang\is-EMQL5.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\is-555IH.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\is-14TM9.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\is-I9VHU.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\OCO\is-E45I0.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\is-RGLGG.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping2868_682698537\manifest.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\is-76K01.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\is-FQU1B.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\Energy\is-BTS26.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping3656_251748559\_locales\zh_TW\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page6.jpg C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\is-1HH5A.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\startseite\is-UIAS6.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_nl.dll C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_pt-BR.dll C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\t2.nbd C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page3.jpg C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\is-9PN1P.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\is-QJSO5.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Options\CheckRuntimes.bat C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page9.jpg C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page2.jpg C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\lang\is-KBIB2.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\is-MOLL9.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping3656_251748559\_locales\fil\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\flags\is-NEEEP.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\flags\is-C6J9P.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sk.dll C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping2868_354237408\crl-set C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping2868_354237408\LICENSE C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\is-C741I.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_is.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping3656_251748559\_locales\sl\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\is-RQ2LC.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\is-OFP6N.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\OCO\is-F0NVD.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_fi.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page15.jpg C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\lang\is-J8HD3.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\is-H28EN.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\data\is-5DBTH.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\is-V7APA.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateBroker.exe C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source5980_1005147792\Chrome-bin\123.0.6312.86\mojo_core.dll C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping3656_251748559\128.png C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\j2.nbd C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\is-P5F8L.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\is-L8SRK.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File created C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\is-63B2N.tmp C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp N/A
File opened for modification C:\Program Files (x86)\BonziBuddy432\AUTPRX32.DLL C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\INF\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\msagent\intl\SET8905.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgtCtl15.tlb C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\lhsp\tv\SET8BF9.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File created C:\Windows\msagent\SET88BD.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88BE.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\lhsp\tv\tvenuax.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\INF\tv_enua.inf C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\INF\SET8C0C.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\SET88BE.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88D1.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentSR.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET88F2.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\INF\SET88F3.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\lhsp\help\SET8BFA.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\SET88D0.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentMPx.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET88E1.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\INF\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\msagent\mslwvtts.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\lhsp\help\SET8BFA.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\chars\Bonzi.acs C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Windows\msagent\AgentDPv.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET88D1.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\fonts\SET8C0B.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File created C:\Windows\msagent\SET88CF.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentPsh.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET88F4.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\fonts\andmoipa.ttf C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File created C:\Windows\msagent\SET88BC.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentDp2.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\INF\agtinst.inf C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\fonts\SET8C0B.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\lhsp\tv\SET8BF8.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\SET88BD.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET88CF.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88E1.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88F2.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentAnm.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\help\Agt0409.hlp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\SET8926.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET8926.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\INF\SET8C0C.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\SET88BC.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\INF\SET88F3.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\help\SET8904.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentSvr.exe C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\help\SET8904.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\intl\SET8905.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\lhsp\tv\SET8BF8.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\msagent\chars\Peedy.acs C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
File opened for modification C:\Windows\msagent\intl\Agt0409.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\msagent\AgentCtl.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88D0.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File created C:\Windows\msagent\SET88F4.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
File opened for modification C:\Windows\lhsp\tv\tv_enua.dll C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\lhsp\tv\SET8BF9.tmp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
File opened for modification C:\Windows\lhsp\help\tv_enua.hlp C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\123.0.6312.86_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ = "\"C:\\Program Files\\Google\\Chrome\\Application\\123.0.6312.86\\notification_helper.exe\"" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C2CD2E97-D564-407E-889D-4768268A6ACE}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\INPROCSERVER32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C2CD2E97-D564-407E-889D-4768268A6ACE}\InProcServer32\ = "C:\\Program Files (x86)\\Ashampoo\\Ashampoo WinOptimizer FREE\\WinOptimizerContextHandler64.dll" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{45495078-B36D-4865-A67B-45CD8742AA1B}\InprocServer32\ThreadingModel = "Apartment" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C2CD2E97-D564-407E-889D-4768268A6ACE}\InProcServer32 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{45495078-B36D-4865-A67B-45CD8742AA1B}\InprocServer32 C:\Windows\system32\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\INPROCSERVER32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{45495078-B36D-4865-A67B-45CD8742AA1B}\InprocServer32\ = "C:\\Program Files (x86)\\Ashampoo\\Ashampoo WinOptimizer FREE\\WinOptimizerContextHandler64.dll" C:\Windows\system32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ServerExecutable = "C:\\Program Files\\Google\\Chrome\\Application\\123.0.6312.86\\notification_helper.exe" C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates processes with tasklist

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "418496573" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\WOFREE.exe = "10001" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2609933658" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2608003688" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2609933658" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\WOFREE.exe = "10001" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{C669D680-EDED-11EE-BD29-520351CB3464} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31097338" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31097338" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\WOFREE.exe = "10" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801 C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2608003688" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\es-ES = "es-ES.1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION\WOFREE.exe = "1" C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19 C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133562044536508753" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography C:\Windows\system32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FE8-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\ = "{065E6FD1-1BF9-11D2-BAE8-00104B9E0792}" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1533A365-F76F-4518-8A56-4CD34547F8AB}\Control C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{916694A9-8AD6-11D2-B6FD-0060976C699F} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BD1-7DE6-11D0-91FE-00C04FD701A5}\TypeLib\Version = "2.0" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{972DE6C2-8B09-11D2-B652-A1FD6CC34260}\Programmable C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C247F21-8591-11D1-B16A-00C0F0283628}\ = "IImageList" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B0913410-3B44-11D1-ACBA-00C04FD97575}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B0913412-3B44-11D1-ACBA-00C04FD97575}\TypeLib C:\Windows\msagent\AgentSvr.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{159C2806-4A71-45B4-8D4E-74C181CD6842}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CA478DA1-3920-11D3-9DD0-8067E4A06603}\VersionIndependentProgID C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FEA-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32 C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E26DD3CD-B06C-47BA-9766-5F264B858E09}\Programmable C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6B976285-3692-11D0-9B8A-0000C0F04C96} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.aca C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE6-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{98BBE491-2EED-11D1-ACAC-00C04FD97575}\TypeLib C:\Windows\msagent\AgentSvr.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8DB2224E-D2FA-4B2E-8402-085EA7CC826B}\ = "_CCalendarVBPeriods" C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.cloudexperiencehost_cw5n1h2txyewy\Internet Settings\Cache\History\CacheVersion = "1" C:\Windows\system32\wwahost.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C89-7B81-11D0-AC5F-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}" C:\Windows\msagent\AgentSvr.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93CA0-7B81-11D0-AC5F-00C04FD97575} C:\Windows\msagent\AgentSvr.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WFlags = "0" C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1EFB6597-857C-11D1-B16A-00C0F0283628}\TypeLib C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Version\ = "2.0" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{28E4193C-F276-4568-BCDC-DD15D88FADCC}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{53FA8D42-2CDD-11D3-9DD0-D3CD4078982A}\TypeLib\Version = "1.0" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2C247F22-8591-11D1-B16A-00C0F0283628}\TypeLib C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE3-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{643F1352-1D07-11CE-9E52-0000C0554C0A}\ProxyStubClsid32 C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Agent.Control.2\CLSID\ = "{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F}" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA665-8594-11D1-B16A-00C0F0283628}\TypeLib\ = "{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FDC-1BF9-11D2-BAE8-00104B9E0792} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4043742-AC8D-4F86-88E9-F3FD3369DD8C}\TypeLib\Version = "1.4" C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BCDCB538-01C0-46D1-A6A7-52F4D021C272}\ = "IAppVersion" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D44-2CDD-11D3-9DD0-D3CD4078982A}\InprocServer32 C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}\TypeLib C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EB52CF7B-3917-11CE-80FB-0000C0C14E92}\ = "SSDateCombo Control" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C87-7B81-11D0-AC5F-00C04FD97575} C:\Windows\msagent\AgentSvr.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{28E4193C-F276-4568-BCDC-DD15D88FADCC} C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{322982E0-0855-11D3-9DCF-DDFB3AB09E18}\ = "IComMorph" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FDF-1BF9-11D2-BAE8-00104B9E0792}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0A45DB4B-BD0D-11D2-8D14-00104B9E072A} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4900F95-055F-11D4-8F9B-00104BA312D6}\ProxyStubClsid32 C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BF0-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FD165B0C-68F1-48EE-93B3-163F8595E80F}\TypeLib\Version = "1.0" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8DB2224E-D2FA-4B2E-8402-085EA7CC826B}\ = "_CCalendarVBPeriods" C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F08DF953-8592-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.0" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B8F2846E-CE36-11D0-AC83-00C04FD97575}\MiscStatus\1 C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5B25A8DC-1780-4178-A629-6BE8B8DEFAA2}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\ = "IComboItem" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FE0-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{643F1353-1D07-11CE-9E52-0000C0554C0A} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FD165B0C-68F1-48EE-93B3-163F8595E80F}\ = "IExtension" C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSWinsock.Winsock\ = "Microsoft WinSock Control, version 6.0" C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MSWinsock.Winsock\CLSID C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A45DB4F-BD0D-11D2-8D14-00104B9E072A}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BDD1F055-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32 C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A

Script User-Agent

Description Indicator Process Target
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\Installer\Launcher Setup 9.8.1.exe N/A
N/A N/A C:\Users\Admin\Downloads\Installer\Launcher Setup 9.8.1.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\SysWOW64\dialer.exe N/A
N/A N/A C:\Windows\SysWOW64\dialer.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\123.0.6312.86_chrome_installer.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\123.0.6312.86_chrome_installer.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\system32\wwahost.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe N/A
N/A N/A C:\Windows\msagent\AgentSvr.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
N/A N/A C:\Users\Admin\Downloads\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE N/A
N/A N/A C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
N/A N/A C:\Users\Admin\Downloads\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A
N/A N/A C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 452 wrote to memory of 1144 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe
PID 452 wrote to memory of 1144 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe
PID 452 wrote to memory of 1144 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe
PID 1144 wrote to memory of 780 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 780 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 780 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 3840 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 3840 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 3840 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 3840 wrote to memory of 3776 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3840 wrote to memory of 3776 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3840 wrote to memory of 4980 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3840 wrote to memory of 4980 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3840 wrote to memory of 1552 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3840 wrote to memory of 1552 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 1144 wrote to memory of 800 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 800 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 800 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 4068 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 4068 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 1144 wrote to memory of 4068 N/A C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4456 wrote to memory of 4324 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 2480 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 2480 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
PID 4324 wrote to memory of 3064 N/A C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\sihost.exe

sihost.exe

C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe

"C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe"

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={C6830189-A360-FBC6-9312-5F1B062152F9}&lang=es&browser=3&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regsvc

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regserver

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzIiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDlBQUFENTMtMDdGNS00MzE3LUFCM0MtMUQ4MUQxNzdEQ0Y5fSIgdXNlcmlkPSJ7RDAwODdFNUQtMEQzNS00RTI0LTgyNUMtREM0NUQ5MUIwQzU3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0FCMkYxMTBBLTIxMjEtNEU5Ni1CMDgyLTY0Q0Y4MkVGMTM4OH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7NDMwRkQ0RDAtQjcyOS00RjYxLUFBMzQtOTE1MjY0ODE3OTlEfSIgdmVyc2lvbj0iMS4zLjM2LjE1MSIgbmV4dHZlcnNpb249IjEuMy4zNi4zNzIiIGxhbmc9ImVzIiBicmFuZD0iIiBjbGllbnQ9IiIgaWlkPSJ7QzY4MzAxODktQTM2MC1GQkM2LTkzMTItNUYxQjA2MjE1MkY5fSI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSI3OTciLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /handoff "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={C6830189-A360-FBC6-9312-5F1B062152F9}&lang=es&browser=3&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty" /installsource taggedmi /sessionid "{49AAAD53-07F5-4317-AB3C-1D81D177DCF9}"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.0.1436390870\640247757" -parentBuildID 20221007134813 -prefsHandle 1900 -prefMapHandle 1892 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4da22e01-2027-4d43-8daf-32f77f9f46f9} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 1980 1d598307858 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.1.1006865611\2086108370" -parentBuildID 20221007134813 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3cdea423-1b92-469c-8581-359153e5a0ef} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 2380 1d58a96fe58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.2.1327515202\1158941635" -childID 1 -isForBrowser -prefsHandle 3084 -prefMapHandle 3164 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd8e4a29-0592-4e4f-b952-17f10de4da4b} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 3420 1d59b1faa58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.3.897562940\343914468" -childID 2 -isForBrowser -prefsHandle 3264 -prefMapHandle 2964 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ce0fbe54-b0e3-45c6-8b78-9133fa883da6} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 3004 1d58a970d58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.4.1849676028\765006844" -childID 3 -isForBrowser -prefsHandle 4344 -prefMapHandle 4516 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9f6b0a9-46f4-485b-a50d-bbad47724a97} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 4524 1d598309958 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.5.1622067602\800123562" -childID 4 -isForBrowser -prefsHandle 5060 -prefMapHandle 5056 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7327a9bc-148f-4faa-9d08-20b60ab950b7} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 5068 1d59d393758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.6.2057398627\1291160730" -childID 5 -isForBrowser -prefsHandle 5156 -prefMapHandle 5160 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7a4388d5-489f-483f-b6ba-2821dd9979df} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 5124 1d59dc95f58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.7.1957588313\1788334970" -childID 6 -isForBrowser -prefsHandle 5332 -prefMapHandle 5336 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {30c41493-6bac-4d63-a221-1870bf1c7d5a} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 5416 1d59dc93b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4324.8.275926163\1637060867" -childID 7 -isForBrowser -prefsHandle 5160 -prefMapHandle 5804 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1420 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {93bdf5dc-baea-4d1e-bfd0-6b793ece301b} 4324 "\\.\pipe\gecko-crash-server-pipe.4324" 2852 1d59f2d0d58 tab

C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\123.0.6312.86_chrome_installer.exe

"C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\123.0.6312.86_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --channel=stable --system-level /installerdata="C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\guiA1EF.tmp"

C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --system-level /installerdata="C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\guiA1EF.tmp"

C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff7060a4698,0x7ff7060a46a4,0x7ff7060a46b0

C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe" --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{137795BF-821D-4E0D-B826-014C2247E859}\CR_489E6.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff7060a4698,0x7ff7060a46a4,0x7ff7060a46b0

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzIiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDlBQUFENTMtMDdGNS00MzE3LUFCM0MtMUQ4MUQxNzdEQ0Y5fSIgdXNlcmlkPSJ7RDAwODdFNUQtMEQzNS00RTI0LTgyNUMtREM0NUQ5MUIwQzU3fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezAyM0VGQzE5LTZCQTUtNDE2OC05QUQ2LTVGQjRGNzgzNUQ5Nn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNDLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuNjMxMi44NiIgYXA9Ing2NC1zdGFibGUtc3RhdHNkZWZfMSIgbGFuZz0iZXMiIGJyYW5kPSIiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxMDUiIGlpZD0ie0M2ODMwMTg5LUEzNjAtRkJDNi05MzEyLTVGMUIwNjIxNTJGOX0iIGNvaG9ydD0iMTpndS9pMTk6IiBjb2hvcnRuYW1lPSJTdGFibGUgSW5zdGFsbHMgJmFtcDsgVmVyc2lvbiBQaW5zIj48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL2VkZ2VkbC5tZS5ndnQxLmNvbS9lZGdlZGwvcmVsZWFzZTIvY2hyb21lL2NraW12Z2d3ZXE1NGp5dmphM2l4cXBsZ2ptXzEyMy4wLjYzMTIuODYvMTIzLjAuNjMxMi44Nl9jaHJvbWVfaW5zdGFsbGVyLmV4ZSIgZG93bmxvYWRlZD0iMTE0MjMxMzQ0IiB0b3RhbD0iMTE0MjMxMzQ0IiBkb3dubG9hZF90aW1lX21zPSIxMTA2MSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzA3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNTYyIiBkb3dubG9hZF90aW1lX21zPSIxMzA4MyIgZG93bmxvYWRlZD0iMTE0MjMxMzQ0IiB0b3RhbD0iMTE0MjMxMzQ0IiBpbnN0YWxsX3RpbWVfbXM9IjMwNzkxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe" -Embedding

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ondemand

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --from-installer

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffddbacc40,0x7fffddbacc4c,0x7fffddbacc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2056,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1812,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2096,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=2304 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=3216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4232,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4364 /prefetch:2

C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4724,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4532 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4992,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5008 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5192,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5084 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5320,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5180 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5180,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5932,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3328,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5284,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4360 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4408,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5196,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=1112 /prefetch:1

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc050593ehedd5h4ee0hbfcdhad0392b0aa37

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7fffde0d46f8,0x7fffde0d4708,0x7fffde0d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,12804170817533705456,15826968004757712488,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,12804170817533705456,15826968004757712488,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,12804170817533705456,15826968004757712488,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\wwahost.exe

"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault8367a15bhceb2h4e1aha6e3h3520b4ee336a

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffde0d46f8,0x7fffde0d4708,0x7fffde0d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,15147556346733588133,6990966216422196188,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,15147556346733588133,6990966216422196188,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,15147556346733588133,6990966216422196188,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2992 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=2128,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4384,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5636,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5544,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=3348 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5396,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6164 /prefetch:1

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /cr

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6496,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=968,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6304,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6192 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5000,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:1

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5724,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6492,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6268,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3388,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=3252,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6668,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=4644 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6656,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6032,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6708 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5268,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5288,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5292,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6192,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6644,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6204,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6540 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5688,i,12171815756017111832,5083369624783327946,262144 --variations-seed-version --mojo-platform-channel-handle=6216 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Installer\" -spe -an -ai#7zMap10613:80:7zEvent6962

C:\Users\Admin\Downloads\Installer\Launcher Setup 9.8.1.exe

"C:\Users\Admin\Downloads\Installer\Launcher Setup 9.8.1.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Launcher.exe" | %SYSTEMROOT%\System32\find.exe "Launcher.exe"

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Launcher.exe"

C:\Windows\SysWOW64\find.exe

C:\Windows\System32\find.exe "Launcher.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1728,i,14832040000131787868,11587708512690551499,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --mojo-platform-channel-handle=2092 --field-trial-handle=1728,i,14832040000131787868,11587708512690551499,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --app-path="C:\Users\Admin\AppData\Local\Programs\Launcher\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=es --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2428 --field-trial-handle=1728,i,14832040000131787868,11587708512690551499,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "Launcher5.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher5.exe

Launcher5.exe

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.0.1789591418\2014394800" -parentBuildID 20221007134813 -prefsHandle 1912 -prefMapHandle 1904 -prefsLen 21138 -prefMapSize 233496 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd99f1ef-9f89-4358-a651-3b2de1465c36} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 1988 2f0f99bf158 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.1.643386543\2068887701" -parentBuildID 20221007134813 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 21174 -prefMapSize 233496 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {769c572e-f209-4201-afe3-8fe8ce68b12f} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 2380 2f0ece6fb58 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.2.956868734\496011274" -childID 1 -isForBrowser -prefsHandle 3168 -prefMapHandle 3320 -prefsLen 21277 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2e226593-37b2-4d7f-9f7e-b13d8e558ac9} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 3172 2f0fd8aba58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.3.445771197\1034646302" -childID 2 -isForBrowser -prefsHandle 3600 -prefMapHandle 3596 -prefsLen 26455 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc716d52-edd8-4a70-916c-2b5995b963d7} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 3612 2f0ece67558 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.4.2122691812\1616059438" -childID 3 -isForBrowser -prefsHandle 2976 -prefMapHandle 3732 -prefsLen 26455 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5ddda587-b121-417f-9736-9a067c3b701d} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 3596 2f0fe73ec58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.5.1398068720\653714070" -childID 4 -isForBrowser -prefsHandle 5116 -prefMapHandle 5092 -prefsLen 26514 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ae5a02d6-9026-49ef-b729-224d61237f5a} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 4892 2f0f99c1b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.6.1934394949\1344715081" -childID 5 -isForBrowser -prefsHandle 5232 -prefMapHandle 5236 -prefsLen 26514 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5127d786-0e0c-4fe0-8c3c-d8ba4f1220ad} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 5220 2f0fff9cc58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.7.1008384865\1002437641" -childID 6 -isForBrowser -prefsHandle 5436 -prefMapHandle 5440 -prefsLen 26514 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b978668-bbd6-46ca-9a5c-294e839822bd} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 5520 2f100354b58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="6548.8.1979343430\223176787" -childID 7 -isForBrowser -prefsHandle 5880 -prefMapHandle 5904 -prefsLen 26514 -prefMapSize 233496 -jsInitHandle 1492 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0af7e69-3f1e-49b4-9ee3-51a40de8c344} 6548 "\\.\pipe\gecko-crash-server-pipe.6548" 5928 2f0fff9db58 tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fffddbacc40,0x7fffddbacc4c,0x7fffddbacc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1996,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2100,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=2300 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3276,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4624,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4612 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "C:\Users\Admin\AppData\Local\Temp\Launcher2.exe"

C:\Users\Admin\AppData\Local\Temp\Launcher2.exe

C:\Users\Admin\AppData\Local\Temp\Launcher2.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4460,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4856 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4824,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3184,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4432 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3380,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4396 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4388,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5532,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5720,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5416 /prefetch:1

C:\Windows\SysWOW64\dialer.exe

"C:\Windows\system32\dialer.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 4668 -ip 4668

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4668 -s 608

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 4668 -ip 4668

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4668 -s 604

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4032,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5976,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5432 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3368,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5852,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5944 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6140,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5820 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5824,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5432 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5436,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6060 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6040,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6056,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5916 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5900,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6008,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3580 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5300,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6108,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5820 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6128,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5884,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5416,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5712,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5952 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=5504,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=3560,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5784 /prefetch:1

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1368 --field-trial-handle=1728,i,14832040000131787868,11587708512690551499,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5788,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5164 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3572,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5984 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6288,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6336 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Bon\" -spe -an -ai#7zMap25595:68:7zEvent10293

C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe

"C:\Users\Admin\Downloads\Bon\BonziBuddy432.exe"

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "

C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE

MSAGENT.EXE

C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe

tv_enua.exe

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentSR.dll"

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"

C:\Windows\msagent\AgentSvr.exe

"C:\Windows\msagent\AgentSvr.exe" /regserver

C:\Windows\SysWOW64\grpconv.exe

grpconv.exe -o

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll

C:\Windows\SysWOW64\regsvr32.exe

regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll

C:\Windows\SysWOW64\grpconv.exe

grpconv.exe -o

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6084,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6088,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6344,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6316 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=4892,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6348,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=5276,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5784,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5848,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5264 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=6360,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=5612,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6548,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6532 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6764,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6768 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5228,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6468 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6688,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6892 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=6772,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=6908,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=6696,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6892,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=6952,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=4560,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4752 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=5660,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7204,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=7352,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7336 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x300 0x41c

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=6824,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=7512,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7320 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=7624,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7640 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=8100,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=8116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8184,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7948 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8088,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7804 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6580,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7664 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7840,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=6432,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7004 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=7568,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7556 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=7136,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=8084 /prefetch:1

C:\Users\Admin\Downloads\ashampoo_winoptimizer_free_32309.exe

"C:\Users\Admin\Downloads\ashampoo_winoptimizer_free_32309.exe"

C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp

"C:\Users\Admin\AppData\Local\Temp\is-IAQ3U.tmp\ashampoo_winoptimizer_free_32309.tmp" /SL5="$40476,24908100,413696,C:\Users\Admin\Downloads\ashampoo_winoptimizer_free_32309.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=7112,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=8068 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=3500,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5508 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=3384,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7800 /prefetch:1

C:\Windows\system32\regsvr32.exe

"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WinOptimizerContextHandler64.dll"

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe" -SETUPCONTEXT

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://linktarget.ashampoo.com/linktarget/?target=regpop_quickstart&product=5806&edition=eid=32309

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x40,0x120,0x124,0xfc,0x128,0x7fffde0d46f8,0x7fffde0d4708,0x7fffde0d4718

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=8216,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=7008,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,11604728651022542496,12326121147653561145,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=5204,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=5180,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5084 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4884 -ip 4884

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4884 -s 1632

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=6576,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=3484,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4396 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=6436,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5452,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5564,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6148 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6392,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7872 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7288,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6896 /prefetch:8

C:\Users\Admin\Downloads\CCSetup.exe

"C:\Users\Admin\Downloads\CCSetup.exe"

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe /q"C:\Users\Admin\Downloads\CCSetup.exe" /tempdisk1folder"C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}" /IS_temp

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 530E1E7FF3290A2A36E5C1B2179C40AE C

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{35364184-1B78-43A4-BC0F-0021AD1122B1}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{005254FE-AA3A-4823-8D8D-B4B7E7830603}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{E90DAA64-E49C-4A12-BED0-CA7B7F990AFF}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{994DA0EE-7EAB-47A8-BF15-74F30A77C3EC}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{8E01E1E0-E5A4-483A-8A8A-9E3B1A4031F9}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{F10A8717-5F75-45C5-ABC4-EAE211D0321D}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{7A9352C8-795C-4FC5-A3A6-3244D28D56E4}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{194C4A47-2D64-4BE2-8854-287CEAB44AF1}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{95B4DDB9-9A0A-4356-9730-D358B3F54FB8}

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{18F7FE7A-8D31-44E5-8B1A-80981E3B07D1}

C:\Windows\SysWOW64\CMD.EXE

CMD.EXE /C driverquery /v >C:\Users\Admin\AppData\Local\Temp\drivers.txt

C:\Windows\SysWOW64\driverquery.exe

driverquery /v

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\69097fc396684ddea5ad554bbf380c7f /t 6160 /p 6280

C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE

"C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE"

C:\Windows\msagent\AgentSvr.exe

C:\Windows\msagent\AgentSvr.exe -Embedding

C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE

"C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE"

C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE

"C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE"

C:\Program Files (x86)\Internet Explorer\ielowutil.exe

"C:\Program Files (x86)\Internet Explorer\ielowutil.exe" -CLSID:{0002DF01-0000-0000-C000-000000000046} -Embedding

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5720 CREDAT:17410 /prefetch:2

C:\Windows\SysWOW64\rundll32.exe

rundll32.exe shell32.dll,Control_RunDLL speech.cpl,,0

C:\Windows\system32\RunDll32.exe

C:\Windows\system32\RunDll32.exe Shell32.dll,Control_RunDLL speech.cpl,,0

C:\Users\Admin\Downloads\CCSetup.exe

"C:\Users\Admin\Downloads\CCSetup.exe"

C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe

C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\CCSetup.exe /q"C:\Users\Admin\Downloads\CCSetup.exe" /tempdisk1folder"C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}" /IS_temp

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 1A3C444C1C18529C4178ACD57C615781 C

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{8A202113-41C2-4360-9F80-3039971D7C54}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{4B450D02-2A6C-4863-81B5-C83695049F4F}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{99E41923-C421-4460-A359-69650A1D6B3B}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{CB5BF955-6ABA-4A9E-BEB4-8F2532C44551}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{5577437C-12FB-4643-83FB-1218279D28A6}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{6DE6124C-3934-409F-9225-959AD5A86748}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{34ADF852-EA69-427A-8141-777F51F9DAEC}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{E4025289-8D2C-4EAB-B4BA-CFC47E1B0BF3}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{2F86C67E-FA31-48C8-98C9-DCBF9BD2215D}

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe

C:\Users\Admin\AppData\Local\Temp\{37DAADBB-7C70-48FA-8AA9-3CBD5C947EB8}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{14AF0B3B-1F44-4203-9947-F34F9776F927}

C:\Windows\SysWOW64\CMD.EXE

CMD.EXE /C driverquery /v >C:\Users\Admin\AppData\Local\Temp\drivers.txt

C:\Windows\SysWOW64\driverquery.exe

driverquery /v

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\b4b824b8c9f444acbcdd1cf701115f3b /t 4972 /p 3920

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=4980,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5620 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=3320,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7684,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=8320,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=7356,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=7484,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5748 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=6384,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5500,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7184 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4076,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4396 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7908,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3340,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4600,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4852 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5236,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5672 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5576,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5068 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7088,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7300 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8084,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5552 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=4896,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=860 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6964,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7824 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6152,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6404 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=5780,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=6460,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=5100,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=6572,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6556 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=5076,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5208,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5656 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6752,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5664,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5596 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3432,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5044 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5732,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7764 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5828,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5968,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7528 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5188,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=8076 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7140,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6264 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7124,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5560 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=7040,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5264 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5048,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7956 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3416,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3532,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6700 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7224,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6660 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=5672,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=4540,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=5144,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=5888,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4668 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=5388,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=3580 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=7820,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=7200,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=3556,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=5580,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7500 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=5608,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7856 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --field-trial-handle=5256,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --field-trial-handle=7724,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=6944,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6748 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --field-trial-handle=6264,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6112 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --field-trial-handle=5224,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6364 /prefetch:1

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3964 -ip 3964

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3964 -s 2604

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 4536 -ip 4536

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4536 -s 2828

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --field-trial-handle=6168,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=3488,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --field-trial-handle=6184,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --field-trial-handle=1304,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=4652 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --field-trial-handle=7048,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=6540,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6720 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --field-trial-handle=4648,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=8060 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --field-trial-handle=7004,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --field-trial-handle=6120,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --field-trial-handle=5088,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --field-trial-handle=7952,i,15498687836622885230,12211767926896673473,262144 --variations-seed-version=20240329-050117.650000 --mojo-platform-channel-handle=7892 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 41.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
DE 142.250.186.35:443 update.googleapis.com tcp
US 8.8.8.8:53 35.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 35.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
N/A 127.0.0.1:56896 tcp
N/A 127.0.0.1:56903 tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 shavar.services.mozilla.com udp
US 8.8.8.8:53 firefox.settings.services.mozilla.com udp
US 52.10.78.57:443 shavar.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.149.100.209:443 firefox.settings.services.mozilla.com tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 57.78.10.52.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 68.186.250.142.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 67.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 232.135.221.88.in-addr.arpa udp
DE 142.250.186.35:443 update.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
US 8.8.8.8:53 131.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.133.125.74.in-addr.arpa udp
US 8.8.8.8:53 42.186.250.142.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 33.206.58.216.in-addr.arpa udp
DE 142.250.186.35:443 update.googleapis.com udp
US 8.8.8.8:53 202.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 142.250.185.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 106.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 apis.google.com udp
DE 142.250.185.174:443 apis.google.com tcp
US 8.8.8.8:53 78.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 174.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 4.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 185.199.108.133:443 repository-images.githubusercontent.com tcp
US 185.199.108.133:443 repository-images.githubusercontent.com tcp
DE 142.250.185.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
GB 96.16.110.41:443 tcp
SE 192.229.221.95:80 tcp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
DE 142.250.185.106:443 content-autofill.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 163.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 169.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
DE 140.82.121.6:443 api.github.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 104.86.110.121:443 www.bing.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 121.110.86.104.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 3.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 www.linkedin.com udp
US 13.107.42.14:443 www.linkedin.com tcp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 static.licdn.com udp
GB 2.18.66.8:443 static.licdn.com tcp
GB 2.18.66.8:443 static.licdn.com tcp
DE 142.250.185.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 8.66.18.2.in-addr.arpa udp
GB 2.18.66.8:443 static.licdn.com tcp
US 8.8.8.8:53 platform.linkedin.com udp
GB 2.18.66.8:443 platform.linkedin.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
US 8.8.8.8:53 ps.azurewaf.microsoft.com udp
US 13.107.246.64:443 ps.azurewaf.microsoft.com tcp
US 8.8.8.8:53 stun.l.google.com udp
US 8.8.8.8:53 stun.l.google.com udp
BE 74.125.133.84:443 accounts.google.com udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 74.125.250.129:19302 stun.l.google.com udp
US 74.125.250.129:19302 stun.l.google.com udp
US 74.125.250.129:19302 stun.l.google.com udp
US 74.125.250.129:19302 stun.l.google.com udp
US 74.125.250.129:19302 stun.l.google.com udp
US 74.125.250.129:19302 stun.l.google.com udp
US 8.8.8.8:53 129.250.125.74.in-addr.arpa udp
DE 142.250.181.238:443 lens.google.com tcp
US 8.8.8.8:53 238.181.250.142.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 clients2.google.com udp
DE 172.217.23.110:443 clients2.google.com tcp
US 8.8.8.8:53 110.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com udp
US 8.8.8.8:53 142.185.250.142.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 id.google.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
DE 142.250.181.227:443 id.google.com tcp
US 8.8.8.8:53 locate.measurementlab.net udp
DE 142.250.185.211:443 locate.measurementlab.net tcp
US 8.8.8.8:53 227.181.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 211.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 speedtest.net udp
US 151.101.66.219:443 speedtest.net tcp
US 151.101.66.219:443 speedtest.net tcp
US 8.8.8.8:53 www.speedtest.net udp
US 104.18.202.232:443 www.speedtest.net tcp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 b.cdnst.net udp
GB 88.221.120.198:443 cdn.ziffstatic.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 88.221.120.198:443 cdn.ziffstatic.com udp
DE 13.224.185.120:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 219.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 232.202.18.104.in-addr.arpa udp
US 8.8.8.8:53 198.120.221.88.in-addr.arpa udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
DE 13.224.185.120:443 c.amazon-adsystem.com tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 cdn.static.zdbb.net udp
DE 142.250.185.106:443 content-autofill.googleapis.com tcp
GB 92.123.26.89:443 cdn.static.zdbb.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 zdbb.net udp
US 8.8.8.8:53 gurgle.speedtest.net udp
IE 63.32.7.186:443 zdbb.net tcp
US 52.206.26.50:443 gurgle.speedtest.net tcp
US 8.8.8.8:53 120.185.224.13.in-addr.arpa udp
US 8.8.8.8:53 232.181.250.142.in-addr.arpa udp
US 8.8.8.8:53 52.177.19.104.in-addr.arpa udp
US 8.8.8.8:53 34.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 89.26.123.92.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedlon.hyperoptic.com udp
US 8.8.8.8:53 speedtest.upp.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 lon.host.speedtest.net.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.noone.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 lg-lon.fdcservers.net udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 95.87.111.214:8080 lon.host.speedtest.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 188.94.45.252:8080 speedtest.noone.co.uk.prod.hosts.ooklaserver.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 52.206.26.50:443 gurgle.zdbb.net tcp
US 8.8.8.8:53 186.7.32.63.in-addr.arpa udp
US 8.8.8.8:53 50.26.206.52.in-addr.arpa udp
US 8.8.8.8:53 6.112.37.152.in-addr.arpa udp
US 8.8.8.8:53 45.46.92.45.in-addr.arpa udp
US 8.8.8.8:53 252.101.10.45.in-addr.arpa udp
US 8.8.8.8:53 19.26.3.193.in-addr.arpa udp
US 8.8.8.8:53 21.82.148.51.in-addr.arpa udp
US 8.8.8.8:53 214.111.87.95.in-addr.arpa udp
US 8.8.8.8:53 17.12.22.31.in-addr.arpa udp
US 8.8.8.8:53 4.152.7.50.in-addr.arpa udp
US 8.8.8.8:53 252.45.94.188.in-addr.arpa udp
US 8.8.8.8:53 1.8.82.185.in-addr.arpa udp
DE 142.250.181.227:443 id.google.com udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
IE 52.212.47.102:443 secure-us.imrworldwide.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 142.250.185.227:443 www.google.co.uk tcp
BE 64.233.184.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
DE 13.32.121.49:443 cdn-gl.imrworldwide.com tcp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 bee.imrworldwide.com udp
IE 52.212.47.102:443 secure-us.imrworldwide.com tcp
DE 18.245.60.110:443 bee.imrworldwide.com tcp
US 151.101.2.219:443 b.cdnst.net tcp
DE 13.32.121.49:443 cdn-gl.imrworldwide.com tcp
US 8.8.8.8:53 102.47.212.52.in-addr.arpa udp
US 8.8.8.8:53 227.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 155.184.233.64.in-addr.arpa udp
US 8.8.8.8:53 110.60.245.18.in-addr.arpa udp
US 8.8.8.8:53 49.121.32.13.in-addr.arpa udp
US 8.8.8.8:53 219.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 0nmdfulhqi7ffoui8sor12hignkqc1711731149.nuid.imrworldwide.com udp
US 18.172.112.110:443 0nmdfulhqi7ffoui8sor12hignkqc1711731149.nuid.imrworldwide.com tcp
US 8.8.8.8:53 110.112.172.18.in-addr.arpa udp
US 13.107.42.14:443 www.linkedin.com tcp
US 8.8.8.8:53 jogger.zdbb.net udp
US 8.8.8.8:53 tags.bkrtx.com udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 142.250.185.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 234.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
DE 142.250.186.163:443 www.recaptcha.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 recaptcha.net udp
NL 216.58.206.67:443 recaptcha.net tcp
US 8.8.8.8:53 67.206.58.216.in-addr.arpa udp
NL 216.58.206.67:443 recaptcha.net tcp
DE 142.250.185.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 202.185.250.142.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com tcp
NL 216.58.206.67:443 recaptcha.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
DE 140.82.121.6:443 api.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.185.227:443 www.google.co.uk tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 redirector.gvt1.com udp
DE 172.217.18.14:443 redirector.gvt1.com tcp
US 8.8.8.8:53 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com tcp
US 8.8.8.8:53 r2---sn-aigl6ns6.gvt1.com udp
GB 74.125.105.7:443 r2---sn-aigl6ns6.gvt1.com udp
GB 74.125.105.7:443 r2---sn-aigl6ns6.gvt1.com tcp
US 8.8.8.8:53 14.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 154.49.35.195.in-addr.arpa udp
US 8.8.8.8:53 7.105.125.74.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 wegy782g3t.pythonanywhere.com udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 35.173.69.207:443 wegy782g3t.pythonanywhere.com tcp
FR 195.35.49.154:443 swapinclick.com udp
US 8.8.8.8:53 207.69.173.35.in-addr.arpa udp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:443 dns.google udp
FR 195.35.49.154:443 swapinclick.com udp
N/A 127.0.0.1:60610 tcp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.237.239:443 contile.services.mozilla.com tcp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.149.100.209:443 prod.remote-settings.prod.webservices.mozgcp.net tcp
US 8.8.8.8:53 autopush.prod.mozaws.net udp
US 34.107.243.93:443 autopush.prod.mozaws.net tcp
US 8.8.8.8:53 content-signature-2.cdn.mozilla.net udp
US 34.160.144.191:443 content-signature-2.cdn.mozilla.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:60616 tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com tcp
US 35.173.69.207:443 wegy782g3t.pythonanywhere.com tcp
US 8.8.8.8:53 accounts.google.com udp
BE 74.125.133.84:443 accounts.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
US 8.8.8.8:53 i.ytimg.com udp
DE 142.250.184.214:443 i.ytimg.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
US 8.8.8.8:53 bonzi.link udp
FR 151.106.4.82:443 bonzi.link tcp
US 8.8.8.8:53 www.youtube.com udp
FR 151.106.4.82:443 bonzi.link tcp
US 8.8.8.8:53 214.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 82.4.106.151.in-addr.arpa udp
FR 151.106.4.82:443 bonzi.link udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 d36ee2fcip1434.cloudfront.net udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 142.250.185.174:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 162.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.23.217.172.in-addr.arpa udp
DE 142.250.185.174:443 fundingchoicesmessages.google.com udp
DE 142.250.185.174:443 fundingchoicesmessages.google.com udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
DE 142.250.186.65:443 tpc.googlesyndication.com udp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 csi.gstatic.com udp
CH 172.217.168.3:443 csi.gstatic.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 ib.adnxs.com udp
FR 151.106.4.82:80 bonzi.link tcp
DE 216.58.212.162:443 cm.g.doubleclick.net tcp
DE 216.58.212.162:443 cm.g.doubleclick.net tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
FR 151.106.4.82:80 bonzi.link tcp
US 8.8.8.8:53 s0.2mdn.net udp
DE 37.252.171.85:443 ib.adnxs.com tcp
DE 142.250.186.134:443 s0.2mdn.net tcp
US 8.8.8.8:53 65.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 194.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 162.212.58.216.in-addr.arpa udp
US 104.18.36.155:443 dsum-sec.casalemedia.com udp
DE 216.58.212.162:443 cm.g.doubleclick.net udp
DE 142.250.186.134:443 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
DE 172.217.18.2:443 googleads4.g.doubleclick.net tcp
US 8.8.8.8:53 use.typekit.net udp
GB 104.86.110.146:443 use.typekit.net tcp
US 8.8.8.8:53 p.typekit.net udp
GB 104.86.110.161:443 p.typekit.net tcp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 134.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 146.110.86.104.in-addr.arpa udp
GB 104.86.110.146:443 use.typekit.net tcp
DE 172.217.18.2:443 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 161.110.86.104.in-addr.arpa udp
US 8.8.8.8:53 ade.googlesyndication.com udp
DE 142.250.186.162:443 ade.googlesyndication.com tcp
US 8.8.8.8:53 162.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
DE 142.250.186.106:443 translate.googleapis.com tcp
DE 142.250.186.162:443 ade.googlesyndication.com udp
US 8.8.8.8:53 106.186.250.142.in-addr.arpa udp
FR 151.106.4.82:80 bonzi.link tcp
FR 151.106.4.82:80 bonzi.link tcp
DE 142.250.186.35:443 update.googleapis.com tcp
DE 142.250.186.162:443 ade.googlesyndication.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
FR 195.35.49.154:443 swapinclick.com udp
US 8.8.8.8:53 clients2.google.com udp
DE 172.217.23.110:443 clients2.google.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c75.gcp.gvt2.com udp
QA 34.1.37.11:443 e2c75.gcp.gvt2.com tcp
US 8.8.8.8:53 11.37.1.34.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
DE 172.217.18.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 e2c62.gcp.gvt2.com udp
QA 34.18.10.222:443 e2c62.gcp.gvt2.com tcp
US 8.8.8.8:53 99.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 222.10.18.34.in-addr.arpa udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.34.117:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 117.34.239.216.in-addr.arpa udp
DE 142.250.186.35:443 update.googleapis.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
DE 172.217.23.110:443 clients2.google.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
FR 195.35.49.154:443 swapinclick.com udp
DE 142.250.186.162:443 ade.googlesyndication.com udp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
DE 142.250.186.68:443 www.google.com udp
CH 172.217.168.3:443 csi.gstatic.com udp
US 8.8.8.8:53 66.206.58.216.in-addr.arpa udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 i.ytimg.com udp
DE 142.250.184.214:443 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
NL 216.58.206.70:443 static.doubleclick.net tcp
NL 216.58.206.74:443 jnn-pa.googleapis.com tcp
NL 216.58.206.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 70.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.206.58.216.in-addr.arpa udp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 www.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 img.ashampoo.com udp
US 8.8.8.8:53 sih.ashampoo.com udp
US 8.8.8.8:53 static.zdassets.com udp
US 104.18.72.113:443 static.zdassets.com tcp
DE 108.138.26.89:443 sih.ashampoo.com tcp
DE 108.138.26.89:443 sih.ashampoo.com tcp
DE 108.138.26.89:443 sih.ashampoo.com tcp
US 8.8.8.8:53 74.209.197.18.in-addr.arpa udp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
US 8.8.8.8:53 ekr.zdassets.com udp
US 8.8.8.8:53 app.usercentrics.eu udp
US 8.8.8.8:53 widget.trustpilot.com udp
US 35.190.14.188:443 app.usercentrics.eu tcp
US 104.18.70.113:443 ekr.zdassets.com tcp
DE 52.222.236.107:443 widget.trustpilot.com tcp
DE 142.250.185.234:443 jnn-pa.googleapis.com tcp
US 35.190.14.188:443 app.usercentrics.eu udp
DE 52.222.236.107:443 widget.trustpilot.com tcp
DE 52.222.236.107:443 widget.trustpilot.com tcp
US 8.8.8.8:53 api.usercentrics.eu udp
US 35.241.3.184:443 api.usercentrics.eu tcp
US 8.8.8.8:53 ashampoo.zendesk.com udp
US 8.8.8.8:53 113.72.18.104.in-addr.arpa udp
US 8.8.8.8:53 89.26.138.108.in-addr.arpa udp
US 8.8.8.8:53 92.122.66.18.in-addr.arpa udp
US 8.8.8.8:53 113.70.18.104.in-addr.arpa udp
US 8.8.8.8:53 188.14.190.35.in-addr.arpa udp
US 8.8.8.8:53 107.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 184.3.241.35.in-addr.arpa udp
US 104.16.53.111:443 ashampoo.zendesk.com tcp
US 35.241.3.184:443 api.usercentrics.eu udp
US 35.190.14.188:443 app.usercentrics.eu tcp
US 35.190.14.188:443 app.usercentrics.eu udp
US 8.8.8.8:53 consent-api.service.consent.usercentrics.eu udp
US 8.8.8.8:53 dynamic.criteo.com udp
US 8.8.8.8:53 ashampoo.slgnt.eu udp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 amplify.outbrain.com udp
US 8.8.8.8:53 targetemsecure.blob.core.windows.net udp
US 8.8.8.8:53 www.mczbf.com udp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu tcp
US 104.17.121.18:443 ashampoo.slgnt.eu tcp
US 151.101.1.140:443 www.redditstatic.com tcp
NL 178.250.1.13:443 dynamic.criteo.com tcp
GB 157.240.221.16:443 connect.facebook.net tcp
NL 20.38.109.68:443 targetemsecure.blob.core.windows.net tcp
US 13.224.189.82:443 www.mczbf.com tcp
GB 96.16.109.182:443 amplify.outbrain.com tcp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 64.233.184.155:443 stats.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 142.250.185.227:443 www.google.co.uk tcp
US 8.8.8.8:53 111.53.16.104.in-addr.arpa udp
US 8.8.8.8:53 240.111.201.35.in-addr.arpa udp
US 8.8.8.8:53 18.121.17.104.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 13.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 98.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 68.109.38.20.in-addr.arpa udp
US 8.8.8.8:53 182.109.16.96.in-addr.arpa udp
US 8.8.8.8:53 82.189.224.13.in-addr.arpa udp
US 8.8.8.8:53 gtm.ashampoo.com udp
GB 157.240.221.16:443 connect.facebook.net udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 216.239.32.21:443 gtm.ashampoo.com tcp
US 216.239.32.21:443 gtm.ashampoo.com tcp
US 8.8.8.8:53 tr.outbrain.com udp
US 8.8.8.8:53 wave.outbrain.com udp
US 8.8.8.8:53 alb.reddit.com udp
US 13.224.189.82:443 www.mczbf.com tcp
US 8.8.8.8:53 gum.criteo.com udp
US 151.101.1.140:443 alb.reddit.com tcp
US 50.31.142.63:443 tr.outbrain.com tcp
US 50.31.142.63:443 tr.outbrain.com tcp
GB 96.16.109.182:443 wave.outbrain.com tcp
DE 142.250.186.68:443 www.google.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 142.250.185.227:443 www.google.co.uk udp
BE 64.233.184.155:443 stats.g.doubleclick.net udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 sslwidget.criteo.com udp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 8.8.8.8:53 graphql.usercentrics.eu udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 34.120.238.166:443 graphql.usercentrics.eu tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 34.120.238.166:443 graphql.usercentrics.eu udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 63.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 166.238.120.34.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 analytics.data.ashampoo.com udp
US 50.31.142.63:443 tr.outbrain.com tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
DE 18.192.234.92:443 analytics.data.ashampoo.com tcp
GB 157.240.221.35:443 www.facebook.com udp
DE 216.58.212.162:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 contextual.media.net udp
DE 37.252.171.85:443 ib.adnxs.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 sync-t1.taboola.com udp
US 8.8.8.8:53 criteo-sync.teads.tv udp
DE 18.192.234.92:443 analytics.data.ashampoo.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
NL 213.19.162.90:443 pixel.rubiconproject.com tcp
GB 104.78.177.107:443 criteo-sync.teads.tv tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
GB 104.78.176.27:443 contextual.media.net tcp
NL 141.226.228.48:443 sync-t1.taboola.com tcp
FR 5.135.209.104:443 rtb-csync.smartadserver.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 hb.yahoo.net udp
GB 88.221.134.41:443 hb.yahoo.net tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 r.casalemedia.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ad.360yield.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 matching.ivitrack.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
DK 37.157.5.132:443 cm.adform.net tcp
US 104.18.36.155:443 r.casalemedia.com tcp
IE 108.128.36.135:443 ad.360yield.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
US 34.117.157.22:443 matching.ivitrack.com tcp
US 8.8.8.8:53 exchange.mediavine.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
DE 52.29.130.32:443 exchange.mediavine.com tcp
IE 52.17.239.25:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 sync.outbrain.com udp
US 8.8.8.8:53 simage2.pubmatic.com udp
IE 52.17.202.44:443 dpm.demdex.net tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 criteo-partners.tremorhub.com udp
US 8.8.8.8:53 ad.yieldlab.net udp
US 64.74.236.159:443 sync.outbrain.com tcp
US 8.8.8.8:53 sync-criteo.ads.yieldmo.com udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 35.153.94.52:443 criteo-partners.tremorhub.com tcp
US 8.8.8.8:53 e1.emxdgt.com udp
GB 96.16.109.64:443 ad.yieldlab.net tcp
DE 52.29.81.155:443 match.sharethrough.com tcp
IE 54.229.103.86:443 sync-criteo.ads.yieldmo.com tcp
DE 3.123.148.226:443 e1.emxdgt.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 92.234.192.18.in-addr.arpa udp
US 8.8.8.8:53 107.177.78.104.in-addr.arpa udp
US 8.8.8.8:53 27.176.78.104.in-addr.arpa udp
US 8.8.8.8:53 90.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 104.209.135.5.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 132.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 22.157.117.34.in-addr.arpa udp
US 8.8.8.8:53 135.36.128.108.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 32.130.29.52.in-addr.arpa udp
US 8.8.8.8:53 25.239.17.52.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 64.109.16.96.in-addr.arpa udp
US 8.8.8.8:53 155.81.29.52.in-addr.arpa udp
US 8.8.8.8:53 86.103.229.54.in-addr.arpa udp
US 8.8.8.8:53 226.148.123.3.in-addr.arpa udp
US 8.8.8.8:53 159.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 52.94.153.35.in-addr.arpa udp
US 8.8.8.8:53 cdn1.ashampoo.net udp
DE 13.32.99.83:443 cdn1.ashampoo.net tcp
DE 13.32.99.83:443 cdn1.ashampoo.net tcp
US 8.8.8.8:53 beacon.krxd.net udp
IE 46.137.144.39:443 beacon.krxd.net tcp
US 8.8.8.8:53 83.99.32.13.in-addr.arpa udp
US 8.8.8.8:53 39.144.137.46.in-addr.arpa udp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.utorrent.com udp
US 13.35.58.71:443 www.utorrent.com tcp
US 8.8.8.8:53 71.58.35.13.in-addr.arpa udp
US 8.8.8.8:53 download.cnet.com udp
US 151.101.1.91:443 download.cnet.com tcp
US 151.101.1.91:443 download.cnet.com tcp
US 8.8.8.8:53 at.adtech.redventures.io udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 151.101.194.154:443 at.adtech.redventures.io tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
DE 216.58.206.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 cdn.cohesionapps.com udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 3.161.82.47:443 cdn.cohesionapps.com tcp
US 151.101.1.91:443 download.cnet.com udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 151.101.194.154:443 at.adtech.redventures.io tcp
US 8.8.8.8:53 ingest.make.rvapps.io udp
US 3.161.82.47:443 cdn.cohesionapps.com tcp
US 172.64.144.166:443 cdn.confiant-integrations.net tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net udp
US 54.157.160.138:443 ingest.make.rvapps.io tcp
US 54.157.160.138:443 ingest.make.rvapps.io tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
DE 142.250.185.234:443 jnn-pa.googleapis.com tcp
US 172.64.144.166:443 cdn.confiant-integrations.net udp
US 8.8.8.8:53 spn-v1.revampcdn.com udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 154.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 52.178.19.104.in-addr.arpa udp
US 8.8.8.8:53 47.82.161.3.in-addr.arpa udp
US 8.8.8.8:53 166.144.64.172.in-addr.arpa udp
US 8.8.8.8:53 138.160.157.54.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 151.101.1.91:443 spn-v1.revampcdn.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 18.244.18.32:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 z.moatads.com udp
GB 96.16.109.251:443 z.moatads.com tcp
US 8.8.8.8:53 o348491.ingest.sentry.io udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
DE 142.250.186.170:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
US 34.120.195.249:443 o348491.ingest.sentry.io tcp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 apps.cpi.arturito.cloud udp
US 13.33.218.24:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
DE 142.250.185.174:443 www.adsensecustomsearchads.com tcp
US 34.120.186.113:443 apps.cpi.arturito.cloud tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 mb.moatads.com udp
GB 96.16.109.251:443 z.moatads.com tcp
GB 141.147.81.223:443 mb.moatads.com tcp
GB 141.147.81.223:443 mb.moatads.com tcp
GB 141.147.81.223:443 mb.moatads.com tcp
US 8.8.8.8:53 rum.browser-intake-datadoghq.com udp
US 8.8.8.8:53 images.sftcdn.net udp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
GB 104.84.84.34:443 images.sftcdn.net tcp
GB 104.84.84.34:443 images.sftcdn.net tcp
GB 104.84.84.34:443 images.sftcdn.net tcp
GB 104.84.84.34:443 images.sftcdn.net tcp
GB 104.84.84.34:443 images.sftcdn.net tcp
US 151.101.194.154:443 at.adtech.redventures.io tcp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
US 13.35.58.71:80 www.utorrent.com tcp
US 8.8.8.8:53 32.18.244.18.in-addr.arpa udp
US 8.8.8.8:53 251.109.16.96.in-addr.arpa udp
US 8.8.8.8:53 170.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 24.218.33.13.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 113.186.120.34.in-addr.arpa udp
US 8.8.8.8:53 223.81.147.141.in-addr.arpa udp
US 8.8.8.8:53 34.84.84.104.in-addr.arpa udp
US 8.8.8.8:53 138.153.233.3.in-addr.arpa udp
US 8.8.8.8:53 events.cpi.arturito.cloud udp
US 8.8.8.8:53 analytics.arturito.cloud udp
US 34.117.29.134:443 analytics.arturito.cloud tcp
US 34.120.139.235:443 events.cpi.arturito.cloud tcp
US 34.120.139.235:443 events.cpi.arturito.cloud udp
US 8.8.8.8:53 134.29.117.34.in-addr.arpa udp
US 8.8.8.8:53 235.139.120.34.in-addr.arpa udp
US 8.8.8.8:53 c.go-mpulse.net udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 92.123.28.132:443 c.go-mpulse.net tcp
US 8.8.8.8:53 monarch.cohesionapps.com udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 partner.googleadservices.com udp
DE 142.250.185.174:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 3.208.40.178:443 monarch.cohesionapps.com tcp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
DE 108.138.6.136:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 ab4042b8da8af28cea4eeb97c7fd209e.safeframe.googlesyndication.com udp
DE 142.250.185.174:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 132.28.123.92.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
DE 172.217.18.1:443 ab4042b8da8af28cea4eeb97c7fd209e.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 id.sv.rkdms.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 idx.liadm.com udp
GB 92.123.28.132:443 c.go-mpulse.net udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 44.216.212.178:443 idx.liadm.com tcp
US 52.87.117.9:443 id.sv.rkdms.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
DE 142.250.185.174:443 www.adsensecustomsearchads.com udp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com udp
DE 162.19.138.83:443 id5-sync.com tcp
DE 142.250.186.68:443 www.google.com udp
DE 108.138.6.136:443 c.amazon-adsystem.com tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net udp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
US 34.117.29.134:443 analytics.arturito.cloud udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 136.6.138.108.in-addr.arpa udp
US 8.8.8.8:53 178.40.208.3.in-addr.arpa udp
US 8.8.8.8:53 1.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 178.212.216.44.in-addr.arpa udp
US 8.8.8.8:53 9.117.87.52.in-addr.arpa udp
DE 142.250.185.234:443 jnn-pa.googleapis.com tcp
US 54.157.160.138:443 ingest.make.rvapps.io tcp
US 3.233.153.138:443 rum.browser-intake-datadoghq.com tcp
US 8.8.8.8:53 cdn-download.avgbrowser.com udp
GB 88.221.135.209:443 cdn-download.avgbrowser.com tcp
GB 88.221.135.209:443 cdn-download.avgbrowser.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 209.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 684dd325.akstat.io udp
GB 96.16.108.176:443 684dd325.akstat.io tcp
US 8.8.8.8:53 176.108.16.96.in-addr.arpa udp
US 13.35.58.71:80 www.utorrent.com tcp
US 34.120.195.249:443 o348491.ingest.sentry.io udp
US 8.8.8.8:53 p.typekit.net udp
GB 104.86.110.161:443 p.typekit.net tcp
US 8.8.8.8:53 utbench.utorrent.com udp
US 8.8.8.8:53 use.typekit.net udp
GB 2.18.66.240:443 use.typekit.net tcp
US 18.172.112.51:443 utbench.utorrent.com tcp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 3.161.82.117:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 240.66.18.2.in-addr.arpa udp
US 8.8.8.8:53 51.112.172.18.in-addr.arpa udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 3.161.82.117:443 sdk.privacy-center.org udp
US 8.8.8.8:53 117.82.161.3.in-addr.arpa udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net udp
US 34.120.195.249:443 o348491.ingest.sentry.io udp
US 216.239.34.36:443 region1.google-analytics.com udp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
NL 216.58.206.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
DE 172.217.18.110:443 encrypted-vtbn0.gstatic.com tcp
DE 142.250.184.214:443 i.ytimg.com udp
DE 142.250.184.206:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 151.101.1.140:443 w3-reporting-nel.reddit.com tcp
US 8.8.8.8:53 110.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
DE 142.250.185.174:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.185.163:443 ssl.gstatic.com tcp
US 8.8.8.8:53 163.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 linktarget.ashampoo.com udp
US 8.8.8.8:53 et.ashampoo.com udp
DE 52.59.70.47:443 et.ashampoo.com tcp
US 8.8.8.8:53 47.70.59.52.in-addr.arpa udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
DE 142.250.185.227:443 www.google.co.uk udp
DE 142.250.185.227:443 www.google.co.uk tcp
DE 52.59.70.47:443 et.ashampoo.com tcp
DE 18.184.83.209:443 linktarget.ashampoo.com tcp
US 8.8.8.8:53 209.83.184.18.in-addr.arpa udp
US 8.8.8.8:53 www.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 34.120.238.166:443 graphql.usercentrics.eu udp
US 8.8.8.8:53 gtm.ashampoo.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
DE 142.250.185.227:443 www.google.co.uk udp
US 8.8.8.8:53 myapi.ashampoo.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 18.197.209.74:443 myapi.ashampoo.com tcp
US 8.8.8.8:53 img.ashampoo.com udp
US 8.8.8.8:53 sih.ashampoo.com udp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 108.138.26.124:443 sih.ashampoo.com tcp
US 8.8.8.8:53 img.ashampoo.com udp
DE 18.66.122.92:443 img.ashampoo.com tcp
US 8.8.8.8:53 navigator.ashampoo.com udp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 124.26.138.108.in-addr.arpa udp
US 8.8.8.8:53 85.82.161.3.in-addr.arpa udp
US 35.190.14.188:443 app.usercentrics.eu tcp
DE 108.138.26.124:443 sih.ashampoo.com tcp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
US 35.190.14.188:443 app.usercentrics.eu udp
US 35.190.14.188:443 app.usercentrics.eu tcp
US 35.241.3.184:443 api.usercentrics.eu tcp
US 35.241.3.184:443 api.usercentrics.eu udp
US 8.8.8.8:53 146.205.158.18.in-addr.arpa udp
US 8.8.8.8:53 10.2.138.108.in-addr.arpa udp
US 8.8.8.8:53 64.39.245.18.in-addr.arpa udp
US 8.8.8.8:53 ocsp.r2m01.amazontrust.com udp
DE 18.245.32.26:80 ocsp.r2m01.amazontrust.com tcp
US 35.190.14.188:443 app.usercentrics.eu udp
US 8.8.8.8:53 www.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 26.32.245.18.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu tcp
US 104.17.121.18:443 ashampoo.slgnt.eu tcp
DE 142.250.186.68:443 www.google.com tcp
US 35.201.111.240:443 consent-api.service.consent.usercentrics.eu udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 connect.facebook.net udp
GB 157.240.221.16:443 connect.facebook.net tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
DE 18.66.122.92:443 img.ashampoo.com tcp
US 8.8.8.8:53 www.redditstatic.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 216.239.34.21:443 gtm.ashampoo.com tcp
US 8.8.8.8:53 amplify.outbrain.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
DE 142.250.184.214:443 i.ytimg.com tcp
US 8.8.8.8:53 targetemsecure.blob.core.windows.net udp
BE 142.251.173.156:443 stats.g.doubleclick.net tcp
US 216.239.34.21:443 gtm.ashampoo.com tcp
NL 20.38.109.68:443 targetemsecure.blob.core.windows.net tcp
GB 96.16.109.182:443 amplify.outbrain.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 13.224.189.49:443 www.mczbf.com tcp
DE 142.250.185.227:443 www.google.co.uk tcp
US 50.31.142.63:443 tr.outbrain.com tcp
US 50.31.142.63:443 tr.outbrain.com tcp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 wave.outbrain.com udp
GB 96.16.109.182:443 wave.outbrain.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 13.224.189.49:443 www.mczbf.com tcp
US 151.101.1.140:443 alb.reddit.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 142.250.185.227:443 www.google.co.uk udp
BE 142.251.173.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 156.173.251.142.in-addr.arpa udp
US 8.8.8.8:53 49.189.224.13.in-addr.arpa udp
US 8.8.8.8:53 21.34.239.216.in-addr.arpa udp
US 34.120.238.166:443 graphql.usercentrics.eu tcp
DE 172.217.18.110:443 encrypted-vtbn0.gstatic.com udp
DE 142.250.186.65:443 tpc.googlesyndication.com tcp
DE 142.250.186.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
DE 216.58.206.46:443 encrypted-tbn1.gstatic.com tcp
DE 216.58.206.46:443 encrypted-tbn1.gstatic.com tcp
DE 142.250.186.142:443 encrypted-tbn3.gstatic.com tcp
DE 142.250.185.110:443 encrypted-tbn2.gstatic.com tcp
DE 216.58.206.46:443 encrypted-tbn1.gstatic.com tcp
DE 142.250.186.142:443 encrypted-tbn3.gstatic.com tcp
DE 142.250.185.110:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 46.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 142.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.softpedia.com udp
US 104.22.13.228:443 www.softpedia.com tcp
US 104.22.13.228:443 www.softpedia.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 cdnssl.softpedia.com udp
US 104.22.13.228:443 cdnssl.softpedia.com udp
US 8.8.8.8:53 windows-cdn.softpedia.com udp
US 104.22.13.228:443 windows-cdn.softpedia.com tcp
US 8.8.8.8:53 228.13.22.104.in-addr.arpa udp
US 104.22.13.228:443 windows-cdn.softpedia.com tcp
DE 216.58.206.34:443 securepubads.g.doubleclick.net tcp
US 104.22.13.228:443 windows-cdn.softpedia.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 3.160.150.61:443 cmp.inmobi.com tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 61.150.160.3.in-addr.arpa udp
US 8.8.8.8:53 www.combocleaner.com udp
US 172.67.96.20:443 www.combocleaner.com tcp
US 172.67.96.20:443 www.combocleaner.com tcp
US 8.8.8.8:53 20.96.67.172.in-addr.arpa udp
US 8.8.8.8:53 s.w.org udp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com udp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net tcp
NL 216.58.206.70:443 static.doubleclick.net tcp
NL 216.58.206.74:443 jnn-pa.googleapis.com tcp
DE 142.250.186.68:443 www.google.com tcp
NL 216.58.206.74:443 jnn-pa.googleapis.com tcp
DE 142.250.184.214:443 i.ytimg.com tcp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 142.250.185.138:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
DE 172.217.18.97:443 yt3.ggpht.com tcp
NL 216.58.206.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 172.217.23.98:443 googleads.g.doubleclick.net udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 142.250.185.227:443 www.google.co.uk tcp
US 8.8.8.8:53 138.185.250.142.in-addr.arpa udp
DE 142.250.185.227:443 www.google.co.uk tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
DE 172.217.18.99:443 beacons3.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
DE 172.217.18.99:443 beacons3.gvt2.com tcp
DE 172.217.18.99:443 beacons3.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 services.combocleaner.com udp
US 104.25.185.50:443 services.combocleaner.com tcp
US 8.8.8.8:53 50.185.25.104.in-addr.arpa udp
US 104.25.185.50:443 services.combocleaner.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.185.227:443 www.google.co.uk udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.185.142:443 play.google.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
FR 195.35.49.154:443 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com tcp
US 8.8.8.8:53 www.bonzi.com udp
US 54.177.135.23:80 www.bonzi.com tcp
US 8.8.8.8:53 www.bonzi.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 8.8.8.8:53 opensea.io udp
US 172.64.154.159:443 opensea.io tcp
US 8.8.8.8:53 23.135.177.54.in-addr.arpa udp
US 8.8.8.8:53 163.48.8.52.in-addr.arpa udp
US 8.8.8.8:53 x2.c.lencr.org udp
GB 96.16.109.38:80 x2.c.lencr.org tcp
US 8.8.8.8:53 159.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 32.169.19.2.in-addr.arpa udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 172.217.23.110:443 clients2.google.com tcp
US 216.239.34.117:443 beacons2.gvt2.com tcp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 216.239.34.117:443 beacons2.gvt2.com udp
US 8.8.8.8:53 buddy.bonzi.com udp
US 8.8.8.8:53 www.youtube.com udp
DE 216.58.212.142:443 www.youtube.com udp
US 8.8.8.8:53 142.212.58.216.in-addr.arpa udp
US 54.177.135.23:80 www.bonzi.com tcp
US 8.8.8.8:53 secure.bonzi.com udp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 54.177.135.23:80 www.bonzi.com tcp
US 8.8.8.8:53 secure.bonzi.com udp
US 104.25.185.50:443 services.combocleaner.com tcp
US 104.25.185.50:443 services.combocleaner.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.185.227:443 www.google.co.uk udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
DE 142.250.186.163:443 beacons.gcp.gvt2.com udp
DE 142.250.184.206:443 google.com tcp
US 8.8.8.8:53 www.bonzi.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 52.8.48.163:80 www.bonzi.com tcp
US 172.64.154.159:443 opensea.io tcp
US 52.8.48.163:80 www.bonzi.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com udp
DE 216.58.212.142:443 www.youtube.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 8.8.8.8:53 secure.bonzi.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 8.8.8.8:53 clients2.google.com udp
DE 172.217.23.110:443 clients2.google.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
DE 142.250.185.227:443 www.google.co.uk udp
DE 142.250.184.206:443 google.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.google.com udp
DE 142.250.186.174:443 chromewebstore.google.com tcp
DE 142.250.186.174:443 chromewebstore.google.com tcp
DE 142.250.185.163:443 ssl.gstatic.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 172.217.18.10:443 content-autofill.googleapis.com udp
DE 172.217.18.10:443 content-autofill.googleapis.com tcp
DE 142.250.185.142:443 www.youtube.com udp
US 8.8.8.8:53 apis.google.com udp
DE 142.250.185.174:443 apis.google.com udp
US 8.8.8.8:53 174.186.250.142.in-addr.arpa udp
DE 142.250.185.142:443 www.youtube.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 feedback-pa.clients6.google.com udp
DE 142.250.184.202:443 feedback-pa.clients6.google.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 142.250.186.174:443 chromewebstore.google.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
DE 142.250.184.202:443 feedback-pa.clients6.google.com udp
US 8.8.8.8:53 scone-pa.clients6.google.com udp
DE 142.250.186.74:443 scone-pa.clients6.google.com tcp
US 8.8.8.8:53 202.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.186.250.142.in-addr.arpa udp
DE 142.250.186.74:443 scone-pa.clients6.google.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
DE 172.217.23.110:443 clients2.google.com udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 138.186.250.142.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 lens.google.com udp
DE 142.250.181.238:443 lens.google.com tcp
US 8.8.8.8:53 2captcha.com udp
US 104.26.10.235:443 2captcha.com tcp
US 8.8.8.8:53 235.10.26.104.in-addr.arpa udp
US 8.8.8.8:53 www.bonzi.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 52.8.48.163:80 www.bonzi.com tcp
US 104.26.10.235:443 2captcha.com tcp
US 104.26.10.235:443 2captcha.com tcp
US 104.26.10.235:443 2captcha.com udp
US 8.8.8.8:53 hatscripts.github.io udp
US 185.199.108.153:443 hatscripts.github.io tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 static.xcaptcha.com udp
DE 172.217.18.10:443 content-autofill.googleapis.com tcp
US 172.67.173.76:443 static.xcaptcha.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
BE 142.251.173.156:443 stats.g.doubleclick.net tcp
DE 142.250.185.227:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 172.67.173.76:443 static.xcaptcha.com tcp
US 172.67.173.76:443 static.xcaptcha.com udp
US 172.67.173.76:443 static.xcaptcha.com tcp
US 8.8.8.8:53 153.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 76.173.67.172.in-addr.arpa udp
DE 142.250.186.174:443 chromewebstore.google.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
US 8.8.8.8:53 img.youtube.com udp
DE 142.250.184.202:443 feedback-pa.clients6.google.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
DE 172.217.23.110:443 clients2.google.com udp
DE 216.58.206.33:443 clients2.googleusercontent.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
DE 172.217.18.99:443 beacons3.gvt2.com tcp
DE 172.217.18.99:443 beacons3.gvt2.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
MX 192.178.56.131:443 beacons2.gvt2.com tcp
DE 172.217.18.99:443 beacons3.gvt2.com udp
DE 172.217.18.99:443 beacons3.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
MX 192.178.56.131:443 beacons2.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 131.56.178.192.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
DE 142.250.184.206:443 img.youtube.com tcp
DE 142.250.185.174:443 img.youtube.com udp
US 8.8.8.8:53 e2c27.gcp.gvt2.com udp
DE 142.250.185.174:443 img.youtube.com tcp
US 35.227.159.135:443 e2c27.gcp.gvt2.com tcp
US 8.8.8.8:53 135.159.227.35.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
DE 172.217.18.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 e2c42.gcp.gvt2.com udp
DE 35.207.191.46:443 e2c42.gcp.gvt2.com tcp
MX 192.178.56.131:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 46.191.207.35.in-addr.arpa udp
US 8.8.8.8:53 cext.minirpa.net udp
HK 101.32.34.78:443 cext.minirpa.net tcp
HK 101.32.34.78:443 cext.minirpa.net tcp
US 8.8.8.8:53 drive.google.com udp
DE 142.250.185.174:443 drive.google.com tcp
DE 142.250.185.174:443 drive.google.com tcp
US 8.8.8.8:53 78.34.32.101.in-addr.arpa udp
US 8.8.8.8:53 drive.usercontent.google.com udp
DE 142.250.186.33:443 drive.usercontent.google.com tcp
DE 142.250.186.33:443 drive.usercontent.google.com tcp
US 8.8.8.8:53 33.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.54:443 i.ytimg.com udp
DE 216.58.212.142:443 www.youtube.com udp
US 8.8.8.8:53 54.186.250.142.in-addr.arpa udp
DE 216.58.212.142:443 www.youtube.com udp
DE 142.250.186.54:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
DE 142.250.186.34:443 googleads.g.doubleclick.net udp
DE 172.217.16.138:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 138.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 34.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
DE 172.217.23.106:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
DE 172.217.18.110:443 encrypted-vtbn0.gstatic.com udp
DE 172.217.23.106:443 chromewebstore.googleapis.com udp
US 8.8.8.8:53 www.bonzi.com udp
US 52.8.48.163:80 www.bonzi.com tcp
US 8.8.8.8:53 106.23.217.172.in-addr.arpa udp
US 52.8.48.163:80 www.bonzi.com tcp
DE 142.250.186.174:443 img.youtube.com udp
US 8.8.8.8:53 play.google.com udp
DE 142.250.185.142:443 play.google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 steamunlocked.net udp
US 104.23.133.10:443 steamunlocked.net tcp
US 104.23.133.10:443 steamunlocked.net tcp
US 104.23.133.10:443 steamunlocked.net udp
US 8.8.8.8:53 10.133.23.104.in-addr.arpa udp
DE 172.217.18.10:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
MX 192.178.56.131:443 beacons2.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
DE 142.250.184.206:443 img.youtube.com udp
DE 142.250.185.174:443 drive.google.com udp
US 8.8.8.8:53 uploadhaven.com udp
US 169.197.82.18:443 uploadhaven.com tcp
US 169.197.82.18:443 uploadhaven.com tcp
US 8.8.8.8:53 18.82.197.169.in-addr.arpa udp
DE 142.250.186.68:443 www.google.com tcp
US 8.8.8.8:53 pogothere.xyz udp
US 8.8.8.8:53 androundher.info udp
US 8.8.8.8:53 munpracticalwh.info udp
US 8.8.8.8:53 ghabovethec.info udp
US 8.8.8.8:53 dedukicationan.info udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 accounts.google.com udp
US 172.67.187.16:443 munpracticalwh.info tcp
US 18.172.112.77:443 androundher.info tcp
US 172.64.167.32:443 pogothere.xyz tcp
US 172.64.167.32:443 pogothere.xyz tcp
FR 18.155.129.26:443 ghabovethec.info tcp
GB 18.244.140.102:443 dedukicationan.info tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 103.224.212.215:443 jecromaha.info tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com udp
US 8.8.8.8:53 d2dzy45qo641nc.cloudfront.net udp
DE 143.204.102.178:443 d2dzy45qo641nc.cloudfront.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 172.67.187.16:443 munpracticalwh.info udp
US 103.224.212.215:443 jecromaha.info tcp
US 169.197.82.18:443 uploadhaven.com tcp
US 103.224.212.215:443 jecromaha.info tcp
US 8.8.8.8:53 16.187.67.172.in-addr.arpa udp
US 8.8.8.8:53 32.167.64.172.in-addr.arpa udp
US 8.8.8.8:53 77.112.172.18.in-addr.arpa udp
US 8.8.8.8:53 102.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 26.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 215.212.224.103.in-addr.arpa udp
US 8.8.8.8:53 178.102.204.143.in-addr.arpa udp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 8.8.8.8:53 174.212.58.216.in-addr.arpa udp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 8.8.8.8:53 188.166.233.64.in-addr.arpa udp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 103.224.212.215:443 jecromaha.info tcp
US 8.8.8.8:53 www.bonzi.com udp
US 54.177.135.23:80 www.bonzi.com tcp
US 54.177.135.23:80 www.bonzi.com tcp
US 8.8.8.8:53 navigator.ashampoo.com udp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
US 8.8.8.8:53 www.ashampoo.com udp
DE 18.197.209.74:443 www.ashampoo.com tcp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
DE 18.158.205.146:443 navigator.ashampoo.com tcp
DE 18.197.209.74:443 www.ashampoo.com tcp
US 8.8.8.8:53 androundher.info udp
NL 18.238.243.106:443 androundher.info tcp
NL 18.238.243.106:443 androundher.info tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 yensf.pohsoneche.info udp
US 54.225.185.110:443 yensf.pohsoneche.info tcp
US 8.8.8.8:53 106.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 110.185.225.54.in-addr.arpa udp
GB 157.240.221.35:443 www.facebook.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com tcp
BE 74.125.133.84:443 accounts.google.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
DE 172.217.18.99:443 beacons3.gvt2.com udp
US 54.225.185.110:443 yensf.pohsoneche.info tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 dukirliaon.com udp
NL 139.45.197.239:443 dukirliaon.com tcp
US 8.8.8.8:53 239.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 my.rtmark.net udp
NL 139.45.197.236:443 yonmewon.com tcp
NL 139.45.195.8:443 my.rtmark.net tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 datatechone.com udp
NL 139.45.195.253:443 datatechone.com tcp
US 8.8.8.8:53 s.click.aliexpress.com udp
US 8.8.8.8:53 sr7pv7n5x.com udp
NL 212.117.190.201:443 sr7pv7n5x.com tcp
GB 104.82.235.52:443 s.click.aliexpress.com tcp
GB 104.82.235.52:443 s.click.aliexpress.com tcp
GB 104.82.235.52:443 s.click.aliexpress.com tcp
US 8.8.8.8:53 8.195.45.139.in-addr.arpa udp
US 8.8.8.8:53 253.195.45.139.in-addr.arpa udp
US 8.8.8.8:53 236.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 201.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 best.aliexpress.com udp
US 54.225.185.110:443 yensf.pohsoneche.info tcp
US 8.8.8.8:53 g.alicdn.com udp
US 8.8.8.8:53 assets.alicdn.com udp
US 8.8.8.8:53 ae01.alicdn.com udp
US 163.181.154.234:443 g.alicdn.com tcp
US 8.8.8.8:53 time-ae.akamaized.net udp
GB 104.82.235.52:443 assets.alicdn.com tcp
GB 104.82.235.52:443 assets.alicdn.com tcp
GB 104.82.235.52:443 assets.alicdn.com tcp
GB 104.82.235.52:443 assets.alicdn.com tcp
US 8.8.8.8:53 ae.mmstat.com udp
US 8.8.8.8:53 52.235.82.104.in-addr.arpa udp
GB 104.82.235.52:443 assets.alicdn.com tcp
GB 2.19.117.25:443 time-ae.akamaized.net tcp
US 8.8.8.8:53 acs.aliexpress.com udp
SG 47.246.110.42:443 ae.mmstat.com tcp
US 8.8.8.8:53 ae04.alicdn.com udp
GB 104.82.235.52:443 assets.alicdn.com tcp
DE 47.246.146.105:443 acs.aliexpress.com tcp
US 8.8.8.8:53 is.alicdn.com udp
GB 104.82.235.52:443 is.alicdn.com tcp
GB 95.100.104.181:443 ae04.alicdn.com tcp
US 8.8.8.8:53 login.aliexpress.ru udp
US 8.8.8.8:53 login.aliexpress.us udp
GB 96.16.108.57:443 ae01.alicdn.com tcp
GB 96.16.108.57:443 ae01.alicdn.com tcp
GB 96.16.108.57:443 ae01.alicdn.com tcp
GB 96.16.108.57:443 ae01.alicdn.com tcp
GB 96.16.108.57:443 ae01.alicdn.com tcp
GB 96.16.108.57:443 ae01.alicdn.com tcp
DE 172.217.18.10:443 chromewebstore.googleapis.com tcp
US 163.181.154.234:443 g.alicdn.com tcp
RU 47.246.133.203:443 login.aliexpress.ru tcp
US 8.8.8.8:53 234.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 25.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 105.146.246.47.in-addr.arpa udp
US 8.8.8.8:53 42.110.246.47.in-addr.arpa udp
US 8.8.8.8:53 wp.aliexpress.com udp
US 8.8.8.8:53 aeis.alicdn.com udp
US 8.8.8.8:53 login.aliexpress.com udp
US 163.181.154.234:443 g.alicdn.com tcp
US 8.8.8.8:53 203.133.246.47.in-addr.arpa udp
US 8.8.8.8:53 57.108.16.96.in-addr.arpa udp
US 8.8.8.8:53 img.alicdn.com udp
US 8.8.8.8:53 log.mmstat.com udp
US 163.181.154.233:443 img.alicdn.com tcp
US 8.8.8.8:53 us.ynuf.aliapp.org udp
US 8.8.8.8:53 fourier.aliexpress.com udp
US 8.8.8.8:53 fourier.taobao.com udp
US 8.8.8.8:53 de-wum.aliexpress.com udp
CN 123.183.232.34:443 fourier.taobao.com tcp
DE 47.246.146.201:443 de-wum.aliexpress.com tcp
CN 59.82.33.227:443 log.mmstat.com tcp
DE 172.217.18.10:443 chromewebstore.googleapis.com udp
DE 47.246.146.67:443 fourier.aliexpress.com tcp
DE 47.246.146.67:443 fourier.aliexpress.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
US 8.8.8.8:53 233.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 67.146.246.47.in-addr.arpa udp
US 103.224.212.215:443 jecromaha.info tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 download191.uploadhaven.com udp
US 169.197.82.20:443 download191.uploadhaven.com tcp
US 8.8.8.8:53 20.82.197.169.in-addr.arpa udp
US 104.23.133.10:443 steamunlocked.net udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c43.gcp.gvt2.com udp
NL 35.214.142.18:443 e2c43.gcp.gvt2.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 18.142.214.35.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp

Files

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdate.exe

MD5 baf0b64af9fceab44942506f3af21c87
SHA1 e78fb7c2db9c1b1f9949f4fcd4b23596c1372e05
SHA256 581edeca339bb8c5ebc1d0193ad77f5cafa329c5a9adf8f5299b1afabed6623b
SHA512 ee590e4d5ccdd1ab6131e19806ffd0c12731dd12cf7bfb562dd8f5896d84a88eb7901c6196c85a0b7d60aee28f8cfbba62f8438d501eabd1bb01ec0b4f8d8004

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdate.dll

MD5 dce0fd2b11b3e4c79a8f276a1633e9ae
SHA1 568021b117ace23458f1a86cd195d68de7164fa9
SHA256 c917ad2bf8c286ae0b4d3e9203ab3da641af4c8d332e507319ee4df914d6219c
SHA512 ba89867fd2bea6166b6e27c2a03a9a4759aee1affe75d592f381d9cb42facba1af1535f009a26f2613338b50de13b6576ab23c4e24d90827739f1678923ff771

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_es.dll

MD5 f49411f7f8feb475ee096db6a5938290
SHA1 6926ddaf08b3f701fb357f032e76bb33e63f50f0
SHA256 e7a76d367bffea50a8f0b2f8daee91b3e5250431127a9dfdaa25980c39b22573
SHA512 0f95d6cf92882a30dedf4b51bda94cff87da327843569aa4f3c763fa2c658378795adaedbc3d93958128376e51d2d0792958def24a2e19c57d6717153d3512ff

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_bn.dll

MD5 64ed14e0070b720fcefe89e2ab323604
SHA1 495c858c55151e2400a1a72023aa62216033f928
SHA256 635f3a7fd3c1f62eb91117189ac84e1a1e5c3a8e104863d125c16e8be570e3d1
SHA512 4fab73de11e595c7e4edd9a66137f8e7b0b13db1799dbe4c10dd766783079d38d560c6cc1bf9af4bc1abd71f1706643bd9a31c0f58e55df3d0dd7d739e1480b7

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ca.dll

MD5 ba783ac59839551280618c83c760d583
SHA1 53d1d10955e322a6135b047eecd88a4815f9b6da
SHA256 c2d15f8da32907d8cea1aaa0d51f16bc692a74141fdace43a84c78647433a086
SHA512 a635d52c20164a02dc3fc4ddb961bf36177014e0cb27e50588013a0e9f3787194de3c9da160672b62b25eb94ddcea366bcaa44b6bfa593da77c97aba48f8a50b

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_id.dll

MD5 e8706af39491f7a579a4a03d7e97ee86
SHA1 2f0cb0de6a34f368803003bc33f260137741d525
SHA256 15dbad35e7fa0dcf3ac2f08adbfb56981e3365f91d801c71f913fc0ab7c4cb52
SHA512 b3544f99cbfd0dec7bd2b9169364cb2daac8aa388f24f27862de71e4bcf40a24ae42900510aad30cdcfddd0594b62083ce67c9b573c8fe3a3055873ffab7297a

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ja.dll

MD5 56c037987597e28377c43df3fd64a2a0
SHA1 1e769ef90a0c8c5bf3c4a6d4e4ff5897a4e1ab84
SHA256 d158b0a602fafda9a117ad6065ecab3f02159ec1055adbac8979b311db83e1c7
SHA512 b2982807011cc473842aa89aa425fcc504d91072e384246122ebdc33b56ecafe16b746cf5206d2686412f90ee663b1545565cc050dda600295aa8bb4fa0f6828

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_iw.dll

MD5 7c89d57d66e73d8f09ebafa1733e61c2
SHA1 d2cdf93717da261437a841dc7bea321dda20736a
SHA256 936ca4058d17ceff0ad72ffd721ec87e76a7df8066fb10110a8ae7bf311d5c27
SHA512 205eae74837c601e459ba5d7a994f3ba76b279ca67ffc8d694d9b75baf72bedaf72f18443417010c19fd3c97560aa7c1284b319a738afea5a2402d7763fb1674

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_it.dll

MD5 49a37b39ed5f6fc7f8ed271afb7b4b00
SHA1 e688384442cf0c87d95afe2dd4ac9219e2ac6862
SHA256 d6a2194ed9fc11cf4ee229d6282225e732594c345b3a948d78e1e25287e2bb92
SHA512 d75608306a0b44a1a6c8264804fc77dda034a83a2e1198a982a388b99e595687aa2b1c34d49f4ebc92b05f4932319eb0f66caa5d749e1a8f0b33b51a379367aa

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_is.dll

MD5 d9bd75ad7a3a353cee9c40044ce5b794
SHA1 5cfae92b010c7f15c0de3faa2d556501077eba6c
SHA256 569ae0a08a78a956848b5a468247a02a0a0917657de3dfd17ebd67cfc929f38d
SHA512 256c11f9c5adc1efb11a3eb0807226afe72bdf02e6657104001b11c12961accd2e9ce4b7c6f8ec8dc577f8b25d6049f18f143786f2b9b5b2b9b6f14bb480b7ee

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_hu.dll

MD5 5601a611f2801a57025ac0f6725ce7e3
SHA1 bd2f8d12a70b19546adfd22fe6a590a4274d2669
SHA256 bd765a07250856c9ecb5a8319f04b9bdf4d2251827324ab5066b3d731b18ac18
SHA512 41ea26924ebf780e5d91ff8e5383d31b04076197b43ba964860556484b845e0590bf4cd805876cafb7cfb3082002cb35454bfc34c55e17113d9778a73182bc38

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_hr.dll

MD5 b9114cc4de1128c5156e3afc7f8123f0
SHA1 ff0fe96553ade4200d68305dd2e694dc91a2995d
SHA256 2846c112a3f0a3c6b050fbac7ea96dd3733f117068a5cccc8b6cf16ede9d4c47
SHA512 3bb6519556cef59d91ad92e11987ae6a36c9436cee5fe79b2a08b24fbbc04207c1114d466c0dc05f63221b368cd13b818b0c87188feb2511716a2ad75675a478

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_hi.dll

MD5 8d62d3b71591fcb40f59b6d0f651614d
SHA1 2c7b1831cead9e2acb85cebaf1c2c53784476f38
SHA256 ad368ca65db3e0a9417634d6bd2ac81c38858f875c1cdc6d641c2389b99d5a59
SHA512 9ad0a199148eb21927c1ee3976fde7be2968063955b1a5526fe18b62bc12c3b4d6e2d7dad7b5b1e8f76937733ae4a38289a32bcebfe60ab50f0f80648ce80711

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_kn.dll

MD5 78ba7d33500cfa4639519609f7cedec8
SHA1 9b0d9c945917d61f8a0caf2c3e11d0cb2c7e6c7f
SHA256 6c8c7692fcce08684ead91e0a68c09121e46e45c1aa5d30aa9342d9ff099a3e8
SHA512 f3e7acbaaee401a2a3b0a68db88fbf6fb620940cfe2891d822f38ef18ee5739d0ce66d5f440eb8ccc1d336ac5a406bb668ca20eba9fb494c0adff3bde8c73d96

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_gu.dll

MD5 9acb142c6097bef9a56847eaff078a5c
SHA1 d69d206d06dcf09b46b0e8bb47c177cb2a5bd8e6
SHA256 125b6ee3b4fee064eabc9baf671a366e4e88f68c97e582972cf741d914284628
SHA512 49f06023c4c70b75aabb81b586114704bc905480f4c0978e8d4315c232ea0b5d7d9545b7d02a9b24b71f72b066e926839908e2ace1ccf245716e6ef2fcf1193c

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_fr.dll

MD5 048033bd00459d6a545744ba1d46ab45
SHA1 1f9cb02b84da6b603b8be9a717f4ae3f32cb3f4a
SHA256 52099330cdfdb45b04db7bc0b2003762906afdca4ce16e7a33f0b4f7aebefe7b
SHA512 66a676c37e03dd326777534aba889410a6ecf43e17a5f5736415a5be179d4f8aefd626a1f28b4869d3dd17a296b04eaa88d20c90796f9a9cfc3899007a08748c

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_fil.dll

MD5 b039877936c8bc88efd93656e8e2fc3a
SHA1 b27e928267e2b7085e45cf6f450ba8bcc0af66e2
SHA256 7ffa28c0273c63aad16d3ac3419144f5bb8ce3484be73c45130927aa3ada6e43
SHA512 26992d60966d56b64b0ca2047f9149bbac8e6522d14ac2a9b2a4e57d5991f26a050e02fcb475243f0787221fc2307d5523f2c33b6abc3f6c7aa5daa1938f67f3

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_fi.dll

MD5 0ff6b7be8cceae26bd9ade3914b987c3
SHA1 6bb771e7c844ca501cbd1a05c0c19bb2078a784b
SHA256 52e75123d0c6ca6904a613aebef15dc9e662a7296089923ea690b4e627e5cbe9
SHA512 98e13a07d13691eb113ae63eff36c7c9041582ddfffb26f3918c0e87f484315930a0e924868c83dab46349bc09dddcb5bf0ae7a01155d9b1e2d90aba5ac4834b

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_fa.dll

MD5 66e75aac042e5776513c1a20f360df78
SHA1 2916825a831048eae55402371591221be27eba3b
SHA256 2528329f2177422671714b67c9d292e681791c26e6fca8d3e99d92434f23d686
SHA512 6985d5004b6e919b7977c608be044004d2c1aafe1f855dd4b47dedb2f3a22cb04608df2c6079480b7cb3d08f8605c8aad1b3279c78482afd44280db143508839

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_et.dll

MD5 6d9e77d00e750d6c56784bd03dfe7137
SHA1 e0c8e15adfb6b3efdc2eb1f7f3fbf5301d185ee6
SHA256 feececd2144da0f8d7006695f2e915fef34b1cf1c00c867e2a08cf8d9e5b5bc5
SHA512 8082e6bbf590212cdfd5b844557b66702e60220cd02d5850fb821a4a6527d4d5e82f1fa7595fab01f76090e8992ebab92de614205db4413ffb6bc48c9c10f185

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_en-GB.dll

MD5 68420a06ad032bd6a79b2472c3350476
SHA1 4e301f757c209dc928ab05370a51abca66bd38d8
SHA256 bbd19a75809f516726289377f97d67ae5f9122fdad0ad9f34974cbbbc91b9968
SHA512 9829cb34552d85b99441273174e801f401b1d7df3c7140e8bbdb74b77008e3e258bbafab2afb3f01f7909198c1376a3ae9360c941c7df60ad49309fb916b5f8f

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_en.dll

MD5 0d30a76bbcbc637382fad5a927297a2f
SHA1 39dbd1bcb5372e06aa4ffa3a6fe0010bf8652517
SHA256 dc22cbd055cfae79301c7906ca1e2a1e926aaf943fb11d8060b91202bd5759aa
SHA512 1d73f9a223ff1d292a4886c1377a2dca0459b6f757f814d73e66746f25b4e97fbaf90188d96cc1829bc9a288b5a118ff472fabb1c401994b1524d70e92953f8d

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_el.dll

MD5 59ba1742a224cb96c89ca335ff208409
SHA1 2b595feed6efe926cc87c16534c3b8bafc511cdb
SHA256 2836ec2d0830b66f281d65cb24f9ea2311e6464f13d4d0e41547be5ce994582e
SHA512 a4e7bd47af97387ef0828daa4d1b6f820faef02c28e77dda0da08e0a4766f2beac42d4ac5dfec82e7c3fd1a39e9d6a1359d45750ebce4c0e6722567b1df6e919

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_de.dll

MD5 c1dd450c8f536604579902fb23013233
SHA1 ae60094a4a1a2a33624a65b0ce3132a77de6c6e6
SHA256 a8422f753e831ea71c41867cfdc767fcbc05874fc039a0101bd05c571f8d822b
SHA512 35ab265a6363856e40156185bffb93d6481ea321f63a033160847cb88cc0764a18f14f9a72265e2f1f9caeff4702efdd147a46b23614fce090e08b78cd3ebc4f

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_da.dll

MD5 13bb66cf80aea019219f9181496b5b74
SHA1 8bbd83fff1bcdc01e93ed263b8564519a7c6fe7c
SHA256 c9e878e8c3a2ebe17df25c3406a0c449d93e56620e3006e83ce777952f47a488
SHA512 e7c84e8c600767cb4df43b9ed1c5220becde79c32f832158bd78368ec9b04422f272715bbca5a261da967fcb019dbf01d154467c77d2775e46e19ab3f6d64f9c

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_cs.dll

MD5 8041b1db1f5a00dc1a617f02d9cd9744
SHA1 963bb4e81134089d12b26ad1631bb0825e9b8fa3
SHA256 c823d54a7777e3cb0ff2bbec829833f0ad5bfbe58290af02e0f85a877db50fb7
SHA512 bfa81a184e2985e2755c941137562c40ad4903a9b883f84471ff10636c363be909db0044bb4320c1fb615303ee375d64675a894abe08414ff1c0a5da0e22d450

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_es-419.dll

MD5 4a28036303c7f36827a757d0950669b1
SHA1 af5fa8d2dbbd8f8bdac508f187731cf33ff8b960
SHA256 0047475c9353a570604d437d8985cebc7230b26f010ef30f4176f93f0c2361b4
SHA512 b5eaf77b729142abc233974c3900c39cd75fd2252e8ed49059bfe607d2b1c74b28f347b86793aa8e5a12c87701bfce8e9c87d34e262df7be559ecbd0f56e9c0f

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ar.dll

MD5 d1c81b89825de4391f3039d8f9305097
SHA1 ecfcf4b50dfbb460e1d107f9d21dd60030bf18c3
SHA256 597fe53d87f8aa43b7e2deb4a729fc77131e4a2b79dc2686e8b86cc96989428e
SHA512 a2be34c226c0a596efa78240984147196a4de8c93187af5835f0cec90ed89e7dffd7030cd27e7a1f1bd7f26d99322e785e195f5d41bf22e00c4af08270699642

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_am.dll

MD5 46f8834dd275c0c165d4e57e0f074310
SHA1 7acbfb7e88e9e29e2dc45083f94a95a409f03109
SHA256 91ac6c9686d339baa0056b1260f4fd1394ce965b1957aa485e83ae73492f46b5
SHA512 b615fe41b226273693da423969a834b72c5148f5438e7a782d39191ad3013e2abfa10d651fa2ded878abb118e31831dc7dec51729b3235cebb2b5d7f3ba2ade1

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdateComRegisterShell64.exe

MD5 0fe3644c905d5547b3a855b2dc3db469
SHA1 80b38b7860a341f049f03bd5a61782ff7468eac7
SHA256 7d5c0ed6617dbc1b78d2994a6e5bbda474b5f4814d4a34d41f844ce9a3a4eb66
SHA512 e2cf9e61c290599f8f92214fae67cce23206a907c0ab27a25be5d70f05d610a326395900b8ed8ed54f9ecbddfd1b890f10280d00dbcdad72e0272d23f0db1e53

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleCrashHandler64.exe

MD5 dae993327723122c9288504a62e9f082
SHA1 153427b6b0a5628360472f9ab0855a8a93855f57
SHA256 38903dec79d41abda6fb7750b48a31ffca418b3eab19395a0a5d75d8a9204ee7
SHA512 517fc9eaf5bf193e984eee4b739b62df280d39cd7b6749bec61d85087cc36bb942b1ebaed73e4a4a6e9fa3c85a162f7214d41ea25b862a4cf853e1129c10293d

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleUpdateCore.exe

MD5 021c57c74de40f7c3b4fcf58a54d3649
SHA1 ef363ab45b6fe3dd5b768655adc4188aadf6b6fd
SHA256 04adf40ba58d0ab892091c188822191f2597bc47dab8b92423e8fc546dc437ef
SHA512 77e3bbb08c661285a49a66e8090a54f535727731c44b7253ea09ffe9548bae9d120ef38a67dfa8a5d8da170dde3e9c1928b96c64dfc07b7f67f93b478937c018

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_bg.dll

MD5 0d7125b1bda74781d8f1536e43eb0940
SHA1 39818cacce52ff2edfb2a065beb376d43fdb0a93
SHA256 00dfe30f3e747b5788f7ae89b390e63760561a411b7e39257376cd13700a1e0b
SHA512 c34d7405acceb7186cf63e75083981b9230d2755e207fdfd1dbce7d59a96f30ec04c28c12dbe0ed96fb595c63dec8819c08d406840787d9b9797568fbf50dec2

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\GoogleCrashHandler.exe

MD5 4c3832fbe84b8ce63d8e3ab7d76f9983
SHA1 eea2d91b7d7d2cdf79bb9f354af7a33d6014f544
SHA256 8fe2226e8bec5a45d4b819359192ab92446b54859bf8877573ab7a3c8b4ada76
SHA512 e6e316bf3414ffb2674bf240760b2617ced755b8a34ad4b3213bcca6ea9a0aa3c2e094319d709a958f603b72197bfa34b100dbe87b618e17601b2e0dac749f84

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_lt.dll

MD5 979ddd15d4625f2d9442308ac23b093e
SHA1 41bdaf8e7930a788e72b2e8d812d3ad8cc9614d9
SHA256 546ec90e214472e91048428924aea9853eb1a0baea8fca9af87f5b4640440078
SHA512 148e0c38279d1ae560713fa4c0f2bf1c0245b6971d71d7b4a2cf44c4d512ad1fc8a9cb33ce7554f4a4855cc0ef319c6e72784cb2c4b87b324990ba945c31ef9f

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ko.dll

MD5 5c8d844a20331d1753b38babc1ec567e
SHA1 ebf130fb8c1550d329aa2eb008780c2a8a69dc06
SHA256 2da70429e0e6b931da700861a2c0b416d9420c3973531edef460079fd2d95c8d
SHA512 0a27588c7f5791940ac4d8946533a1572d70f8c4fbdf0ce35a3c15a3ae56d77d2094b2b2c1ed4090bfad4ce11488d616d5bedfe6dc62ba32ab33714abce8ec65

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_lv.dll

MD5 dd5164441187cd34cf6b4571ad06b02f
SHA1 12acf5a1184c074ef04b52f2e855866b815fe61f
SHA256 df49a28d88b5a20f2bd26fe17fd049a04baa5c27c0c9d96203335c4ee52d4413
SHA512 c1bb517c682f211f6894c06810bf13079dabbc1912d8f6932746c0dc774b1ad836c21cb2e7f19f7575eb4ba989644f7806f13fca2653dab7b44960a567788a57

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_mr.dll

MD5 b7479d97664ff3f68883a4665ad46f03
SHA1 fed7419a8408adecd531d6f7e1a24bfbbb97a25b
SHA256 d8b54b04a01467927702a439f875de02577721da3d6b393fc9b6d5f81f0e363b
SHA512 3885c46f4763961ac41ecf4e33ef67f560b14672087894bc0d72b6fdf1e73feecc5a4990f0df52759032085ae4b9cf918355010954166614b18e3cfed2e82645

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ml.dll

MD5 1a68c9a98363c381f08922f560250758
SHA1 5c8fab19a6fce550c541ddae84c1ed1eeb1d9a8f
SHA256 2a308897298977866c0199c137f679773ed63ed703b1286d07cf0e1de45225f1
SHA512 c22490c4660ba897c34eaf2f1681b9ef713bb8da72969db4a462ec8f639eef1a3403a7cbafe8f86906d69a4c716e8d638caf89aa9911996d1d1600b0659bce07

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ms.dll

MD5 7f3113def8e50c086bbe84273477bad4
SHA1 f29165a7988ed9b46fa162b02cbc58e3baf9dc8d
SHA256 60821a3672d3170f4d2e230e4c72aa3fef58cdeea16d0af22b5c2077bd76750a
SHA512 3fb6f5ea722e81ccfbaf01110fa341f8299a81b71ae072f52d11e2c8b3bcf202175f9c8e176c289aeac9d405d9919e406ae75929a942b52f49cc52a0858611dd

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_nl.dll

MD5 092df8fbd33220a72d1a81745cd61722
SHA1 16ee50224dc792a144dd8445c1b1017f0b22d252
SHA256 001666ead47d5efa71ccfa9818269e137f0c4ad90f32d758a9e6d9bc4560bb9d
SHA512 d2da63cfb76879745de3d2b537673f584bd2f28fca9582a8476f78b69ae0caa156085b61c33f03737748b942a1196ec0f1a4628766ad85ad6de60c6d68cb5ea2

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_pt-BR.dll

MD5 9dd85190c1ca43e4ea964f6695f34865
SHA1 f0c597a48312d55a6b820eeea05747b99d815a96
SHA256 ee5403a3ea60d3308d4999e6092aa4ad80fec2a90a701e7ede44f29298c48737
SHA512 3ba6b4143dfd3be9f9f5cf4d80e54f99bc68976f7bb662f97bccc80bc1789494a35fa958921589d65131d5cb1784fd09c48f7bbe940ced165ef4b0dc9afb998b

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_pl.dll

MD5 355fe9ce9db81686db356a30c17212a4
SHA1 6eb7892a5ab482f9f2e4c91dc12700e1e0eeffac
SHA256 5a6d70da9a5ebae1d28d8fa97ec40e40b271d5386648a5d00e28d49fd41a2bb0
SHA512 b76653623bbef763639ab79f75173811962727b677bfd359952224d61a4537f8ec8067ce9281145f1500d68b4133792c1a03beae9708067d3a57bf2138e63d9b

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_no.dll

MD5 9efb18e27e49361b5ca0fe4eebb286b2
SHA1 7e522beabde6ad87aec419f4c26395c64d8382a8
SHA256 3c066ff77d407ad1547372027f0c569ff65b06f1a5e34ed578ab9e6b87ce4876
SHA512 5c034c37801cea6fa3219d24f81b62bd416e4ce2e9102285be34ade76d80ed0229d7951c8b4626e2aa602991a8ba5424c2409a50f9dc8909d335a84d6bccc52b

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_pt-PT.dll

MD5 82ef6ec70333a490acfa9e46680a5d50
SHA1 7dee942e0af205b0d5e65a237fcb571602080d61
SHA256 21193d4beead2b2d43ad2417219018803103b5e0db94273005c0f480c3ef5d73
SHA512 c819ba1f42fbf11e446dcd2e4a51e9f2d607a941d0380768747286d0f8dcc7872fd76669f411a4a61e9e0417aae4e2d6085611abae62777feac6e9a4e1cd6061

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ro.dll

MD5 dd97a63df7ddfc0ed38f09dcfb8f31f8
SHA1 ed049d9162f9216ee6b440ede178af8ae489501c
SHA256 69333435afbc6821a0f40497466f98fa8e20a10ee928b2a85ec711ac77d7442c
SHA512 f2b99a9fde86c21bf99423d1686a0d9a7d4a064ae9b648346db65ec071e86e6070b0bd72d24a2806a316108ed7cb9b1bdfe8713e1c8f661bd66ef5f540e1207c

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_sw.dll

MD5 e17047f1905dd4a7c54f6b7391a3a2b5
SHA1 460e93c96b4605ea4ebb8cc3b5c98880b238b38e
SHA256 21d08e9fbc8d311096e48d0121b6e139308f008e588e9fbb2c044ad54d0c6fe3
SHA512 3a060c089a5a200ec38a275f44ecb02c56764efa0860e4f2ce4362820265c9ef2a8e5b5fd94aad6ce7e9fb619cc4afd1bb477fbfb3eacfd5dc961d0a38fc552f

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_sv.dll

MD5 54c3bd48650dda24560a3f567929a876
SHA1 53c6a27155ee329774d97b533210211a9946d607
SHA256 ab5cb8da8269308eaf2a2c0cabacfd02f21787c08ac99c5380bd74a6307ce6a7
SHA512 009a1397bb13b0b4a2c540eef4927c80754ad27a88e54a998732604a902c97594fac3e46303224b90f5329168d3aa468610be46b64f25833fa5e68a60f2baa7a

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ta.dll

MD5 2c0f7d4ee79fae77026d5733989b43c7
SHA1 fe9395690cd573794d40f04e16b828138baff120
SHA256 b61196b93e653dc3b6ab3cfb367218081a88a2dc21f678deb79ad47dcaa2d573
SHA512 32dfcbaa68f8cd387dd7a05d056368382911d7ec80b22475d182912cd27ff3888a0865916b9d76d76777a24f16facf54ee342d1a7f4ab3b87624dda1e72a367a

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_sr.dll

MD5 66813fb0d3a66fc673133c288aa21f29
SHA1 c934f77f2b4e8f8be1d9a63497a7549e5f9e4a7b
SHA256 6a5459c40d0e8f8d7dcb3aa457d70bf3655f8b9f52121ab16adfebe56a8aaf73
SHA512 ee7f26f6734f8743aafd7a41b647dd92330618f9014e88bdcb8fb3e1b90f7b6d6a3cf4df22171d7add5df0af8196e8ad68c85bcb71a4d75f1e31061a52055fea

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_sl.dll

MD5 10c0234687254950bb93f7c379c1da49
SHA1 45b21d2531ca4f8ed67767c3e813b3a5f51845d3
SHA256 0eaf7f8721f2b51d10ff36c1ef0bc7cd958b351a81a720e0b8908f93048fb88d
SHA512 1a6ea2cdc3b55618f8145ba957089f01c613e407797256fa540a7ac9723a216419463a07a0a99fdc62d827dccc5f6290f84e79b21e810ded9f990331e422d70d

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_sk.dll

MD5 59e7c6d09737f36d43dc66cf6550109b
SHA1 4bdc91ba8fc182ed213345e49b2806918cc03712
SHA256 99c406740386846de02fd0b8af6d63b1b6de586f0d3125846b904c8b2f35ffef
SHA512 bbac8e066927efb40545e2d474dad921dca646407e2bb2360f6f7802e0cbfb71c4b60ae8eca6c13b49cbe469141a301194cc43cb12464e1e826c56ba0a04e4cd

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ru.dll

MD5 6534fdfc9541218c0cc45450ff5cf322
SHA1 e34f0094597907895db8e5460a2177231c4e3c82
SHA256 08fb286a2823fef7a25b8359beef81f6f1ba65de7a9e76ca598612a981e3bc8e
SHA512 4c86efbab153ef7fd06f5283737f1859cf6f10dc3f64d36684ab0cd81d3eb5b2a7ac2fbe6c1ef2f21c3eceb67694560894e162e57dfa1e177a64d67cd8537e52

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_te.dll

MD5 456e12d968e0e77270173ef937915c3c
SHA1 0daf03d2c505467fdec7b5bdfbe3699554892164
SHA256 c5c9ac04b400b67c6cfdf2ee9c21901df239a00cabd402e59af0a00d4efb0173
SHA512 aa3a63145ee88d266e8b57202d01e934aa79b14c6cff6dc1381b1c526a3f890ef6ea2917da7af1acdd04785341b025fea3709e636c9d36745e644cc2abf5a1e7

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_uk.dll

MD5 af3f42cbb576430ddd211c4a1fa1d5a9
SHA1 69149b4a0ee61c2250bd1a758fa7aa7c281a6178
SHA256 4d72aad9545ab5eb6a89e3690675abf9007caa376d9da6b0c8cb5c704ba9407d
SHA512 903007ff6e99201d38cf4b9ecc54df9f1de67dc58cbcc6277cede1be2fe8ebb508d6a37dd4fd98d64e9a2616625544ae1302daf335c2454c4a56c7cb4d18dd1a

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_tr.dll

MD5 e05348222ebc21d3d1b4aed180a62566
SHA1 851394ae7d9c9fb85979b7d0f660a415004def0a
SHA256 531415cbe8c0753227934e926446872416e1593bd653826aa29bea9e6f5ac668
SHA512 055a1ae42f5cd9229884efbea235085326b1b8904c4c28c5096430bc528a19ac29d450740a76d5c2bfd69d67a7e78958343fbaab575b80ac495b3e373ef26502

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_th.dll

MD5 21e645b6564a4bff088abcdb94f7b4ba
SHA1 db9966ea497a9c5532172f8cb70d037fe2daa13c
SHA256 08e643f88d1df3f681824923eea75f7dddee55d6ab62dceb5a812c05ce8c753d
SHA512 81d7b60b211230c9af1cf4b016e80092e3e765cb40e775992c850495ce8e4f9886f190a507650f26f092a468533fec03b01ac3837d94282e75380602b9db5e78

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_ur.dll

MD5 3c9da7f71844beb6dd85f8d77172b908
SHA1 d54ca9cd4187dd7c165f549e34ed577f6b4b8315
SHA256 5c95d80d684e8a886dfbbcfb54f2ef4ad6c26ff0e17c6ccfec2d8373bbc32a18
SHA512 ccd2b2eb17a25c95e8596600cdc629ee26780d014788db8a526df058832aff7ebb2bb3273e5c0c9642d5949e78ae5a9f89640aa3c8807fa106338b459c9ebcd1

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_vi.dll

MD5 154b7a3dc9ae005e0d502e2d02b3473d
SHA1 03ee0b94992a6edce78abace71c9f4efeafb7c97
SHA256 a9d43ae666670ecd93a16e131f402ec40067e44657a0bbc5136b152ad4706804
SHA512 823246acb4205a60610b5fc09f54f758a70bc1596e118e323a1fa5092621094145cd5ea75a22cddb944bdd7cd3a93d87b88ea887b1455ebf028eb6b9d0c1fc13

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_zh-TW.dll

MD5 64674d06ca9f8888a62b75df12950cc2
SHA1 4518365ce4270295271f6dfde6ed452e0f67b855
SHA256 2b6ae6a1b6f89ee717acb32ef44d229d7cf4ca24dc383d4a078f004b3434662b
SHA512 0824ecf6da9f1a822ab646e47454442b13365f2a45792dce5e68269d9d31ca32315cfca11447ffae1f17293231896db36bfd35fde6a644e674ad247f0aed9887

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\goopdateres_zh-CN.dll

MD5 3238536195c72141bf60ee15ce6413dd
SHA1 5d89916a8f72b9836e3e2e1eb93077b515a231e9
SHA256 5c0e33d4cbda0d878a48c51a7286e6ce3884ef0aa06ce4fc306b888d3e8f07f4
SHA512 78fcc97db95b720e1ce7fa24ec9820d784a8013f791837629021176f8ae416775ed8a25b3afbce33fc18b29de5375f3ea2818a5a345ba0ad87bc71dfb72cbe0c

C:\Program Files (x86)\Google\Temp\GUM4BEE.tmp\psuser.dll

MD5 d7770594fa82330b50573fdd8a2ccf3d
SHA1 5a64fa8671ab64a2e974637917b987d001b4edaf
SHA256 350339acf9b3ca3055823c67ab568390d54c35da4692e33c3a7e62fbc7c4b9a9
SHA512 cc2d672f15c5674b2de8024e204d533ef9347dd635633074bf8c38a96209355b5a10d14706677060b01d5e329fc465259e8996587a0a2ea7f2ff7c7b5dbdd64a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\6f93eb92-7016-423a-b09a-6b767fadd07e

MD5 1fa544eb9f673bd5a4119a0c8026312f
SHA1 11b6c0dd2ea35cbf1fa70fe46d2c2c515dc9cf02
SHA256 e70d03d1926eef41e122e7057d51eee3503db97af047df26e06b11bd436e0954
SHA512 3cd9e2ddcdcbd5b10eb38335265b930ad5d928e5d0c4109d53ef9b3dd6360cc1a825104ff02c3b15f200e89200c6ff3f7c3bdb83bc1ac0ca44f2c6490e7035c0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\3007f386-f7ce-4882-9e9d-0712eeeab357

MD5 12b19bb74e99bac9728966a6ccecb02e
SHA1 2da9447d27c7eeeb92543cec5bb58c9a0051346f
SHA256 ce0ada01e20662eef712dd592e30993b0883c99ce910fc267bee4f538b8cc55b
SHA512 bbe658a6d44ca04c11ad5c0428d9061b6217cca09d8126035e68df1e964fea0dae503594449b81445a134c74a669676ac3435c63d46ddfd5bb3e50ec0c19bc95

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

MD5 0621834f1bf4c2bb52d983ea6b345fb7
SHA1 15f31ebcc1c6a122ba80dc2f506c33c3efde0efb
SHA256 5c3e65b9a75e1a6e1ebef53a3db9b65ba62d5238618a1e3456daaae532a13ebe
SHA512 13e660afbb4fbeafdee69a600043d45c44af82a859b42555aa0d60535bbcffa0b4a968aac3bcba395d432e98ed6951db63070065fb1ac11b7cc1bce4a49931ff

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

MD5 15039102154f8398f53bfc4fbfa899a1
SHA1 64c1ab469837f222f39ab10938386374d20fc57e
SHA256 8019a1370ccd2b009cc2560bb4024aa156ac2193a63d35b51900ad4fcee6802c
SHA512 84a47f31d57811a582e8ceb578595e42a101b250485bed2dd6eef8106e793bf75a78b2bea9d14a800b617ac532079bb1a7b6d136826f17511841b1351f715bae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 b0e75fb3b13a46f22776ca46b02a34e3
SHA1 e91333679de73ee7588d04f7c27632e4e473280e
SHA256 befe605e642bf765e61f6922934c0ee88986f2f2d9593f29c26f19d80bb78525
SHA512 d56131f049a1525228b84a3ac6b8cdf1fb5fb08f01c597744237b5d30a13ec9086df20a8dd94845ce846e2fbc407f95e61d266e86c71cec0d5a1d0936fc5b1c6

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

MD5 ad70a99f39035ef737ee299049970cb5
SHA1 9a887f2b0f1f953afdd2bc5a1b596a0e836f9578
SHA256 4c31586125fd18a4b03d6de02c7a8a67d8b99101e8aebe64b437471cba647598
SHA512 4deb69f2642f1b41cbe7c1501cceb275cb1c1ded14550d07c5df16f8036419043a61521fbc823e54598f6dc974c4a444be28bb2e0b2c13c23a5ef983291eae69

C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\123.0.6312.86\123.0.6312.86_chrome_installer.exe

MD5 cf7363da5431f60f4d16343397bae27b
SHA1 6ae8affdef84ee944c11f37fa6d69c6cb19966f9
SHA256 937ed20bc122442ab688121c3be44bf194b3656ca7884df3069ff86b9b5c26ba
SHA512 ac7c468993ca7a5357650769713a31f6ecdea2acb2cfce51084ee897729d5faa660e71e9065a3b420f4af13ec1f54172440d7daf6aa81995602acc6e1388781c

C:\Program Files\Google\Chrome\Application\123.0.6312.86\Installer\setup.exe

MD5 8a6ee9ca5524a87632a6cf4cb17c2aae
SHA1 383a22571cccdc4f7e938eb622a8571852ed6a33
SHA256 caa1b794f0755cad26c62c17c90c3a292bcc56f71371cf663a3a34f7de1556cb
SHA512 064c47004934edba52f0e48fbfef3548f45b63e680e7989321c740ce15a10dbfb482e020af9cc4db7cfc4e27af8ca7ceaab6e1a79c2cb071f314cf8f222f2a8f

C:\Program Files\Google\Chrome\Application\SetupMetrics\20240329164707.pma

MD5 c4cfbe535ad066a3a1450eccbd5c7f85
SHA1 ba497954709f5df12a4898a30ffd003ea46f747f
SHA256 f30a4615be20bfd8511a2dc586ab52561fafc062b42bbf59bd27007cdaeae54a
SHA512 5fa5a94dab1b5e6da7b29e113008bb2e6a75c3abcfb9593f3e25efdc415eedbfbf8933e41b8abc9371b765acde6147b5949a2aedaa52569dc63cceee1d703b7e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 9679d138633ca9dd32ae24441ce438b0
SHA1 c7b109fe0baac5489bde724982bf502b7e63d317
SHA256 2b5617afe03e3c42b9b712f29fe88a81314c7a355c075f8a4c8cd6484d1d0908
SHA512 4c1205f846ece87f73a65141133fb0e590751d95ec8eea26a30ee890973bdec23743079625219d51e6baa6988164bdbe0c10f56998e4aaab6676fbf18524b147

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

MD5 d36b677501c41cf45dfa696adda8b056
SHA1 e39af659f7bf49b70922ce1604b2936b92f323ea
SHA256 431aea364db97eaff0774520ebeb10435fc75de6618b2792d0b7c2e041fb3f63
SHA512 c752c326ac9ab25ddebc26985461f0f91d21cf3f28c733316104e7eb6a32cf004d6b932f323edbdd881f08929c584a64d43fe726c51871f3cecc7201e849f14f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 da7d8e5f0f0ce137732f6d35e0d22db2
SHA1 288e5104ad42486fead2f5cc7cf0a5b52ad10c97
SHA256 ce70aab90fa1e8c4b4f4c8c5c052d40a4e8a8ff493b2d4c4a18fb5b4e29629a6
SHA512 516737e4526e52e8127f0556dfb1ae0963bf561e85a4b665331a0fbe2e9111c9500ed42bd7de7905b8f7d875e0327381aae143d5e0aff1729076b935d45f944f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

MD5 6ecdda05869abf02c63aeb297851bebe
SHA1 3ea5337054acf2f7a111e2a411110c67a6843199
SHA256 b7aae68156bac3f92f68688833f26834de3f7778ea11276d859719a456e4fb69
SHA512 66e877e417c1dbae7703f513e8fb1615ebde7be8b9b21bf7008b6beff79ca0387a36113715e02dd6e67d44c41cb670e30f50038b0845c311f81bc02d639b488a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.378723490592c0627ac18a287f9a9cb74970c3c6e10a177c322282bfc1d01e01

MD5 fc21c3084ece86a867515f4112126d22
SHA1 7ad412386eeda21136ab332edced98af075cccd2
SHA256 378723490592c0627ac18a287f9a9cb74970c3c6e10a177c322282bfc1d01e01
SHA512 37777d2f86d5586b5db02fe8df853814ff0b1fcf0141adb8cf0a42ce3c15c5da8f65de89e2deb8c13040302f95c6b0ff523a4288c5d38ff7977212aa011b1309

C:\Users\Admin\AppData\Local\Temp\scoped_dir3656_1503785134\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.75.4_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.75.4_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore.jsonlz4

MD5 106db1b131d85f77099a4a8769090f4a
SHA1 14bde5a821cf15615a608d98e184545260d16cd5
SHA256 2d237b4963b75a918e4533e8a68383939272bc4c38370bfda9c26cc5c14edb5b
SHA512 5b5825e70e26fff222924ca4477519537f6be47be67f297744003ea01fe212ff1e373d6a584961521117b2bdcb06eb927ca7360cea348134af030b2e32dcbc24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ff9d87ae9e5570c86095b99db2372335
SHA1 199621b32fce1b5bec49a293c649260714786349
SHA256 76afaeb16d5db15cf8e1c9c73bab21b225f58de0ff0451ad52ffc9ef76910be2
SHA512 40de3a7dd83b3ee241eba8a8611333bf2ee0172e4d7fb5dc66a07e17fd30605a10254b7dc69ad5e6336442508355b236483cbe6b79a11c3f073ed73885771471

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f05eaca681afbe8e531a77c73e2094d
SHA1 f1458348153108a1a4cb33b54c734089284798fa
SHA256 d307f7a8c4fa069e57379462342120901cea14f0c76eec71b49d553a87ef7c64
SHA512 9fcd943a3df59f0ff99f0c8599ec9a1867135ef0901ec7233f32d2c740dd85548b4f1e8afc9dc7bed987a1375be30148dc15da3095a552dd022c4456172b3445

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ce738186607187b218604a528d4820b8
SHA1 7ff8e76a154ef4f4cb9f7f59e70139a5562b88ad
SHA256 6d2c13c1b743d43abe5909144e9131acb61151b8458c5b0b141470c936aa53cd
SHA512 4b23a11df9003b8ae43a31373a8c2d2ee018f0aa6626f7ef5fe728cc88ccb9a8164b428a6ae91570330b1d284b48814d1cf7d019935c762643e02cff3cabc23c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 231263e1902489f0c049da2689bfdd50
SHA1 59f02321392dcd8ddbd316c4e8bec2f72591bf13
SHA256 6072e256755374dac283eff9c782ce52475e0904c3fa49086516f55bd8dd8052
SHA512 98095e66c02da8f4457baaa852f1707d2ae71a7421f2eeb2d9266fedd8908ed0ae64f3de83762dd619da974d0d754eb6a3e4ff02d23a492c0aaba325a90b2fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 cda68ffa26095220a82ae0a7eaea5f57
SHA1 e892d887688790ddd8f0594607b539fc6baa9e40
SHA256 f9db7dd5930be2a5c8b4f545a361d51ed9c38e56bd3957650a3f8dbdf9c547fb
SHA512 84c8b0a4f78d8f3797dedf13e833280e6b968b7aeb2c5479211f1ff0b0ba8d3c12e8ab71a89ed128387818e05e335e8b9280a49f1dc775bd090a6114644aaf62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 b82ca47ee5d42100e589bdd94e57936e
SHA1 0dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256 d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA512 58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d798c40314d5646df714a049abe5ebf
SHA1 f45131b8ae409b3dd2afc9ca65baaa4d2a897915
SHA256 cafa1e31ef631a91d91fa7af5c00d1f916e556d4ae2223f923c738266ad9f50f
SHA512 965caf433d3686f837001045aa7654ecbe016ced7b1de8179529c240f676cfc2be5132f3ca79e7ce2a69d4195a769afcc3dca0d1eb459dfbc8a5ca3dc45f5b9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e80966eae52081de593f753dd6945365
SHA1 7a9e49e7bc781df35df3b29b252da3ffa6ca3f2b
SHA256 7cf0ba893a6c18cdcf11c731ca0099f6594ab7281bd619c9e2a1300a73cfc78d
SHA512 ff7a436308f76b26a6e0aac45aeac4c586571956db34bcf790566fbff25e6d798ecb7de453e1860052257ae6c6ebddee0574aa11e0fe242735408cad76eb9eef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 908fa0b16fc3ce36ae238d6f0f556d07
SHA1 7526c9252d8f01ca08bafc1042be8dcadc0a2953
SHA256 14c72efb1dc63bf441a601d51f77d8a078297a1f68305d62946fd08eaf118ffd
SHA512 ce517c7a71626cc2912d6c327ff611fba6b4c772d3e1226e06c2f695bb64e3a43a9aeb6e2ec49588489a8199aa79dff51a8052bb1edb9db676dcefaa7a745e29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04ad5bbae8586a4529a4eee408ca3e51
SHA1 c4d71527b16347af214576782623c59c3d933292
SHA256 2e1a0b4e282277c700c28efee6f8f482a7da75e03dd08767e140b14e4fa42c59
SHA512 cf6c3d61e732c71ff7b1c83e553787585eef46db301bbe879011a6200595622a07892e79a76005de413dcce7a1c725b1a4d8a97bbe002fde472808ebf905a6c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 aad0da9ab3bce313c9d525b328fa6e28
SHA1 e80baf99548c226794a05a291e9a42e91706770f
SHA256 ada9c5ec7d0de52ca7d29357526e9ddef5219d77d0912ef85344cf482a71fd89
SHA512 bad01492c4f8fa77e970f432969469a3997fe0c1f0731029e276780bee5743a25662565f17a408c9de900b39674684f777e52d6abbcd32670d902e04b51bb191

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a00ffa2204706b6b7407095d3ee94bc
SHA1 582f9636e2bac55437661eac7b2123840316ea0a
SHA256 9d4823fc8590f4f7dc2040033e815b2d7ae4679417d1f1473948251856bafcdf
SHA512 cdae44ec032b0729b7e23a057fea2b8caed35876e079fab2a71b42c0cda246d4a8f3afae2ac482aaafd5bfc978ee7b231689a7df9404625047af9a24d2339de8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9df2dcca8b03fac16796c8f104112529
SHA1 ba5e3a1e5eef4697e1b862a8494ace3b7c284778
SHA256 a94c47c7dbdf7af874cefc8a3b1fefc401cfbc3d2c54532381b0cddbc95789ff
SHA512 011070d88b4a8bbab1e188f33911bf764f022199826fdca8666632678e8cf928fd9fa56d24aea3f4790f4360e5ae36e198e8c3cd484f5671cf2657434bb61bce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 175d93e5b0699a8338c63daf0c1247cd
SHA1 2ce076b693cf9badf991349347cc55caefaba800
SHA256 f76e3a89d1abd327a52591ea3a75e2891cc78515f7a1111fb975b6de46f0c179
SHA512 da8ebbbcb84165e7fa8a2caebb0513352a8640237cfa64658b69d59a378b662fd14ba5ebb5746146f3fa8b6bc7104dffc334823d9125255add82afee8931f960

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 68bb18e9a97842baa6dc7a95139f89d4
SHA1 2d8d0c244fef0a5f78af99f1308eae9fbe477941
SHA256 ee09d314235352118955c3b8d04fd6fb3af9ddfb207155851deef9ff1f844029
SHA512 4d9dfaff9f22f357c2c51a75277f37745cd34ea6c3a4b7cfd7fab90ee82cf784d797862728e2d2d142f8bbda9d7122289fa4de1850fcba8d8f06c2987a5991de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 544fb04bb29f0f5788fd4c3ed2ef5f1d
SHA1 4ddddf5dbbbff39f64f3edb3431d87fb8ffbfc7e
SHA256 50881237b8ccc8f979af498f643e7823da4a71a9054ca277a200ead8daa62699
SHA512 45cae9d9322663eac8596e6f502bbbc73d3abecdba4f579904d34ebfb673b11871dedde2c61a76631c4c36ae9d117d75d0820936304690cb6a7943029090c712

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cde1f2faa30857120d6d6e6a4764beab
SHA1 7419d851395069986a0b2cf95bf05e310937ebd3
SHA256 1ba7d49ba1a489ffa8e6896b4ef385890089f624f5da20a55600ff592dbc5175
SHA512 be036d0c289a08d52ab368f37bee2913c070405f5fcd696513dbef37a1fce0deb7d2c42bf940ab2a4129c08d39936aaf11c0ad6764a22de1e4d16fe5e4410352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f9d1f69987f133faa9654a6986e5b38b
SHA1 31dafa13dd5f531e03e9f36f9ecc1bd87730bffc
SHA256 95e2881ba42a4ea0838210021543a3fd8bd0a5a0e1f802164ac9719e463ec9cb
SHA512 3c2e683d8e85477219d2cc255c31c732467cf94b7bfc355a346ef98acae0a5e6feddbcab4471e1e94343db5376775edebba42973e7aba296543b2c7d23f097f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5928196bd7a504a67068f6dac2f9243a
SHA1 dbe27ea37754fb2844b3eea67ccb26a1d745bcf4
SHA256 7435259aa406b73b2dbe760d73cd05b0da97972d72234aa4dba5bf3b4d69b636
SHA512 fbe58417cc5c2d5034f3b1c7ea6a4c467b0de5ed6475cd3e17cab83cb746b8d023928ec7a09804882b821d1d35a6229b8b82b2bee7f2de235d57bacd27162958

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 21c4bc96e68e2a8dac6932a6293d066b
SHA1 b9914974397523e65f0f4d3739f31b133cf0b116
SHA256 265624bbba89c3696a30027af563b5008ebc519adef3c728846a54621af8698a
SHA512 6223efb7c02920f2bceb6f6b49a15fca2f894f68423aeb3d0057ef87bffade3dc018d33857250743f39c7aaa9769876d30afde014681f8ab04908895094b9025

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 963e199ddfc711dcbca48413d9be0cfa
SHA1 2ac53e4e5d286a59c8ef3c6198cb9d3977aa78f2
SHA256 8f926ff11fe359a48d1a25785c2bf249c2a1d9d9f8d358a2ddb75808da37e7a6
SHA512 8b3cc82295cefe9508a7fcfb4312d1f1ee2aa66f9521e0e65e41446cf130f6209728b614a59089afeee6068aa489c92e0936ceffd1456580c976f103ac16b2b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e86fd2eb5edf39e39a2fc7c7aa4cd0c
SHA1 25ba64d4d1d755d6185dbf6768a7dcc560535248
SHA256 b03309937525d6d43ec55d0b26ec478649fb02cd45bcf3901abfb08d84b87afa
SHA512 0be4e67d62e0a5ed83cec9743fb652cfb8dbc632e4c2f9374daca6ac5d6c872c1b5fa82027732788be05f22b5b1dbbf754c07717f951d17372f0e53422b4e1b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f8f96c64d2ec3db1a63b57498cb81055
SHA1 1af8155426c4a695a917f63064d9acb5fc6616e8
SHA256 30487fc11b26b601f6b24fef76162c8ae371bfce31d779d0162de4248f1c9727
SHA512 a91eb3babcd241a6b575164d9494465272190ba5cadb54a8a981130fcbfff44851fb372b1540bfa4b0fa3a99b989fe94d995bc5e2ddc944a98fc31ff9ca51ac2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b99486511c594c749e0061eedb73f147
SHA1 f23a793e87b6d596b2b418ef762d2ed536cd172e
SHA256 641bc2f4cfd103ccd9d1d438134e7e2faec2038aa58c9c235cd816dd76a723f7
SHA512 3265fff539fdd1112ca523eac1788a72c7b2949ab9a239142aed512a9f973da6d7590ef4e5a2e8ae3c81b0e7504bf0ee3b9dc36cce27ce36e7f9d7ea09e512f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f76ff83cc5340fc9e7763bb5ffbc3eec
SHA1 4469adef75c26689003be59397e9e46598d17376
SHA256 6dfbef9762e29ccf71153a9d4def11eb7df44a02a3328e8f7a051beafa650687
SHA512 e597576e87cffa9a83757239fadf2a1de29636553e57e906d65053b47ee7898dc9aec4cec1578c12edc68f3acc2ccfea4521fb1bcfc37284bb8bc82edfb0ef8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b434509320f811ec3f04f7391f14a812
SHA1 3dc4ef10bc8d974d469154cbcd5fcbf7b8e8f027
SHA256 bd00ca927b207d4adf9212b419b3ff50b6308a634c56a80000af1c3786f7d897
SHA512 a34ae65617d9bc7a96614bd9f003c3e4c25525dd8e9850507403117d70ae202fe5625157d9c51516d049ae1463f6937e5d5768b36ad3095b5e894f08cc8bc62f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63e6c7696fc96cf3ca9dead85f5dde77
SHA1 902d26ae1815e5275dacdc8b5e439322a921e9f0
SHA256 9612267de31b909d83428ef58694de5ba43bf8617d3a1064b4baa5f36b107f1d
SHA512 bd462c185eede97aa2460401d6cb1dfe650f1eccaf9debd48350a21b380eadea78f3322ee7edace86ffccc95e9315bf5e77fa89c0d1f8e668504accb64d34b51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e52b0b638d61c1707bb4f35723c7f4b1
SHA1 643a2a8539b3058e9374791abb4fcf2421547d05
SHA256 57742daf74b46717610c181574f1664371a3b0a2ccfc6cb3796b6cc1962cbbfb
SHA512 3844c69a35e63c6dedbfdcc99d119593fabbd083df15fa5c1527e6bc4dde8cf15c76d5f54f8d3312e06021d548f538ba8ed1459719a936a0544c052b6c3d8b05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ddf0c13f84659dc8180289c3cc7c420
SHA1 9db9f2068c74c45de2f9c52368fcdff63455996c
SHA256 48046e2ffe220a17a0816316aabc2dfd26615550a8e19e08ee1171983556d7a4
SHA512 6eb31d35162a2877777ce5633ea7d26ce88009ce0ab2099560fcf4f673cbdd5db65549b79c0a06b9f6968be419a52ad6aeb66202b00341e0b33303de2c01dccf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf58fb8ca7a6cb47c3f1962da43d80d7
SHA1 ee4fb25f8adc3a3facd528a1583ff205237b0961
SHA256 59155da030a67c1d6f8dbbd3e693ef384bac26daf4a76f85974dffebb8c0b638
SHA512 4703ccf8ae8656202e2ead314d0532225e1501b235dd9d68a59f03874603c8e9f46fea1c171411e1453e6bc25ed8e2905217db261a774c9e8644d19ef6dd5fe4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ac89226544c692415384c1da6c8d413
SHA1 77b49bef5c3bd9f1b4b9194b6229470354f74917
SHA256 6555483be99941860aa9e791c0dde7c70e996a3a2ff394e5f96bb34958d8730f
SHA512 0fac1a46a9bf58cfc95e35ad886af81cec5371ea8af88214f9720898d03ca77223b4d0c8a03134aac2ca7ba3631fd807ae7a86d61c27ece2dae531cc5e4bb74c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b72d91756df44660ced91ccca343ce64
SHA1 54dff94a2f1f27c2f13a5da15975904af3fae78f
SHA256 757f52a50b69d2398e9cc83b8300f5df41cbc3989704b33fb6108555c219f227
SHA512 b296be504b77255d0df8476d237f8e1a6bd1c73996411fa7b0d7509c39325fb5544c2e9988127b8ce685f84bafad4a77f5143e6668f94c46aef3af5156801b37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0d784fddc2405d54b267266399616ed5
SHA1 41afe3e0a3f593cc9844c3d3f1ce1b1c319fd3a9
SHA256 a8eb78cdf36acb47b7b8b8af0a51b61e0a5958a6515b6ecd296c930529f4572f
SHA512 3d68a0907cc94e6bac655a758cce9fdca8cd4f56a0dfb0abd9804f8b3bda04a2660557fea8eb6953490c02149b5d478d0c8b1a9ad6203e1f478e1bc784392387

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4d6e17218d9a99976d1a14c6f6944c96
SHA1 9e54a19d6c61d99ac8759c5f07b2f0d5faab447f
SHA256 32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93
SHA512 3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\520c34e4-d2bd-43c2-b693-b2416b535727.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3bb061709a61189859a447e330391926
SHA1 c4b737db612e2b290d17ec9dc96e74e73e16f7cc
SHA256 86a8a4de3dd036f18c4539fcd466747e4a541b967ff44ad610acee313f4111ce
SHA512 e71eea54ad98c0506e7ab83bf8ff40b3245fd381b816ff900e9b6eee281dc874aa80098de584f3cede5a23f435ec6ad097b57787ce1d8f7019d9a2339ccf27ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b4dbc96c1d9a1b14ee48e3f70c0c7045
SHA1 ee72672e1727c76d25588ed56dbdec0c7b85df95
SHA256 2531692e09a60a489b0c8a47d133a0f5d8b75e840c8d4fbb8f313e24e8afac78
SHA512 fcf64fe0ad90cc7adc09d4bffe646bf5616534b0c20d1e8beba279ee0822ce2a82612943cb011bca25d2d723329ed127712eea7aafaf8290be950976c4da3c33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50c2523bee6f1275f1d087a98bd17733
SHA1 94760ff6ecc776b3f790d31c57b9a5ac9c57318f
SHA256 614077d96e5e8325933daa6b47ce5219e88e0a1fb2feafbc45302eb60bbf5aa5
SHA512 0459fd78f58436c378894771a02e3b651e93f9f94126136216371189d47cf6edbff4ee486474b6be2524b834f6e25c0c7ffabee5cfdb04545d266d6d8269314d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 389c2fc59f76b5a6009720d4e34a08ef
SHA1 de5015b387f939450fa15150a26a056c8552ceb2
SHA256 ff3ad4c82a17e08ee0c25d75fa9e3455921843294aab1124c6401ffe0513afc9
SHA512 1ca8c35632de13608cc9a52ace15f3c7657696ffd31032944d9770220937b79824c0310a1e3282144bbd8f5caee2c7b5fc1028bff0345b4b60d96dbc013b5736

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29444ae95507a77bd0b81032d17d409f
SHA1 b23973fdbbb14b9a7d047d827e4007066f2ee3cf
SHA256 e39bce0d69f8332766d82f652e37276076c617372edc52ad47a2252b7af1ab24
SHA512 6a5a098cc739475929beecd2c84ca967736e2e2af734c79423b520ee6d52b8e96b75c4fdaea3ac71fd40537d0f5b58d5a8fb311cad793d62e8b622f23ffb5662

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7ad8fc3b7414db9f1c3f2dab345cc24
SHA1 a7ee35f63248bea18ea1cafb108f8fab5db5a84a
SHA256 0a01aba5b710eadf7b8611bcc9326aff5215665b7d8a1b057d4b38de5cb93c4f
SHA512 09e0dae9aa973cf97d713a5f5a8d8870a33328539c6327dcc4f63e80374f19c3be09d16d5ab865ebba3c5ef4c6e506ec1e35d4978c4dfe46b578ad4b6f290850

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 49468889111c2af6f146740eb4267455
SHA1 85d74f713847cc654fd6ea8c997b4bea36487e7d
SHA256 64624bb4bbca93f72bb8687159c3d8095fe2b0b2f618459ecc360694dde8ecfd
SHA512 f42235fecb459a2207b18b5b203bb4e7e791fc4d962c6a1939c742b86ce3358c79de33ffdacb628910f090650d04cf942575963fbc1e7ac0b4a2596505e1b038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e8e3efe84c3bfa99dc15d63cb8745689
SHA1 ae6d8a946ed096140595f8fa182c4ef9ba57da75
SHA256 d62fd7a2a1f882a99425e93907d437e0f06d7c14c77cf5cac7751a9f2c2a9510
SHA512 283026b8eed17da24ba46c5a38a0ea002ee80d30abcb9a4479343df50b9f372b948aac439a380b8b4f373a31e8cd2b0f488341a6c09398154261f3c59939b1e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b34f4123f0c6618bcff1fd7a0afab770
SHA1 acb858c330924c45f9bc44059517cff549d14aeb
SHA256 c49d50b49417953ce9beeae8744749a72c9b6131165090f15ee8fc1fcd9c382f
SHA512 a612b35551a0abd7799f6b0de30bad462d710d497f58a5c614f428554c6354f024e7e8e60691c123971c5826b901c97c35c3a722404829c2a185c93841ef4aeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8a9ee8c9d60e43d7ad219e4aa4195306
SHA1 129adcacdf385f6d9ad6cd5301847c9a4d624a40
SHA256 f41715333bcc2ddb89285a14163a065e6d7553cc9e50433fabd9b2d9654403f7
SHA512 034f6caf2310f6b2b7bbf58f3d301c89ed8e2fcf10dbe1b7b5699247566f4f3295891d822832b4cdeabe4a6bc14f370ac820bb7b9f4ac9dcb016e0c325094a18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3fd26f44-b1cc-4604-8471-34e8fe3c13db.tmp

MD5 7a71d209e9d8bb87b37fe3913228eaff
SHA1 f04bbccf2d6c06818bb9f3b268299a6f58172f3e
SHA256 4490b2ef7024a7f518ce89f6bfcc7a0db116a715c4879c7e4f3c0f7f915a313e
SHA512 7773f3598da2fe0afc7ffc15dcf75346d592051d17c324b1aebc94bd32c066fcb718f24eccaecb8f34acc64d516439c62a588567271d9435ca871c36b934579e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b8444c356e84ce7fa419e0b76f694bbd
SHA1 da559bf6cf8a0c48a904f844cec5279a0db041d4
SHA256 42c4bed036dd527be170616f34fbee4ea377858f72eb8794c1eb37e98373d7ad
SHA512 9cce07208aceff8ccaa67739898f217b37386d9c551e9f343a1eb27552d218fec2a96a31c6dff43afec37dfa0432babab357fb12ee0d43776d8eed9f15d1b634

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b364151290c4b65f479da65cee30e1c3
SHA1 59665a3567c01d7c7f148b5a89eb99d017a85b10
SHA256 4abdaa63fb121936d6373c7924bd61aa8e7f8c242010e9cfce87723fa7e7f894
SHA512 257e2f8f1c12ea80c33aff06f794070180f18667944f8326dde33647f25052a559a1103c58cf07cfc3aefe67211c295c306530f13562c8e910c5ed1f52b623aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4c460246cc8c485d5ebc72aa001cc339
SHA1 ef0beef144c00e5b372b474181159c13e0761f23
SHA256 dcc42bc8c573d60a779e44a3288b7b8f20893975af06a549b1e05fa816a2f03f
SHA512 b616e5d8c5a37765ae69f39e88c6e17b7b2ae82ad3f1d9e3714bc9fb62a878d4c01026d3c357033521534aa24e596621812b7100abcd1742a5646b388245affd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old

MD5 2c7948742ec33e800450e5c6f74f5aee
SHA1 26fdae2125d8975354cb19027bcbf33d7efa9170
SHA256 20a80b60845d9ebede0477ce385d0153d9b433c23cb6ad6fc5e1aa4687b9615b
SHA512 63de332dc6acbcd68e6be01a554b252dd28aa7879506c84d02fe62bb35da40915d33a0743f380656d4ddec2e1b36e65fcfc723fdb526a2072625e8cc90eff27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG.old~RFe5bf951.TMP

MD5 9e6b7e7bdf964521c8ee701ae6e58b38
SHA1 d09fe697887342384f670d197dbf84a2447d0bae
SHA256 b57d0ef7997b109d95eab80a335a74b0c0f51697af82fc9cc674b6c9231a809a
SHA512 ec88d381919d68afa447a452e8213da645c393edcc28a5702ba271f189c25de3167c2e75de9a9df4c724cbdf280d8c3dc6aa3e79fe0702dce27a32f4dc2e88c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.linkedin.com_0.indexeddb.leveldb\LOG

MD5 ef84ca6c710e1d9674d03a364b187311
SHA1 af5c41f0b503831ee9126672839cb79e5374ed46
SHA256 e4fd93f697132525546bca4d31c1b280ff788ffc39a5f11a670e0b50282459ca
SHA512 19757cee2e2bc805c9f0def7a1db604b6ce2a93008825abd4f73e065e6025bb49587a9a1b89ed2d51a7957d5e11b0c9bc84bb5ebc9291479673d0d2e996cd43d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 044464dd081fa677f63ea194db50ba11
SHA1 ef830820302a0df417e4b7d4a2931f28b7b5b576
SHA256 3d9465dbd9461db18185fba4d9b0fa16541e4f8c52eb91b3e7d257896acf6c71
SHA512 45fd289579b8576b52e549a38485e4671cfad9b40759a2b6c28af56d17f10e749e9da4f5465fa20293248ca717e12392b5e57cba766e802aa91ff6da6c06e77c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 a53afd82862597bf3e77217dfe54a08a
SHA1 edd093bb1045af613a0532f2f11fc58555f216ad
SHA256 331cdaecfe6edf6298be0768182971e615cae907962b4807b9de5c266a30b99d
SHA512 249a5e752855a60671473f06865ba1842f3ded77587bd18878e491aa554e7b9df9fa81c77d9c11bcf93ff79274162e1f0cc3b8c0bf43239bbc24df34b81f8434

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 a9d6247605a8638399e749628c8ef44f
SHA1 52a9cb6bf1506ca97498260290a661c4fc62c26d
SHA256 d73cf96853228156b85653b43413d6a43f543db4914417ef19d41999069484a3
SHA512 c2e728286d0f23ac66a1407356071b7c138be1550b300cc5d6b4f7b05d89720915de43f077c2c16055c3587d51ad27a628bef20c9188b8d08931df41d36b73d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0e061dc3015039f3db769dcdedfcee78
SHA1 90fd6e581f62687a7bf5d1b8c40938ded72176a9
SHA256 811b5d69c4de737110e3afc195cc84389060f86fc7772482230e111cda9894ff
SHA512 724924a0ce85949ba5330e4187b980a836b322cb64bc4cce1d5616ae17f14fe86b7e89dd5fda0cd059fe7b06a274e0d69c8b097b2a92e6b3f870eb6625f55b8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b17c2bcd-cfa6-4120-a803-5f4823bba3f9.tmp

MD5 41848275eb6abb41056e389a810d1a17
SHA1 30c48e59a05d92ec0b69265c2a6d0887fbeba921
SHA256 4068db147d23c32cc94e8182b983f2b0c3305a01a6db082c152a99cc173b6160
SHA512 eecd20e614b32c1b43c5e516d795d454d04511ef2f7128faf6a5647a85400e0c6c545627baed549f098272eabd13ad58159349cae506882878d477730acc1213

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c6f4980be59ae3af9dac722a14697926
SHA1 44e1f7deb499b26c2f71db44948a413eeb587796
SHA256 897f8a99aea8e2f1c6e6fe82181af711c12cbd15b302e40266249b6c5a5d2daa
SHA512 2b4a8ad4b9300271cb099aed65b83c5337dc59206dd5698628dff9ca6da7adbc453b99366d20e0c74407090df3fe1de12db8097b5e31699ad03d5ed4c3267b0f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 42668325fb36ed681688fd4bee33558d
SHA1 04406e578604664b255eeec9111246365f1a4fe7
SHA256 0d34ab632750d69df71a43242a3619945c7299dc31b7802e142733d0a7406062
SHA512 4fddc1a1afb953adca8fe0ddd92d4f52dd52a190d3d51e128aabbb84955a1343ff1af6a12ba8fb2605bd8a7f83ee6fa3f8a665f6f314d5f3b165babf2b9d6291

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99ad2a0af9c5ab0418e62286210faec7
SHA1 2d8f075297074780e5c8caa39357cb0646f4f0d3
SHA256 4d8dc71a44fd7bd3f5373747771cd799181eca5c6770b9df95a81c51f05ee7cb
SHA512 8b06d218258051b9a244418bad7f8225762db9084362f191c4fc0d6605b71a386edeb70205c550fa82d4009a9326faa34e7d5e7f203e83fcffadecb988f0ffe9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 51ebed95b891782bb041a398022922ee
SHA1 6f63baf04ee5e9240e58fa345709773d0c4a0893
SHA256 07007ceb81277c43c3934b9b556b1c3818f78e9efbe713852271d743ab7b962b
SHA512 89e5758e6532aed7e3c399eeb3bf12aeeb1deb2d77651fd791aaca1b65e7381f23faa04a70e1f21b77647be6c0de1b36d74ed966b8e20781dd7fe28db49641c2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 abaa455a826e40be5364c1682283494e
SHA1 7a9a3e881ae3902fc09ec08ad286d6c7d4018c1a
SHA256 85a76c888698a4d6286c33e5291b07358077f77f1d03e9ba73b0c87742cdd064
SHA512 c02ebd274da851242653b986f853457f959ab91abd6330c838a6749bf3bfccb6314a951af9ed44bd2ee34099ef0120400c69a1299e4c8dbc9663f7b8189b8609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 75e4bf17baeb54eb5f255e80e3244830
SHA1 79efdeb4ad7a0328dc9484a4b998574ad7d3bc9a
SHA256 fc23ba20ead256f98eb277f9ead8a575dce5782e450d3d7f995bfd281cbd1dba
SHA512 6af80927f0fd718797ddc67b5a51d96bd759aec67f5f68bb57f0a7dd21457ec7192bf3dab7471e6151ec0ef5adc521ec419dd2a16d66f4eb243bc2aa3a470d6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 31fce54872049f0d9055a5fa737a68af
SHA1 491d6e4f59f048a4e43df76a51209765a0ae1a30
SHA256 130819c6c52170ca5d327fdb0a4c0b0ecadfef1bfdf7bc85fab84d5a11ec83db
SHA512 6d4f7409938b85ce0c49c49c33d036b961b68794075a836fc6a490e42aa711e1494a976e852a617f5abda68490c88e82967b5572cf6fbc4c6f8dcbc2d743eda1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 74f586f9591478f15f28c8e44b62b81d
SHA1 22d69d32eb4e1db6e9cd44fc78d019520f13ed47
SHA256 6f58e107f4edf650fcc964b4371d9b713fc67ce55549f337875d64dc27a183a8
SHA512 0f987cfce172026c6cf3492ebd7e847d374a4af821258839beb5e56c1b353f02cc3aa2169fd36670e3aa83c55cec47e216f5a02df3d5d4ce32644217624db3c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 e3b7c1f55a368984a5ba8cba843ed6b7
SHA1 3362755d9f77b6eb0801ea9b3301a24ee63fb22d
SHA256 7bd1a844aaf30cf44b61e3e9266a2db03f61dad8c851d78b170df9034ceecce5
SHA512 64b0d6689a59da5bf40762169b925eb0dc0d47d0f60c8a83c3cb3696af2c036eba4fb7336e77b99509d9c80ec3b942649c62950c179185ebcbaa132804bb133c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0dad65bd817adc3a9463086d9ea5a03b
SHA1 aaa83e6c48446f0b4921a37ef682933216deaddd
SHA256 dee00d2a1911ceaa3d521ca9abe9d6aba02fab612daeb1b2b233c5d34b9351d1
SHA512 dad9ab5600c2138c0ee167e95ccdbe8bc407544d3f3be05b611a973feeef7b28c48f9f075779f7e671b78f06e58fda5215d218800623c722f0e274820d8d3cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e9552c1c3eb1328a4cbfa7e13a887136
SHA1 a61555cc7b7287b0e0d16f0b62cd526b9d43615a
SHA256 c20c01a6e1768ce9dbc0da04882809fa8f60fd2989a36c309d70d706ca3d7d44
SHA512 3b19421439e5b83308db29232f829ce01667ab5db70a3bd29821530f4f0f98b6891ca6cf7701f3ac660f86cca80a6cfb5e7ade2e950d5986165f21dbf96eb8f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 37353e2c22dd1a6c5dc5040e753bc815
SHA1 3c50f92cc23f25b12759cec50edaf116a78318e4
SHA256 6f3a8292650ca0d2b48b677c064b6096780f8d763bda41cf4a730ddddcf711b1
SHA512 ebc5c76175d75dd2b767faf32339101ed70e18a715f6713e63a3d3590fd0db3b1beacf5e08a2a59186d8cfae0ddd25b50f238cd0ed3fed240a7230833151dfda

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 8ebb570c730114a232bb70e2cd0cfc5c
SHA1 77cd9b05a676018370ae5c9ed8a2820313f63087
SHA256 9ea3993e40a5c9ff52924314263138cf8ac4b358c43b4372204b2be2a81ab9ad
SHA512 8342422f9498e421ea0b85d5b7cac4bc0481e9fd3473998f3e417d12901967c6b9550bef8358ff2b71c3a631070ec04ca6d32365d160e8f5a4c4327b1f1bf5cf

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 a410c0cac2b14bb30f45d166a036e3d9
SHA1 92fcd86c0aa793c6df8c301dc0485af3eda8de6d
SHA256 ef24123415e61dbfc2424fc146136bdf98872ff09f96161e8411526d60fd14f0
SHA512 1756001f7da63a604c6bda149b4a9ef2cb95d9baf690e425f5e38f9250894bd47a4495a664c34b7262de0c3bd1a2dc198519953e7a44240ff98871314632f1a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 02d24e184676f322c539d4ddf20abdc1
SHA1 67b2dc17e580ccb72fb79b527acc7fe2c5c7dde2
SHA256 d6ebee04602978ead1510c5bbb875727a99f9f259b3dd6d6dcb86387594f0d0a
SHA512 80d403b6eb0b2e4976cf762b5ce4cf18855796c1b74b94fd9e75fd3c12e76dc64b98e0c0c2cb5103853e5408a3afdf92badd4c32a86f109ee80b07894c6076b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ce163f9fe3fdad159e164131d102ddf6
SHA1 cd7e3b5fdc6f5bc6c6047f6ff35e439fc89a1814
SHA256 86c11b003794160921231c116d8c30936f9e7fa6bc6c0073ca8393bae5777223
SHA512 7a820a09802f7459377049d91168857463dab77225cb4a7d1ed82ee7f299363f8f3bb51d5e38af1f71e197aaa5c9b96fa79c19abdfdaca3bddeeafcdd2ab9cd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 039a5b5a06c4367293864da0175b617e
SHA1 2ecc88c6147de43f627fe563492ad13759c2306f
SHA256 bdcea4c08d07d575c779b234c398a9dbd1a22c4a73ea30a89b4b470a0cf809b2
SHA512 68ccff13774a7ebf6f739b4906304fa43efe7d6832d160457bc756bf37847c942a10f6355ce6fc31831d941cfd4346068ffac5a3c96c310e6a65c2f84a39768e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7700027ea6cd70ecf55e42af252d0dd6
SHA1 0a38b11d6ffe7b8199d4e18f9067d6a539c3cf0e
SHA256 6ab90c2cae20889bd02f29d2bc161469c34fa2e6ab6e4013dfd30a902289634f
SHA512 0cd342372edcb80f962451f6fe74b36b60878eec0fed58172875db1acef5be1341ca44b6d57b1b871a653931f072c44fc0bd409426db853a9a9db7b82591b41e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 88f39fc4abb4651408656ce4dfb66b8e
SHA1 a0eb3e63e165745de5406e947f0c2b8bd328231a
SHA256 4649bfc2c8bfa0b4d5a529cdec84c0e58e2b15e9edb0e45295c2ae72a36ce746
SHA512 a1cadb0205c86d39bc4c9638afb2106c77082095081eed2dac69873f11d167b4820c9df48d8017719489474206cb06953ce6cd61eb21cf765eb13372863b5c17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c3fcd52d2c00c26c0fd4ef2b8d50fbb
SHA1 a7dbf2810acdccca6f413309d9a22636c97fda8f
SHA256 e77d705599f05881467226452c7178c3fd153ba98dc80b7e0c841f12eec4f02d
SHA512 78601e1272d491bf74cb81d1857634183c28bc598223ebf12376e4c0c5d715817a39d927381b0011a0f84c0a8fb08233ce0da2196286cd0bd541f5c7f5d98fe7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0c68d931cf3b88a7e3ab6fde076a56d4
SHA1 5a4fe5b0035d0707cf140b09eb23dc6c3d354b55
SHA256 91d917706f20a63f5a88ccf80074521cc0ca6faebd6f8349080973e8ed570f68
SHA512 837a79f19f669dfd2ae72b3a445cdb6a81e71f3ef7bcc8c7255336981bb94a4214712d506a707dcc72755cf016380713fe4ac91f6056f0c9770349516eb2393b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5d41fd.TMP

MD5 7fa40792b0727cb20eb0dc3940be51ff
SHA1 ad2c1d83424c8322f50435773d796c05781ef5c7
SHA256 25f9f0da398c485ce3b4126ea4662212783bbc900795e2c0311cc928fb719277
SHA512 d732fe3354e15a39e38df210f54de75c7def1aafbcbd842701552351007b2f75abe6567017cedd4a33492da11b81fc9564d60a9864b5739b3d92e1b9c89e7587

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d3137daec30f9d444dca04ea2b6b2778
SHA1 87d778f909b9b6aba234196ed0cf9bd68b145f90
SHA256 b48b84d3ad6b5a9ab196cdc08b1d7306fcdb9046144f6855242a1b7a1941b6f7
SHA512 ddf7bdd4abb67c45d8b2ea77837455c07270c73c13c420598b01835e6fe34e468afb2bf923835d16ab47f37bb4ff0a803674f39ecfd4f75ce6076fe40a096ba5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 88c6932729fbd9305b6717c0d3814bf8
SHA1 9b94089d5f2b5a0e8a38b6d036d9d516346fbf97
SHA256 ae19f0717f1d68da25a717f670e08cd4266979e03c6bbff051a3fd06fd8a3b9b
SHA512 6ee71e36fee6973874d76d9d4813f2ecc5f304e7595b12702439da0ec926ec800765435c0916d5de25c9e1beb81b29aeedcc5f11ebdd3bc202bec1d1c0960aef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd4d3a6f9d569a20a4767df4db1ffe84
SHA1 beb852c34014d505c85d741bcf008fef078dd890
SHA256 390ae928189f39a04b0049d96f16c8272c5f047c4126b123dd14e6775c81dd4e
SHA512 f4e90e5afa69ce5e307205d7b7e5bbb966f822edbbc0cf28202439d2873539111975a589e4ef5c396f60b87d841c503695febe843d306889f9d5f014b5b07a60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1a574702a72a122927fda1a78105ae04
SHA1 34f1e4ea93329a3f18fda830e49f96ab53373e36
SHA256 90b5d9eae6c049033443a30b2059cc3a24f28abc1f5c92e983a890c746a93fbe
SHA512 ef8c27702d4cdb50d118fec9537f4e48329ade2e31435fd17d01ace09e06b9719aef8b2b05fee76788ad9ac482ad79916f443492bfb268d4f10cd2be97884136

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5ce8d3a9ada3315205f7a8e22d561341
SHA1 6fa591fe4cda5d8cbb34c1e27fe7497dd049d5f4
SHA256 e50f0ee2c85d82b7879e91b3cbbc993d3eff9dfc1da97efdc5e8a8c9362c54ab
SHA512 511ce5419465517c9fed98259c34f40d941c857f5a98cff6c07c67331dd005b03fda6b4f368f3fa4ca64d436fec054caf6f86e84008da084fa56f668ebc0c651

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Programs\Launcher\chrome_100_percent.pak

MD5 d31f3439e2a3f7bee4ddd26f46a2b83f
SHA1 c5a26f86eb119ae364c5bf707bebed7e871fc214
SHA256 9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e
SHA512 aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\chrome_200_percent.pak

MD5 5604b67e3f03ab2741f910a250c91137
SHA1 a4bb15ac7914c22575f1051a29c448f215fe027f
SHA256 1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c
SHA512 5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\d3dcompiler_47.dll

MD5 cb9807f6cf55ad799e920b7e0f97df99
SHA1 bb76012ded5acd103adad49436612d073d159b29
SHA256 5653bc7b0e2701561464ef36602ff6171c96bffe96e4c3597359cd7addcba88a
SHA512 f7c65bae4ede13616330ae46a197ebad106920dce6a31fd5a658da29ed1473234ca9e2b39cc9833ff903fb6b52ff19e39e6397fac02f005823ed366ca7a34f62

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\ffmpeg.dll

MD5 e3ab6f226a9189a456d53dd700f5d503
SHA1 0d3f467e9f36a404eb10b318c758edaf02305e26
SHA256 16070fc0fc3ae0d3d5872e5bd2194d883a1d91cf021e1fcb708c785a348c1a80
SHA512 b1d5b362489b5d26037c035c8b1e9bac24a4555b64371b41f8549ab70d5d591589ba154e163ec84d4b4b4435903db32f7ffe0f720f5e6d01b7656ed03f6757d0

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\icudtl.dat

MD5 76bef9b8bb32e1e54fe1054c97b84a10
SHA1 05dfea2a3afeda799ab01bb7fbce628cacd596f4
SHA256 97b978a19edd4746e9a44d9a44bb4bc519e127a203c247837ec0922f573449e3
SHA512 7330df8129e7a0b7b3655498b2593321595ec29445ea193c8f473c593590f5701eb7125ff6e5cde970c54765f9565fa51c2c54af6e2127f582ab45efa7a3a0f6

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\Launcher.exe

MD5 33dee28d0767978ef8992f75f68ce357
SHA1 324767b5c079431ad93de3bde16204179db822bb
SHA256 e31a94c634ce566b317b4ec6d286a6f94ac2dd4fcb3d9e3466922715544390d4
SHA512 c8e11d32075815d30f7c04425f0175ed3be78c3339987dcafd5cdd75b99992dfd0e352b12a3a0fff8b4c1c225ed1c5a92cb85653d88f0e7f5de1783a2432dff8

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\vulkan-1.dll

MD5 c286e1191c5b91130b6d16e23cbd44f3
SHA1 8231664efdf30b07ff0dbc6b6f4e4d46ec574de0
SHA256 8d4b92d08f42bfe9d30362b9cf671fd6ae3166ade44f94de17dfc531393b66cd
SHA512 5cd07f2edec7bbe8684ea291a9d1dd3709f6a25c55fda3d92938eaf9c3b047ec481e3e7f3fc64973f6833422ab5880f1318a15afa666e2dd207763c7d3822bbd

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\cs.pak

MD5 ff919631102a3a9ec635b3080b63e305
SHA1 e43b117ad5b2d5b373321ab0ae63dd4bc1352a89
SHA256 1b8c3add009028eb567b0094759daff29b7861e11d5a9d864071012200e9735a
SHA512 21833774413cc71ba9c0c592504ae6288e3c8ac4e5d1d62768f4b3eca09e90009abec5e8fadcb4e7d63b99a522ae48fd608aad432eb4165ec7021c8888ad7df1

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\el.pak

MD5 8025eb8756d4bf3126d83c9078935520
SHA1 78895218a90680fe223af0b003c195da84902e1f
SHA256 e42aeaea80dabe82657983a462e4cd3ec74f71d4f08a689f5825f55fc02f3141
SHA512 f99f47e54583b60857a31648b985216713725496d8653ca04eb1d6634f2b7f7a1f9f70b8a7938529bfc6c8665360da5e6bfb6b68c314c011fef4a9817010c42b

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\de.pak

MD5 8569900305a5661573f7766b93909f16
SHA1 3529376f54e32c17447b065d08c77314c4db2ec8
SHA256 068ba3e34e7f253fad7dc526b1078aaa969bea044d48171925534598aa8becb3
SHA512 d544febbe20a9bc5cf31f79f7ef74c1a742cccc99136e9828187c9a643bd0317c7cc48706346ee1a3c9eda8984be9c8606e9dfa7a6ce2cff49db2d785c2aa1c3

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\da.pak

MD5 4bccba46add5ebaf6efd4ade3c42aed9
SHA1 e48dcc2de930bbf0ea8ee7b735ead321dadb5be8
SHA256 2497368658a988e4eb3f64cd17423ea04e7555b104d43c8996c0ecbbfed5f74d
SHA512 e2059e2a7f80353981eef6982a7da006fa3753aeba9aca5279eef71aa2fa4b7adbf9cbb17c85b8060359f9e871b1a5c665226f8d3b8a6fe49f908fd44e1b46bd

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ca.pak

MD5 0312c87b6436e733a037bfb3084f7550
SHA1 e3f30b8f3bfc8ddbf4b8f85f845733ed5ac8c632
SHA256 b6c895fbca90c36ae2cfefefda989922162a2cc259603fbca066f0cfbf43c4ff
SHA512 24b7780211b9dcaf7cbe3915851c7b873562e0cff022c29ca1b4e159b9da152b517305f81dd33712a0224fc3b77e594405e432fe5eecf29b7a4f83f441d6905e

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\bn.pak

MD5 fac2c752c57175a4b1f4630e3667123e
SHA1 a2dbcf1dd7b3cac499b9f782c7393ab438039584
SHA256 71f99a67bb310fab8068eeed7ce24ea7624a66051ba4e719d051cc7e67e78001
SHA512 4820704bd92dfb60736da5b84c8bc9135fca484c678585ec9d26dcb90632e382f354d03b539599f4816feb027dd285ff06ed8a520bede56d7a1c590d942e4250

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\bg.pak

MD5 9dc95c3b9b47cc9fe5a34b2aab2d4d01
SHA1 bc19494d160e4af6abd0a10c5adbc8114d50a714
SHA256 fc4a59ea60d04b224765be4916090e97ed8ddda6b136a92a3827ed0fcc64bb0e
SHA512 a05a506a13ac4566ecbfe7961ace091295967ea4e72a2865e647b5fa9adac9f7cf5e80b53fae0e3917dfb0b9a3f469189cd595cc4ae9239d3a849f5cedd60e46

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ar.pak

MD5 b2a23f285858db5e3e53d6a5d5291623
SHA1 674adfeb57075f86f40ff4b14916c3af29695813
SHA256 7ab39416b60ee342ff2874aaa7b9b95b290828807b1395192cdbd29ee1be15e8
SHA512 92c9b31f82f62b15eed3edaf437412cb630e8deb2226ad162d7cb4c252d8cb7f0453b3121a846ffcb1547570e2eadb04cfd3877ab120496a7fefb47a6d96cba0

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\am.pak

MD5 a2a17bdd83467a027505bc817d1ac028
SHA1 cc1266a22606a1055db9653b82e90c9d1f551d44
SHA256 f92b0299185d963337e96df1016e1cf5ca335e22ff86568c1a6507c3fea29094
SHA512 193c5db0a30a3c8ef5e8c821cafb9d0b5671b7e7821748c7b432e927bd4638ecf5bfc1d99721ce89fb3df4f6f23b5e55d753430e8ef2bedd1e1633e613321028

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\af.pak

MD5 198092a7a82efced4d59715bd3e41703
SHA1 ac3cdfba133330fce825816b2f9579ac240dc176
SHA256 d63222c4a20fa9741f5262634cf9751f22fbb4fcd9d3138d7c8d49e0efb57fba
SHA512 590dcc02bc3411fa585321a09f2033ca1839dd67b083622be412d60683c2c086aac81a27bc56029101f6158515cc6ae4def39d3f246b7499b30d02690904af0d

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\vk_swiftshader_icd.json

MD5 8642dd3a87e2de6e991fae08458e302b
SHA1 9c06735c31cec00600fd763a92f8112d085bd12a
SHA256 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9
SHA512 f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\vk_swiftshader.dll

MD5 3a8600d95c9c163940f05e60a69eb457
SHA1 cce71f6a5490b48eaeb272cbf55792819fb2050b
SHA256 3477f8305c88838f894f0a304b8d2013542e9379f0310d398cd6a267e854e9af
SHA512 492a02352546065108c200b41026c711e09a32d3aa26e5356856d081bc1192445d7b98f789b6856b02217e84d8b3baa3288e3b9e359e59af6d0c7dcdd1888cf5

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\v8_context_snapshot.bin

MD5 031ea03da08fe1247280cfe781658791
SHA1 e91db50ad16b5a5fbbaf4118672d60b347ea6161
SHA256 c16dcec41919a6d2850214f2275824be8a97d8c5e694e2ec8dd7d16ab2d5015c
SHA512 b3d6f282761f8ab8760728ecb108f64741f6f3cd2a143813042ff63a3b6604fcfe7c1feabafb65f9f67906217edb5851f44605a34f7a50ed2058c25ce5efb30a

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\snapshot_blob.bin

MD5 b82ff216a0babf602940759b9a3af870
SHA1 07e8a22dcf8d7be04a6ddbcab3098e040494bb0e
SHA256 943b27009d41801c5a649caf680e32d4dd25de002787a4ccd86b0925b3aac3a5
SHA512 da157570afbab7be135f7749df7f4518df1452ea24f98d8f5189430e732ad06ed438afc701cb70451bbc7137b5f35a0c5957df92ecb40d47d54c1071ea79fba1

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\resources.pak

MD5 dc12ee2bb266627cf127c9049fee5a70
SHA1 2f8d5cb6c70781a0b67e4bdd180c5364e01e8328
SHA256 368cc254981294714ccb085152c62e386f017f77691e0d2713978d77e2a033cb
SHA512 17a53f9dbf703c7f8d752896002b8f5909ddad5fa78d60b176b8fb8c351b90bc644de1097cee7da490ff7e97d3b0fbac0f627106d054d1d10d1917ce35b38f31

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\LICENSES.chromium.html

MD5 d18c09a075cb6531d7ffd7c3da77bd4e
SHA1 571f29b6004007111782bf5727c4bc9510cca286
SHA256 86f5222580a4ab03dad8ea62e6cea22b23454dccf1c77e74ae0e0410a13b16fc
SHA512 091cd68e12633919fc6100b606f3002b16f4b9c7c6d7c820ff20e31a3b9ea690c8a1fc90529ff3e5c21e8d778e254743a8708049830c3bb046eda8f2653000b7

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\LICENSE.electron.txt

MD5 4d42118d35941e0f664dddbd83f633c5
SHA1 2b21ec5f20fe961d15f2b58efb1368e66d202e5c
SHA256 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
SHA512 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\libGLESv2.dll

MD5 438d089addd02af6f33b42f92cf19489
SHA1 b0de553d91c92e4d104d99a265442fbc51be67de
SHA256 05236819cd357b0f16ed2d8559a3c4da3b153ad7932ec2fd1d8e36d008a8633a
SHA512 0b6774d50becb18f471cbfb86aaa63cd360bb60f6fd77ab93b60c79f5019edcda6ccb23b6a7724f66b6ecedfefc0f0e2d098daee825185a261821903a3bc4fcb

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\libEGL.dll

MD5 637eeb39ddbeb3ff518ff1988604505f
SHA1 8b3d9a0d542718fb906f8fafb2583d7bb53176ef
SHA256 3c51a8e53ef7473e9a335673e909dc9c67bf962997e6e2a319c3bd70fd52b4ed
SHA512 3257f9c96665f1bc8bb39acd0d98015b7d5e32f3cf3f84e795df4d19f6bd3bcc14a4e89759cc0de83289b79cd290fd5f4b176c3e9a4cb2eca3acfba0c9e232df

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\es-419.pak

MD5 02452424bb0cf6ab832808d04883f147
SHA1 a8e97ee52f3d97c1a4c678f7578808416e9fac65
SHA256 1b23cda69927c77764bda121ee398ffefcf5edcb5866432aa3526c378553c9b5
SHA512 9e750b26ab40b5f1c075acbdeb15a57cda9e6bd8049488cfaf368b5cbe8cd9b6e5dc96130e4137370c90bb0777b97515ea2be0787e255cff750fb7e188e22ab2

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\en-US.pak

MD5 3f6f4b2c2f24e3893882cdaa1ccfe1a3
SHA1 b021cca30e774e0b91ee21b5beb030fea646098f
SHA256 bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f
SHA512 bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\en-GB.pak

MD5 502260e74b65b96cd93f5e7bf0391157
SHA1 b66d72b02ff46b89ee8245c4dd9c5b319fc2abf7
SHA256 463af7da8418d7fb374ebf690e2aa79ee7cb2acc11c28a67f3ba837cf7a0937b
SHA512 0f0f9aac8e6b28c1e116377ab8ee0ffadbf0802a4026e57aedb42d21c38fbf70159be9e0314799c1de1f7638fbbd25d289dff7cd2c9eb7c82e1b62b6c4e87690

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\et.pak

MD5 74eda453b23793ced4480ea7a595fe44
SHA1 76964af9c8024bd84fa1d89f60784e7ee6569350
SHA256 e2d38131a5ef4b0e8438f45e8c74c56bcf666760d4682120c8071c9220230555
SHA512 e9928cfac01f10b040c74e63242ffa1f7f616d8598f49f0aa7ddad063e18666cf5649cc65d00b3526526af8a7b46ee3b3655da22adf46aa44c0c6a1c2ac4dc7b

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\fi.pak

MD5 fa7dbd2ee35587ff31fde3c7107e4603
SHA1 baaa093dcb7eccf77ce599c8ff09df203e434b60
SHA256 5339b8ca52500bd0082e0ba5a5f440c5f04733803da47963280479760c7fff2c
SHA512 587f6d0e216d1688227345a8a75b94848ee710ec633fe6805db66bb0e8cad1b8d24a1e6a7e234061516770d881571166c78d8fa1c40e6335f3dcb1339fbffc14

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\gu.pak

MD5 3268b8d9b4d4db87ec627b09f1c55a6d
SHA1 683ba367e40abb2fefd4548805e845fc1b452855
SHA256 dee5ef4f4b36fc5fe0f3b5e10c7cc3a7edc14bf948317b31a3287a95bfe0afa4
SHA512 59cff62843d35f790092f42b611e9bcd80d948c0ef27a770b2d7af859997f40c320d67df3c5a9420d28d5c8f1678df4677e01cb99b729664d198b3b95b5fbd20

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\fr.pak

MD5 a7c88eda9e12b6dbd432c544767acbe2
SHA1 81f1abe537870f7888431e820b636b17b5213835
SHA256 a4d0e5a39241a6326143afa4c8ec881d6edb0382c66425411881946f98e053e0
SHA512 88ca203256aaaaa26afd4a0aacb6fba2eb41618d09df6fc6aaa80ab8d699b30e73c373fa75098b1ec4912c042341dd1c79ee3d04f98b4bd59a44481d350a7988

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\fil.pak

MD5 0b7d25d70a2d94a032b7ff7faea45a75
SHA1 d9d473b2ea936ffea4f751d8716cb03407a95785
SHA256 a737a14f84b10b2e3c9ad4d147b430fd30c5ac0e125d5aaaf1ea19b0507de5af
SHA512 e4dbef6fae4cb56c3cd7bd5dbb239b5136eb2534a17cacbf628f5e5d77bfca924580ad4e4d0ec580ffaf94d6e1fafad58e9c5f472c3a3ff782702ea5eae2aea3

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\es.pak

MD5 4ca91891b2d4670d02931f0ca84e4744
SHA1 85f6559b09c80af2575e3b7626842c10081e188e
SHA256 85fff1ca6bd2527073de03fa77dd013db2557a57cce1fd370caa2b185abb9336
SHA512 83eae7ab2f03598c657786bff6171803b6bbe2128d1a5b8a01d9a13337113632279712dd8ffcd3b707fa6052a936d92a57cb67d848c77ee291e75700e29f2bf8

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\hu.pak

MD5 d6904e7d1b6750d43a6478877c42618d
SHA1 919f090a6a3aa1112916f5bb0d5b73a62be43c1e
SHA256 3ec43893c6de5ec0f9433841afd5fa9feaaf59ddcef05f7e1cab14dba799887f
SHA512 d600fedb5ef1b2eb49a0122536c642b350ce67bb7a9da205890d9d13a195ac17c14607b4489715fd34506ec0ea4c80f245e09cf048aef52dcc8094f3138b2fad

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\id.pak

MD5 881ff04e220aa8c6ed9d0d76bfa07cb8
SHA1 cacf3620d1bf85648329902216e6cdc6f588a5ba
SHA256 9210c4c4c33e7ceb5f70005a92a4fd36ca4facdd41701fdc1d2ce638db8adf22
SHA512 9134102928aa80c49bbf2b862e8079b2ee23636ce63412a4c3813f234d623ff563f5ca1ac407ddb77cecf1224896ed59ae979dcf63435d35a4f13de9c22755d5

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\hr.pak

MD5 7dbd4a9de6e30de028c97a7d39f8038a
SHA1 18d68f37b3c5eea3a2fe42c4ab1694a439a189c0
SHA256 e1c793e08e062043cc65271718d9b21d5742729dfa2e076ab012e8a008d06c04
SHA512 a18c43257d26380ec14ae0259cf192257fee0c6895b82240c3b41c5d6e8bd6f8023cb39dc2da0701bbcf05e8eb2cd13c84af971c28c94099a6d0ea02ce745ddd

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\hi.pak

MD5 9b5d94450fb03c34759653deb0551441
SHA1 b9134fbc75304ca73b156e77425505ed6dc6d629
SHA256 5e8f2593dbea5a57c3a974558a3fc91b6087329a1e7b11622a6eac120a973718
SHA512 caed9535d487833bdde51e82b76d3b8d2e6ea18ec0b4b7a98552be9266ff0728bb1133d8f9cbd169345aa08b0073f04d649baa71bb487483951cfa1a92080d63

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\he.pak

MD5 6376d0a5f4273b76b1f4aabade194e0c
SHA1 337ba39f09454c0779ab64872b9fa11f866d6adc
SHA256 875712bb852c698f677c0c74e088f62d31adb2bce65648fc390607aad8705c45
SHA512 00347f16b5abbaf47fb08663d5efde26ab7de0c7a2fa42e6b5f03c41a83cecbd8e78cc3aef41d5f08658cf346e0ade732774485e8a10008a43fa41ffaf73b2be

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\fa.pak

MD5 99de8cfda36ab9ab3342889fb6da393d
SHA1 6bdd3d627d4b6702f43725039089562af58898c0
SHA256 b93145f30e25122015373a248d6ea22a539c7d0d58c8aa853ac35cc80dc06bfe
SHA512 aa20793f9ece5823cb9e74a4a3ff97d7a1860a593f427fb5eacb0390569a48122589610fe5a02577577f3a30f981c5e3da97cf73bdfe158a6bb845586c5b19d6

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\lt.pak

MD5 7b6bf901352885c0699db71239b7cf24
SHA1 9e3ec5f327c0d0e54a449332061e60a8c79243cf
SHA256 9200a9509bd77834d9912f4ba8f4219d2b9bd2cdad49a11873db30e99b9d1350
SHA512 79ebef723fb4c17581eb869b4b4e1a364a3d28df0e168e7e1a3583e0c1ec5b9716dd270925c0545b8247421a64b03705f10910fe3416900de9258840c470d580

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ko.pak

MD5 ce19dea7b7d0b9472f99427de2b307f0
SHA1 9c84dbff9927c052dcb9818ed73bb272abf9054a
SHA256 586f34de2c7bb0e92fc376f3ad962bf9bae1a768398459d39f8ed06b59d8ccbb
SHA512 9a6c84ef9bb03be9ce96948bea94ec0ba83ecbd06ed648acab9d6fd27c1ab85f011a5670591da6256781dc147fc234d627cfc4bf5eb29bc2c8bfc84aaf89085f

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\kn.pak

MD5 01e8dc084d07743fbda50d54d86ee3bd
SHA1 e0709217e1a6785706b7d14037b1478ee2a3a59d
SHA256 ae4e003458f1a8bd3652e61241e11ff91bd887f6b95c1fe2700e76a117ba2119
SHA512 7d8db84f975d778bde21253f43d174921c2c71111644a953ad8671754e5d656f72bcabf62f4b960cbf4ca0ccc5f67d1558ed250b568c1f2308a31970e380654d

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ja.pak

MD5 c294012268f9e611fdc2904be57e45d8
SHA1 9ba4bd190ced7ffe053fa74071fc5836bdebea53
SHA256 21cd7ae581f6d0c19e90ac7df03d7dd5305b882776a1f091573f824bd28514da
SHA512 d16653f30617e52a040c5e033896a71055fee9992e54ffca5029601bb62a41b9685a68655b9c8bf7a7ba54a914836a0f7a49cccacae0eda180a6b68c0471a268

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\it.pak

MD5 6629c344b6e5ee8fb476522627b34221
SHA1 28335e3c96a68a560c68756860394a0a86c21870
SHA256 e76c3f15529fa7cc088dc32903c6885f4cfa170a1e0144710b05965f3210c31c
SHA512 78ca2ebf40d6cc3eb7035cca78364be63b8eb69e27caf2cae57e3489b39a9e443409e800fd95e1b646d37655c37ee8a9ae1ab344b506cf65f8603a6a3ad892ed

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\lv.pak

MD5 cccbd7f8a0c34c7094ce4d7b8e7e0588
SHA1 1a08401e2dc8c59200c4ecaa1886b43b6faa6979
SHA256 7467360f9addd4d8694e1508a6ab3a3e00dce57e5897d5376ad27d8e651b23d4
SHA512 2cc43437f1cd8d5fda0e95e7dd117c9b82e90cfed58ad8f492f46b4634aa01cd1b0ebe39377231a0828fc1ccd39641e4efc2f1210d629f9aba12ea9048accd95

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ms.pak

MD5 6de7b004a86967a3433545b3b38bf89d
SHA1 113bd5b28dda669b27c798e0b46fd680f3a04956
SHA256 ead5a37549b98d55839ffcf0dc8f8201d37d71968ec9138fdea79d7c9b79549d
SHA512 239c4acd2c0b6c08fb92fd95b89a302ddefc01ea843950a0247b7310c2b024383ae98286c2d4b83b99833452c41b386e047b2ef33610ef122fcf2f439ef43726

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\nl.pak

MD5 9fdf47fef5b549497005ef8efd2a2c59
SHA1 3449de72bfc2be537f4b007c81e5bc5de6ff3d0a
SHA256 65a9c1efcdd451504e2e9b44b0c8fafd2c3c1445d760fd6c435305e2f8534f59
SHA512 3e77178dcd9e8894847039a997c87d5d04eef8a1ace1846132fde229285da08ffc8d3ba697226130bd07ab122a868cc53693981a21f8211c839ccdaba77207cd

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\nb.pak

MD5 bbae0915edec081b04bb903b689bc40b
SHA1 6a0fc635ce1c431e512b8b3b8448176aa4025556
SHA256 d565c6c95dad89d3f2b7210de4ec3fc437633de4dcfc994fde0704b92bb53ff8
SHA512 573a9fe43213829a6a4b39e67be25bc330b417750ea6d66e26163de7a80c29f6f5deeb841d9ff8303595943a81fc01ab668aab02a5cac4eda078ed06120138b4

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\mr.pak

MD5 b9a2aa88c69c42ebcc41fef00c980a38
SHA1 9e373dfa11f95c31ffdca70bd83d2f66e1ddcef8
SHA256 481faf7dd66cf10a476d8b156fb4ea452f920322d8007f7e25d41b2837bdbc09
SHA512 5f4582723429a44dd517322babae4466efb4e8723c0247754e2a9a2929133d6fee5c3533c4cf567954e2a5aab47940a136a178405de36e38b50e8d4a6d5c504f

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ml.pak

MD5 00292b0801e0dd0a74091bf53f1574c9
SHA1 63a002e7a8796bc4b4459a19c95ce426fbd1ec7f
SHA256 61a372f170de0a22712be980c3c78b22035ebf40ce79332fab75cdcc4208c9e6
SHA512 e2e15f66851aa435e3bf4de6672f4aa8b01204d8efe11ec6ee9a51d9877ec4f2e71d7e9547d6eab9bfa04af1bea71fa72aa4963fa08b48717bf1c3fd21c00cd5

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\pl.pak

MD5 c9da926441d438b952149650c86a033e
SHA1 74ee60342bda33048570dd3c03f897668cdfc971
SHA256 ce96fd415ffcda01345146faac716e2d45e2c556e5c6c38e9a1ea5ac19dafe84
SHA512 3e718e8df695cbd80146c3e911de9b235ccc06f574739e5720d47952f69eab089b56451cdc321174da9b239c0a71a720baf9d68b46046efa0edcb2a3f1804ea0

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\pt-BR.pak

MD5 c68170e4948cf3ae6910364c1e68ce90
SHA1 420f3a392db28b6fd6be44fd702b455518b67bbd
SHA256 b26499a256d66feed42b372ea2eaceb75c279694b40a7b5d0f8c1a5c24cf381c
SHA512 29482ced2091873a8c6242a608ed641b3a4d72fb93ccc2eb58d2769c446195f717b438d5633522f457234f3d209029936e9ea4ccd65d45ba8ae0c2df71043797

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\pt-PT.pak

MD5 9b04c89c2d17c7c00a6a4342f0771fec
SHA1 a0886040fd5f870023cc3038f5722f4ba6d7c8b6
SHA256 abb012215610178b7f8203f61f41103546d3949ac3df4acb3a622b01663f39cc
SHA512 7c4cf5e7bfad4709db49779c1e3e762b8d0bac6cd736c511711ddca7682e08bc6b3274c9872d88db78bc36b0456b29680d3c4e518d4a401830cfb37b48567bb8

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ro.pak

MD5 9b9c22a12ddce43a4a3c0c047a16a5c3
SHA1 901e072d644a79e0b18be2f4a81e6842b070485d
SHA256 3e89d43b86b2582fd7db236659af47ff459a44c5b5ebcbb0bcc9eda244c8e501
SHA512 196a5bb1b0b5093d4a18279037ef7993525c36c136d4560b7e902c815687f7992ecd2b64d96422911a3468cf3f1478b21df6465d3b31486466cbb5573ff0e7e0

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ru.pak

MD5 aa75c21bfe54bb70e7abd9fce1347a8f
SHA1 3492307cec15b367274c948beb76598f72347846
SHA256 bd981aa65536b544228ed1d60a552ff4c7800b46f815177b33b3e628b97d77e4
SHA512 0e77f1c7e4b5410e9eaed875f5dae6485d8de5b650ec44133b1634645cc3055fa7bea316e843b491f29d9c137b20623b120e014b1c74bbf4e8d1f08dbeaf5bb2

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\sr.pak

MD5 fca817ed4b839b976ebcbf59cac66d68
SHA1 413efa65470319999032b6a25b3b2ee33b8cd047
SHA256 524acc64e70918a77cda43fd9b27a727645b28ad2d4cce16b327105101c8bbeb
SHA512 cb246d5c5cea30d6e7514841ab93803984cda37461a09b6c340ca64f7cbce4e1212951a4de421d928d433a619dac18454fb403b42581757b76c7eb124ce70cf2

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\sl.pak

MD5 6a2efcb886dd33a5d05a112c141c520d
SHA1 ba89d9ef7ce1862d1e9933e910529ec5a3e2a933
SHA256 4fa004d80c7e89e38cdfed3a652003787fa810256d294c16aab0bca815eb7c02
SHA512 0475df28a602ec90c4331da4e7d742eded2cb3264b41924628bfc45e2662f2ceb7b9518ac88a231da1c3caf18d176ff3a4931c2b1751f3b74bce3af73d0088cc

C:\Users\Admin\AppData\Local\Programs\Launcher\locales\sk.pak

MD5 72946b939f7bcaa98ab314cfba634e0b
SHA1 71c79a61712c8c5d3dac07a65d4c727e3b80ab17
SHA256 75f179897cad221ca6e36b47f53cead7f3fb4159ee196f1d10a5181b84e1b5b7
SHA512 2a8fa7108c58f4cb263900a555714d5638d961d14d9f4ddf8a9ab5b880afdbc5d2325fed1e158dbaf42a9cd20e8e372e6a8f52fce842a6940ea52e43e4a1f1e5

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\sv.pak

MD5 14ecf7684d7987950a9655258d3a72be
SHA1 b1506b3b4be332081dde72bf54a197b1ee0bde66
SHA256 690a83bbefe1e97de5d2c1c0791707e8ddc3414a12cf30b79329fa5d21840d6e
SHA512 fd9d36c63b00bb1caf6a25f2c797f3a844395f16016a9010819462d647e8e759fd8887e5eae3ef300871f4abef05f4ceca9edb5b30ffdd56efeede9c75f56e30

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\uk.pak

MD5 0d9b7f3ce815f7bcfd63ee3492350d52
SHA1 6138b5dc296cf406b2314b8b797f9f96de2b40fb
SHA256 b86358579a9cec015c996c6ae862ddcb8cb558f30eedd0d0b9ef3cb18c3cc130
SHA512 17d874849e5eb17bff2ac98c8191f9f38a07a66eccc502122c0ed2bdd6af94eb17db1b0a2477a75c1fd4f3ed00c76b1818eac5bc4093d92eca0d0a5323718cc0

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\zh-TW.pak

MD5 032c4f24764d531d0de876f1e9d51dc9
SHA1 6662a5e3466c1ca415e219634cd67863ff830b32
SHA256 a0a715a3ef1ead036f0f03d02a8252fbdbd52ce6f8cc5b9298fc1c4494d4e508
SHA512 3cf212a638cfe9d08e625f7f70d453263e44721be9550c2aebfb67462666a8d67b87cd2ed613cc12c7d1fc7d1c1368c7d198a6669fa3a10c2c2bf61966c46aff

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\zh-CN.pak

MD5 37b051269289e0eaafd411d374663135
SHA1 fa94bc7fe89475f1d5e1c9a2d88161cc992a638b
SHA256 4ff334da089d2ffb9c6173de7c918b74c9326ed7bd76317b2696d57861871488
SHA512 357350ec552765df460cd66ae59ebcc771df72431baa380247750627ee974f1859bfa423461a2197d4e608063d021faa7fc94bd30c6fe2b1a0cf9b9f7e64ea73

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\vi.pak

MD5 5b8fc875f0b57ac7793e19e0ac6f4899
SHA1 b8ec064365fc29a70bc3a8d3df0ef222ed244fa8
SHA256 ff3cdd834569cf9f957a444ab8a51ebe673bd26d7c907a907aedfeed248d4890
SHA512 f3a9ad912823aaae0d089cf53151cfba0b6fbc2cebf826b1b7c70fec03bf3f967e440558fef94c990c87349b82c36379bf645b828ab6b69eb9f396165dd6178d

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ur.pak

MD5 6733dba4f3f0afeffc40bd87300b9d6e
SHA1 610aab026d25f2cec6c636fbaee922c099d26ef2
SHA256 d0c8ae8f4f60f04d4eee8cc639ee3b52ad073f5c9ee6fb84c774eb855fd51e9c
SHA512 40c1cb7be3709bb6ef01a4e66bfd85e20641020a800292a2a14f4cf188242aa0b8d42cabd0f323acd3d2f257243c7dc04b346a39475343c761af7a1833c3366a

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\tr.pak

MD5 0662e2b67524444e843d0104adab0b7e
SHA1 ec39112f57e28010295398c24c6a17e60a88fd47
SHA256 e8f86dc87dbf11935863efb3a5af8213a97123889019e98a7ef313b488088790
SHA512 6529083d04e777be3cdaa14f06bb6b3a3d26006ed9d067f7a1bdfcf669856cc6340bf0caf90bbceb75666062fac1bc02ca2d2cff94c6ca5627ccaece6f973a65

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\th.pak

MD5 d34a2993eaf0ee6bf65c3729baee426d
SHA1 d796911e57c89b11a603c645dd0e32aad7819d75
SHA256 7870b92c64f7776c469b4d19be8881ce30a5263cc8287c3d7de573aed43c7dba
SHA512 eb2f4b3cb7741c996acbd121d0c69eda6cfac6bdbd7b8036dc6394ed7e49c9a45641c7983431b5f8c5db685fc7ce958e7c9f5e79837b381caeecf009f79ca4c2

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\te.pak

MD5 28f500e12a7b91d91d8f99395fce8332
SHA1 885fd6c78259ae38f7dba3887f7fee783c1766bc
SHA256 06dd7ae122d6f1f394aeb85089a9c837ec05dad627b0bcc92863ab2830e971c9
SHA512 6f0fe4a527e9c53a41d20f95cafda7a2488bab310eecf68c98271a2db6f3efe5d2180e158b5018a9c56a0580b0735146f0ae07d884f564de1e8780956a10d190

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\ta.pak

MD5 714ef30e819d791b41ab093d515e1704
SHA1 5410b58dcaa0bc82146655ed56493581d18d5c04
SHA256 9be97a18356b05ac4c3aa2b7e719eb29b47d8ad406aa50cf0f24bdde1d613083
SHA512 a35074a54dc12a68301553345c69f02ad31bc010690d5f4c4fad5d65b3fd9c3f7c3ec7e3637673d250cb33496b93a9582e28b5210d11137bc0bd5b2e219c0aab

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\locales\sw.pak

MD5 9632dd7d883fa4deb3963ea663e0ffd4
SHA1 0db135be4b3a7c54c39e9df5034d5576b68ea92e
SHA256 690027c4a31c4aea00b7d1b32ec6cd3fa50b1eac412ae273ab15e72eb485dd6e
SHA512 3aac1857784dfecd2ae5f7c4056f58e27a966a6cb949e02eaba56fc1fc283243ed6213f17628d62d435e33fa4771eb43623f25da6510aa4ce6f2149f72ab0d37

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\resources\app.asar

MD5 52afa93c336ef1287268a8bf2cecb7ed
SHA1 c975a2728d8f2acdd31aac6dfac610ce27af9061
SHA256 ea432c9db16a558297b932070cef58aedb2db5604ef5d2c24686b0cffc81d1d9
SHA512 d4b2d710ea3340b31fb3d4e8f3f02fa0be10c94f820f3528726d2c9e5a598023e22c747e536bbc637b0eb89d9c593a6f038a98cac4a232fad2fb3664e8c1c722

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\7z-out\resources\elevate.exe

MD5 792b92c8ad13c46f27c7ced0810694df
SHA1 d8d449b92de20a57df722df46435ba4553ecc802
SHA256 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
SHA512 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\WinShell.dll

MD5 1cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA1 0b9519763be6625bd5abce175dcc59c96d100d4c
SHA256 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA512 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc346bbad4c00a39059b5bab0b033a72
SHA1 96e3d9a09e11eecb0915bf2fd057a4a1bda3dab9
SHA256 0d49da791e708b2ff9fc683fba20dc65446623a1309f8bdd493c5e577277f113
SHA512 5d7c79cc3bc5f8a63d9e24f664ec999ba1a3d9103ff642daf4f647739db8aeec3983e531db14628b7d7f7b411ae841d0841c76e351f341783203ecd166056d29

memory/6816-3431-0x00007FFFFCF10000-0x00007FFFFCF11000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\SpiderBanner.dll

MD5 17309e33b596ba3a5693b4d3e85cf8d7
SHA1 7d361836cf53df42021c7f2b148aec9458818c01
SHA256 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
SHA512 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\nsis7z.dll

MD5 80e44ce4895304c6a3a831310fbf8cd0
SHA1 36bd49ae21c460be5753a904b4501f1abca53508
SHA256 b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512 c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

C:\Users\Admin\AppData\Local\Temp\nsqAE45.tmp\nsExec.dll

MD5 ec0504e6b8a11d5aad43b296beeb84b2
SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c
SHA256 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
SHA512 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c02cf5924a41193802a30a60c65a1a42
SHA1 94605a5174d9dedc1719e2d4a8e2081165565148
SHA256 70d9ec053c3e4ff641754740761a178ad7b1aa83faf904b1b8a2cb12da6d4992
SHA512 a47d3130fe9e03be2d6904566b59d04921fa2f61741ff98353c41c91ee1ac18f896ea05fd037d55db4f3504c4bcbf0ba617ac24f5cf4395bcb56f3d340262746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6066e9ae03d0cdd4f9f798406b18f028
SHA1 3d38f35da07017fd6ffc4a18d642b7acc7857bd2
SHA256 5622538b9d83dbdaafcb3b8aa37ddf63e9473ef01590b5c533cc897298a42a3a
SHA512 76aa2bf665254bdc12cc9f12ab91e78731a5aa534b529147d7facdf3271eb1acf14a06b1933bb3b823a34146057544c96b166ef50963c24b4587ab168633e2e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

memory/6808-3814-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3815-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3816-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3820-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3821-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3822-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3823-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3824-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3825-0x000001B510920000-0x000001B510921000-memory.dmp

memory/6808-3826-0x000001B510920000-0x000001B510921000-memory.dmp

memory/4080-3828-0x0000000000EE0000-0x0000000000F56000-memory.dmp

memory/4080-3829-0x0000000073140000-0x00000000738F0000-memory.dmp

memory/2812-3833-0x0000000000400000-0x000000000046D000-memory.dmp

memory/4080-3832-0x0000000005D60000-0x0000000005E62000-memory.dmp

memory/2812-3836-0x0000000000400000-0x000000000046D000-memory.dmp

memory/4080-3837-0x0000000073140000-0x00000000738F0000-memory.dmp

memory/4080-3838-0x00000000032B0000-0x00000000052B0000-memory.dmp

memory/2812-3839-0x0000000000400000-0x000000000046D000-memory.dmp

memory/4080-3841-0x00000000032B0000-0x00000000052B0000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionCheckpoints.json.tmp

MD5 ea8b62857dfdbd3d0be7d7e4a954ec9a
SHA1 b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a
SHA256 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da
SHA512 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionCheckpoints.json.tmp

MD5 c4ab2ee59ca41b6d6a6ea911f35bdc00
SHA1 5942cd6505fc8a9daba403b082067e1cdefdfbc4
SHA256 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2
SHA512 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

MD5 4098ba2f321049a21e3e1d5b1d1f2ab3
SHA1 0ce7a3cad468af35cacc69460b8dc3b83c56619f
SHA256 31ba2c46d1d8d340a0895152a0617497bbb27dc39766aacf6ef2bece5eace414
SHA512 8cb05191cad99cc21668659983d65dac799cef7e2fafc3518d7e433b7ced6bf45a1664fcd3949fd7dfd2105945f3cac7ea870f99743b354ba0bb9b3547b0486a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\d97daaae-f635-4a65-8b59-0a44e496be8d

MD5 86bde3a0c3ffd54fd93681f9b9104b15
SHA1 05e3db6c1f86d8f04ed64f59590899d7ed6a1675
SHA256 302edde994ce58209293330f80ea7d2c149a3b5c5e784ebe50cc8eb3cd78feba
SHA512 f126dcb6ad94d608f0084fda857553ff68f58bb04aba5a1cbb3a49702eb7f2281744c2d49f78549a2670f80c5e285fb74dafac95ce8d2df3b427e923355c024d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\df4a0477-4efc-44b6-b164-1526f1670f92

MD5 e51f747eaa6e4c9329403f200c5ab90c
SHA1 5f3d10a2aecc456dd8a7437ff8ceddb9923c5209
SHA256 00fb858fa2147e0e14fa5b7f5ba1dda7ba157a2ba19320de7a34f4a2427ada2d
SHA512 ad769c0954ec4bd19eb47c3355f101564a8252ae67967b5d45e6b93a942ee525b3b5c4f55d97a0d5d76cf8779f90f2f86fcc1a23a745b2069f1c1c71e9369214

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

MD5 3315d4696c837a7987f4b470065c28d2
SHA1 2f8d1292c3782fcb075215cf9cc4411cd2d7479e
SHA256 ba47a84ced81506b51e7f4ff17b45a941e1ddab566556b5fdc6e07252943e576
SHA512 de5018222a57aaf8e93d48771f889bd872ec484c5f762645be03d87c5dca0467dffbedea902a04b2a493efa6683ad6661c7f128565480e8684ceb0a0db27521e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

MD5 5a2af8829bd17f4b6f89a6d3bacf892f
SHA1 237fe68fd5e86473fcdf690f5be4f62e6cbc025f
SHA256 8326100afd48582506f34806290e9556dc50247ce145156148ed0c2ee8d227cc
SHA512 3309561624939f0fcede62222a7e93a8e61a5e63a11dc4c96687376ccd1b5c0e41f4d7a97bee91ca1264c6d9eac2ef085d86f2441757f508ed5f51d695bec8b4

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\92qyi9k9.default-release\cache2\entries\AF81D9CE90528EFC662762A4A288917CE6CB1128

MD5 3100acdc7034940e5b2d17cfcd9ddedb
SHA1 7bfa457a56ef4bef0f7813cf802b59c8336a2faf
SHA256 297144d4f00c8bf2835a834f9234061fa4aa137a1c36a9fc6b13be021ace00b5
SHA512 361d3fa504e108036fdda46d4c973208a20272ca0e5e74e3c55e151f9e37b44f7a80a3dc853d031b694107f23c990e660de9b412b8ba2b6d72d2166d1955662f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionCheckpoints.json.tmp

MD5 99601438ae1349b653fcd00278943f90
SHA1 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9
SHA256 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a
SHA512 ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionCheckpoints.json.tmp

MD5 65690c43c42921410ec8043e34f09079
SHA1 362add4dbd0c978ae222a354a4e8d35563da14b4
SHA256 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d
SHA512 c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore.jsonlz4

MD5 fcafb520961d31a488a4b3691389f628
SHA1 bf1fc0d65e6fd046d25851e1f2748e2142dcec86
SHA256 b04cfb1930abd7ff27cf5d1b3547882a8b2f0d04f57a97ec9d303fc083235dd8
SHA512 51b1543fed4366a0f093175055522455990c6bf893714b95a1b16a4950ffaa736f080c8867d77d9a77267665e64f84a3b23a5568873f69b92efee57effb9c6cb

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 3193b9a9116c31e5f64855a9be72c48f
SHA1 da68fc971a24991bbd593fee5042a4770695f2ac
SHA256 fa75708fb655cae2a6c2174a7ca9c2512203191c97cb069ff1239f4ccb8aa0e6
SHA512 90f57ec3bcf0b6c3b94292eed50a1d094e0bbedd8ceb2b2b16f873657ad309db823adea3287e899f54005b96de617264c271b12e72d4c0e434ecaa1e10b88f5b

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity~RFe5eccd3.TMP

MD5 76ef48eec89258698177a30a90b84c15
SHA1 1c124e158c5745b6c6471d27f71ccf6885523249
SHA256 12ea9f9c44258afdb2ed0f70ff78a641580dc0d5388252afa6fa9b174cf2a260
SHA512 52a407ab06cc6984c1dd67cde9a44e1d6b338a1da8dccc8f98c9ab65181e2f829a6b0624b12415cdcc85a7d890bd878628616b1ebb487c90d6452b349f624891

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bc16ebe41a9fc2938c4060992a92b0af
SHA1 1719af3e339b187d984a76437eb80cae5dc50e6f
SHA256 5874dbe9583546eb24cfb2b237d58f97ef186cd72866dd224df82e62817744ae
SHA512 c78d4be86a3f35ae07375b37fd39f869d317a6ec6699d7673731e6f9b255d7bcbfacf58ca71c3f51baac1e2b2bbee7da58603efa5bd51a31162c481aab7a912c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d43da09c-b2a1-4410-9fba-419467a28df8.tmp

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Temp\Launcher2.exe

MD5 d481b64d21860cce0578cc1df12f3f4d
SHA1 81c26a75dcbc659610fe0a3b8c84eb946a91fa0c
SHA256 5035e2c1f09ae6e399679abb4115d163aa11164ab34dda3a61a3b806b8f03dd1
SHA512 6e61454b2f9bb56b156ca33856435702cba3f4d2480c487504577fda5deb1501a69460f0e8f99a21b6541273412858056b238f8c6c13c43b27c0960cee3a0c72

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 228e109db07564eacf1ce95f22400871
SHA1 622b57fede87b5e4c5fed7d9835556fe3b80be20
SHA256 d9f03b66ae79bf55d9a10a43799298a10f9b987c83645af05e2f59abf32da794
SHA512 a0c41bdbedc7d8b12f0f44b54d58754fe1c6ef469e11f022adcd1ef422cb06e6c7846c291ea29c6c62c69655eef136e174b2c1bb6310611aaafa931f38b58e82

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State~RFe5ee434.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

memory/212-4144-0x0000000073140000-0x00000000738F0000-memory.dmp

memory/212-4151-0x0000000003010000-0x0000000005010000-memory.dmp

memory/212-4153-0x0000000073140000-0x00000000738F0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 724c3d2e7f70de4e497065d7671b41fe
SHA1 26f2b69e2e16017b82d45982cb9d480408eaecf5
SHA256 0cbb32f27e6c80f12ad2cc1eef4d9e0e3e0afb02b5cbad09c4898fa5eec5c24d
SHA512 0138a212b2280d5081b745b0efa3c6c4dfd5dbf7eca6df05470d7d3b735bef8a53eee14a1b853b523d161b3428635809ac95ffb1866234eaf3141ecec3f512ac

memory/4668-4211-0x0000000003ED0000-0x00000000042D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11a145e71701fc3f647b196de5cf30b9
SHA1 e564bd52dab6f22cab8e4d234488a9e4b0613e5e
SHA256 9d8010e63c685f01943ea908c11fd7d4bd65c03a1136bbc14601e6756f656329
SHA512 8e6ea8b0b1336ee6499e0090b0e2573f3e8104c96747499337daf9f02dea1b131e5bd0591277a91286638097c9ce1d3205a10ae922b4c56596622b79a9450f8e

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 ea321f392b95adc7fad6671297806c73
SHA1 5869a67760e28b3af9625e627bf3b2f0c3289693
SHA256 3cf12b16c0e6f97baccc6dfbc6900213b7d74e79eee22fab4dfbcc1c7c61d887
SHA512 cc418b76090707c6c2d7f3bf544259150b134245f7fd40f3e07f85e59775fb42384d7205e157c2e107add93edfd6a596e70a4e88e2a8cd5d3b77c704666dc626

memory/4668-4227-0x0000000003ED0000-0x00000000042D0000-memory.dmp

memory/4668-4253-0x00007FFFFD110000-0x00007FFFFD305000-memory.dmp

memory/4668-4263-0x0000000076BE0000-0x0000000076DF5000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c6e016311786dd7969b9f12194b0861
SHA1 5ee88955194a84dbbf71a855cacfbc5c9d5738a0
SHA256 2a396d58b5af2aec6e50f440b3713bbdc970ca000899a5ea4e6b4f63f6bebbe1
SHA512 161f4fc4b9140acc9dc01d29f1b81582e5328a21ffa64df8e7e6d0523e88adb230316c258885149b0f426d7429b91c796dcc91e94770a47cf820d50723d405bd

memory/4668-4264-0x0000000003ED0000-0x00000000042D0000-memory.dmp

memory/2232-4265-0x0000000000F60000-0x0000000000F69000-memory.dmp

memory/2232-4267-0x0000000002D20000-0x0000000003120000-memory.dmp

memory/2232-4268-0x0000000002D20000-0x0000000003120000-memory.dmp

memory/2232-4272-0x00007FFFFD110000-0x00007FFFFD305000-memory.dmp

memory/2232-4273-0x0000000002D20000-0x0000000003120000-memory.dmp

memory/2232-4275-0x0000000076BE0000-0x0000000076DF5000-memory.dmp

memory/2232-4278-0x0000000002D20000-0x0000000003120000-memory.dmp

memory/4668-4279-0x0000000003ED0000-0x00000000042D0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa79b2d73d5c380881beaff1693acbd3
SHA1 a4eecec4045ae95725f83680aa093dcb66d9d394
SHA256 2886a708fc97894a70b39544c9c286bd10ad53d7d3e1b94eeddb468d40eead08
SHA512 8fdd27f0806ad6c093bcff676815548bc360feaf576dbc7785c8226bc1604f4c3173765302a6910bc6b85ad51485487b89b46d8d07e36905e95685aea5f5f77e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 17446d3022f2588c721176c5f59c0b8d
SHA1 5ca7b20f315d17d1ac1f538a24dd4f8b966ca08b
SHA256 7e90fd8a69de9158dc618f7dec0982c405f3c7278f501a32f5825b136db68287
SHA512 9ba40cf17231d5b57a4a959136f94c44ec6409ca341e2a5be6aef29119d1a5c36d3c93ba6fa680c9da34f7d4dcf3e0e57daac608e19100cbc34b0577747f3e52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3bfd693690e40ab3ba967961a948a62c
SHA1 25337487505fd0797784ce21755bdadeb9622d5f
SHA256 020069fad96ff778c9f3a97a7dd4f1013ebbdc0650fc38f572d5e9bd96b419db
SHA512 0d0f066376242965d4f69403624c2db025832912a831713a5d7f59b023c0aceef71286b59a60e636101a5acc0181dedfe85b49866a50fbead6bd8191d547608e

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 20dcc0fff8070e2ca8051feff3454bf7
SHA1 703acd602688903dbc16f574ab27c069a3de2fdc
SHA256 5f69323201bb15f150b07fba667e03669bca0273197ff59c273cd9f53f14e650
SHA512 a44698b058b8a53bd19aaf6340bc5e1417de9e4093e95b8d3666671907cf65ab858cbf77d2c7cfd75e16dd8308f24f4d3023f2707101ee940abcc404ba4fd363

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009f

MD5 a613ef3bb70b49569cbb96787803d202
SHA1 68ce3965e3709ae03c2a3bc4dc77fefe546b5b09
SHA256 26ffdd8d4ed84dc42d6c217e47476c7c4f6cc28dcbc91b53a3bf0216e3bfeff7
SHA512 bc53a7a1f5fceca28a0e27cb474a88f79e3c42e834a28a7795c902decf2598a032f752950bdd81011479f97b22f5437ef9e111dd68d2e838960b60dfa252c15c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 57faa848c00f89d318818a778fea7569
SHA1 557fe16f402c1479a737b1b4a78d71d515a2b775
SHA256 d993224272567d5f96d7ac4b2f290d3ca94909604265e887d94ac6e7822fed93
SHA512 db767a3343b5152e55faa8e9abea6802107269e1e417e3a545ce4e6bf621e9c130043071513f51c56356eac89042bb544c77b9b535b694805b44b5baf80e4f6b

memory/2664-4446-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4448-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4447-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

C:\Users\Admin\AppData\Local\D3DSCache\83202b2adb43410\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

memory/2664-4453-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4452-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4455-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4454-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4457-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

memory/2664-4456-0x0000023DD4640000-0x0000023DD4641000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00ed7a2b3e8e281f5ec0e9463e1e9267
SHA1 e03a38ebe6fdfbae38c229f495ce79670d240bcf
SHA256 04d4fca60558124ce2780676c5a05704ad70922421f2b3bda74616e1d63d6b82
SHA512 58dac072630e2f4aeb062ccbb7b1b88be2cd053560044b885226f050ed735bf09dd6426db7b48c0efc167547fbda40f3f2df061517ec8a9f4a171632351366ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bb1984a733e278d75c47e2d225f77882
SHA1 5ee6fcc4336bddbe1a717a1315a6faeafc9a5edd
SHA256 75e233c559954913b4743aca871fbecbd148f13d6b357462807b384a6c981101
SHA512 beac354489a347e6a8de2e61d4965df1f6bc5ef6667edd101d58ef9f40abff49391699c8b9a2fbcea445f68a0d05dfb3a9aaf66c23822cf2db5dfc039e1ac864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 181e81f1b83f8f11c9911a31186bf0df
SHA1 14a31dbd0ed3de5292d3add4f36630676721be69
SHA256 474c54fc3745aabf3b002f3f64ddd262034c6990f2274c62241e5aa650f9cfea
SHA512 28a8e0de0e5c776604a87ac8bebcba54d47fb33fee9342a2e6af7dba3f96f9ff2376f07a11fa48d2bd02fcb83ae2294212d34f062884adf104ed92e18c1451a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd8b7691cdb091317906290f35483b7b
SHA1 0e9fce4b452d9f1eab0492431f7c3f637a3d23d2
SHA256 f47f16e825b6cdb227f7d67e88bc3f432b3b0ab780d82d40e08b9f7dcd37d618
SHA512 9b4a60619a84371128db2fc2e49a3ca1a09c8a392a206b91551cc87b150926a6903861ea273e6012cdd8eca9678ce51965c0cffe0919d354d92dc95766ce1950

C:\Program Files\chrome_Unpacker_BeginUnzipping2868_354237408\crl-set

MD5 a95c6510abd425ee929c77c8f86335fc
SHA1 384cac159c27af909f03682455a884af987dfd0d
SHA256 b2a21db4936e8e7a8f05ce5a85f82bd04743d3d332b8da7f3e3ac16849f25c6b
SHA512 59582506c05121d40c7e2e007e6478981595781a863670cf90193e9bfa4ce6cbe42e4a310b5d2b6ab4521e979f24e2e0d9dc96f35a148acbbe9db225bba71954

C:\Program Files\chrome_Unpacker_BeginUnzipping2868_354237408\manifest.json

MD5 7080faae2ec6f8ffa0c1e7847bd2b0ac
SHA1 1d247b5ad6b10027dc71b15fc1dda127b6230867
SHA256 0a3141df9d6368672ef20ff88c9e1ed67844034f2706ba16d81e7396cb7a6c00
SHA512 04c094e31dde59c5278d746808a0bda57340dab64a89b710be25c90620214440740eeb9c2d3f3ce2a9785a017a9073200b7e38993a751e4b359e7cb479e6672b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 283eff5a08a5d7c29ad02a23b49f4338
SHA1 498f336e54225960e1564b1d1186c81534c397e8
SHA256 cb4ed226b8500c525e5ff55c7de0ebb0bf4fef880837d4fc5c40bdead57faf22
SHA512 64f0cd13656c65ecfa98364557c411953d9c959a8f23d5022999424adfef8083145b90fcfbb1a9d80946018b8a95c3e0331553e501eb5a63c06a3610d2053460

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 3d7291556a0b14e3401d4748c457da1a
SHA1 38d521a33bdb816ff22146cf580c2de3c0bca862
SHA256 86077433ff13717098b899b76ed36d93f5b9e91381a7ddb2237075c4879343a7
SHA512 0a23a9c3eb45f414b3f1406e6a68a495ecc583c3de828f7cd88f3527f42c23e60eb535e930f7b5de5cc0f055c8ad363339bf1322dc317d606321f77833670073

C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp

MD5 8e15b605349e149d4385675afff04ebf
SHA1 f346a886dd4cb0fbbd2dff1a43d9dfde7fce348b
SHA256 803f930cdd94198bdd2e9a51aa962cc864748067373f11b2e9215404bd662cee
SHA512 8bf957ef72465fe103dbf83411df9082433eead022f0beccab59c9e406bbd1e4edb701fd0bc91f195312943ad1890fee34b4e734578298bb60bb81ed6fa9a46d

C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp

MD5 596cb5d019dec2c57cda897287895614
SHA1 6b12ea8427fdbee9a510160ff77d5e9d6fa99dfa
SHA256 e1c89d9348aea185b0b0e80263c9e0bf14aa462294a5d13009363140a88df3ff
SHA512 8f5fc432fd2fc75e2f84d4c7d21c23dd1f78475214c761418cf13b0e043ba1e0fc28df52afd9149332a2134fe5d54abc7e8676916100e10f374ef6cdecff7a20

C:\Users\Admin\AppData\Local\Temp\$inst\0003.tmp

MD5 7c8328586cdff4481b7f3d14659150ae
SHA1 b55ffa83c7d4323a08ea5fabf5e1c93666fead5c
SHA256 5eec15c6ed08995e4aaffa9beeeaf3d1d3a3d19f7f4890a63ddc5845930016cc
SHA512 aa4220217d3af263352f8b7d34bd8f27d3e2c219c673889bc759a019e3e77a313b0713fd7b88700d57913e2564d097e15ffc47e5cf8f4899ba0de75d215f661d

C:\Users\Admin\AppData\Local\Temp\$inst\0004.tmp

MD5 4f398982d0c53a7b4d12ae83d5955cce
SHA1 09dc6b6b6290a3352bd39f16f2df3b03fb8a85dc
SHA256 fee4d861c7302f378e7ce58f4e2ead1f2143168b7ca50205952e032c451d68f2
SHA512 73d9f7c22cf2502654e9cd6cd5d749e85ea41ce49fd022378df1e9d07e36ae2dde81f0b9fc25210a9860032ecda64320ec0aaf431bcd6cefba286328efcfb913

C:\Windows\msagent\chars\Bonzi.acs

MD5 1fd2907e2c74c9a908e2af5f948006b5
SHA1 a390e9133bfd0d55ffda07d4714af538b6d50d3d
SHA256 f3d4425238b5f68b4d41ed5be271d2f4118a245baf808a62dc1a9e6e619b2f95
SHA512 8eede3e5e52209b8703706a3e3e63230ba01975348dcdc94ef87f91d7c833a505b177139683ca7a22d8082e72e961e823bc3ad1a84ab9c371f5111f530807171

C:\Windows\msagent\chars\Peedy.acs

MD5 49654a47fadfd39414ddc654da7e3879
SHA1 9248c10cef8b54a1d8665dfc6067253b507b73ad
SHA256 b8112187525051bfade06cb678390d52c79555c960202cc5bbf5901fbc0853c5
SHA512 fa9cab60fadd13118bf8cb2005d186eb8fa43707cb983267a314116129371d1400b95d03fbf14dfdaba8266950a90224192e40555d910cf8a3afa4aaf4a8a32f

C:\Users\Admin\AppData\Local\Temp\$inst\0005.tmp

MD5 94e0d650dcf3be9ab9ea5f8554bdcb9d
SHA1 21e38207f5dee33152e3a61e64b88d3c5066bf49
SHA256 026893ba15b76f01e12f3ef540686db8f52761dcaf0f91dcdc732c10e8f6da0e
SHA512 039ccf6979831f692ea3b5e3c5df532f16c5cf395731864345c28938003139a167689a4e1acef1f444db1fe7fd3023680d877f132e17bf9d7b275cfc5f673ac3

C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg

MD5 108fd5475c19f16c28068f67fc80f305
SHA1 4e1980ba338133a6fadd5fda4ffe6d4e8a039033
SHA256 03f269cd40809d7ec94f5fa4fff1033a624e849179962693cdc2c37d7904233b
SHA512 98c8743b5af89ec0072b70de8a0babfb5aff19bafa780d6ce99c83721b65a80ec310a4fe9db29a4bb50c2454c34de62c029a83b70d0a9df9b180159ea6cad83a

C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page17.jpg

MD5 e8f52918072e96bb5f4c573dbb76d74f
SHA1 ba0a89ed469de5e36bd4576591ee94db2c7f8909
SHA256 473a890da22defb3fbd643246b3fa0d6d34939ac469cd4f48054ee2a0bc33d82
SHA512 d57dd0a9686696487d268ef2be2ec2d3b97baedf797a63676da5a8a4165cda89540ec2d3b9e595397cbf53e69dcce76f7249f5eeff041947146ca7bf4099819f

C:\Users\Admin\AppData\Local\Temp\$inst\0006.tmp

MD5 b3b7f6b0fb38fc4aa08f0559e42305a2
SHA1 a66542f84ece3b2481c43cd4c08484dc32688eaf
SHA256 7fb63fca12ef039ad446482e3ce38abe79bdf8fc6987763fe337e63a1e29b30b
SHA512 0f4156f90e34a4c26e1314fc0c43367ad61d64c8d286e25629d56823d7466f413956962e2075756a4334914d47d69e20bb9b5a5b50c46eca4ef8173c27824e6c

C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE

MD5 8a30bd00d45a659e6e393915e5aef701
SHA1 b00c31de44328dd71a70f0c8e123b56934edc755
SHA256 1e2994763a7674a0f1ec117dae562b05b614937ff61c83b316b135afab02d45a
SHA512 daf92e61e75382e1da0e2aba9466a9e4d9703a129a147f0b3c71755f491c68f89ad67cfb4dd013580063d664b69c8673fb52c02d34b86d947e9f16072b7090fb

C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE

MD5 73feeab1c303db39cbe35672ae049911
SHA1 c14ce70e1b3530811a8c363d246eb43fc77b656c
SHA256 88c03817ae8dfc5fc9e6ffd1cfb5b829924988d01cd472c1e64952c5398866e8
SHA512 73f37dee83664ce31522f732bf819ed157865a2a551a656a7a65d487c359a16c82bd74acff2b7a728bb5f52d53f4cfbea5bef36118128b0d416fa835053f7153

C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE

MD5 93f3ed21ad49fd54f249d0d536981a88
SHA1 ffca7f3846e538be9c6da1e871724dd935755542
SHA256 5678fd744faddb30a87568ae309066ef88102a274fff62f10e4963350da373bc
SHA512 7923556c6d6feb4ff4253e853bae3675184eab9b8ce4d4e07f356c8624317801ee807ad5340690196a975824ea3ed500ce6a80c7670f19785139be594fa5e70f

C:\Program Files (x86)\BonziBuddy432\Uninstall.exe

MD5 578bebe744818e3a66c506610b99d6c3
SHA1 af2bc75a6037a4581979d89431bd3f7c0f0f1b1f
SHA256 465839938f2baec7d66dbc3f2352f6032825618a18c9c0f9333d13af6af39f71
SHA512 d24fcd2f3e618380cf25b2fd905f4e04c8152ee41aeee58d21abfc4af2c6a5d122f12b99ef325e1e82b2871e4e8f50715cc1fc2efcf6c4f32a3436c32727cd36

C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx

MD5 3d225d8435666c14addf17c14806c355
SHA1 262a951a98dd9429558ed35f423babe1a6cce094
SHA256 2c8f92dc16cbf13542ddd3bf0a947cf84b00fed83a7124b830ddefa92f939877
SHA512 391df24c6427b4011e7d61b644953810e392525743914413c2e8cf5fce4a593a831cfab489fbb9517b6c0e7ef0483efb8aeaad0a18543f0da49fa3125ec971e1

C:\Program Files (x86)\BonziBuddy432\BonziCheckers.ocx

MD5 66551c972574f86087032467aa6febb4
SHA1 5ad1fe1587a0c31bb74af20d09a1c7d3193ec3c9
SHA256 9028075603c66ca2e906ecac3275e289d8857411a288c992e8eef793ed71a75b
SHA512 35c1f500e69cdd12ec6a3c5daef737a3b57b48a44df6c120a0504d340e0f721d34121595ed396dc466a8f9952a51395912d9e141ad013000f5acb138b2d41089

C:\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX

MD5 12c2755d14b2e51a4bb5cbdfc22ecb11
SHA1 33f0f5962dbe0e518fe101fa985158d760f01df1
SHA256 3b6ccdb560d7cd4748e992bd82c799acd1bbcfc922a13830ca381d976ffcccaf
SHA512 4c9b16fb4d787145f6d65a34e1c4d5c6eb07bff4c313a35f5efa9dce5a840c1da77338c92346b1ad68eeb59ef37ef18a9d6078673c3543656961e656466699cf

C:\Program Files (x86)\BonziBuddy432\MSINET.OCX

MD5 7bec181a21753498b6bd001c42a42722
SHA1 3249f233657dc66632c0539c47895bfcee5770cc
SHA256 73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31
SHA512 d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc

C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX

MD5 9484c04258830aa3c2f2a70eb041414c
SHA1 b242a4fb0e9dcf14cb51dc36027baff9a79cb823
SHA256 bf7e47c16d7e1c0e88534f4ef95e09d0fd821ed1a06b0d95a389b35364b63ff5
SHA512 9d0e9f0d88594746ba41ea4a61a53498619eda596e12d8ec37d01cfe8ceb08be13e3727c83d630a6d9e6d03066f62444bb94ea5a0d2ed9d21a270e612db532a0

C:\Program Files (x86)\BonziBuddy432\Regicon.ocx

MD5 32ff40a65ab92beb59102b5eaa083907
SHA1 af2824feb55fb10ec14ebd604809a0d424d49442
SHA256 07e91d8ed149d5cd6d48403268a773c664367bce707a99e51220e477fddeeb42
SHA512 2cfc5c6cb4677ff61ec3b6e4ef8b8b7f1775cbe53b245d321c25cfec363b5b4975a53e26ef438e07a4a5b08ad1dde1387970d57d1837e653d03aef19a17d2b43

C:\Program Files (x86)\BonziBuddy432\ssa3d30.ocx

MD5 48c35ed0a09855b29d43f11485f8423b
SHA1 46716282cc5e0f66cb96057e165fa4d8d60fbae2
SHA256 7a0418b76d00665a71d13a30d838c3e086304bacd10d764650d2a5d2ec691008
SHA512 779938ec9b0f33f4cbd5f1617bea7925c1b6d794e311737605e12cd7efa5a14bbc48bee85208651cf442b84133be26c4cc8a425d0a3b5b6ad2dc27227f524a99

C:\Program Files (x86)\BonziBuddy432\SSCALA32.OCX

MD5 ce9216b52ded7e6fc63a50584b55a9b3
SHA1 27bb8882b228725e2a3793b4b4da3e154d6bb2ea
SHA256 8e52ef01139dc448d1efd33d1d9532f852a74d05ee87e8e93c2bb0286a864e13
SHA512 444946e5fc3ea33dd4a09b4cbf2d41f52d584eb5b620f5e144de9a79186e2c9d322d6076ed28b6f0f6d0df9ef4f7303e3901ff552ed086b70b6815abdfc23af7

C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX

MD5 97ffaf46f04982c4bdb8464397ba2a23
SHA1 f32e89d9651fd6e3af4844fd7616a7f263dc5510
SHA256 5db33895923b7af9769ca08470d0462ed78eec432a4022ff0acc24fa2d4666e1
SHA512 8c43872396f5dceb4ba153622665e21a9b52a087987eab523b1041031e294687012d7bf88a3da7998172010eae5f4cc577099980ecd6b75751e35cfc549de002

C:\Program Files (x86)\BonziBuddy432\sstabs2.ocx

MD5 7303efb737685169328287a7e9449ab7
SHA1 47bfe724a9f71d40b5e56811ec2c688c944f3ce7
SHA256 596f3235642c9c968650194065850ecb02c8c524d2bdcaf6341a01201e0d69be
SHA512 e0d9cb9833725e0cdc7720e9d00859d93fc51a26470f01a0c08c10fa940ed23df360e093861cf85055b8a588bb2cac872d1be69844a6c754ac8ed5bfaf63eb03

C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat

MD5 4877f2ce2833f1356ae3b534fce1b5e3
SHA1 7365c9ef5997324b73b1ff0ea67375a328a9646a
SHA256 8ae1ed38bc650db8b14291e1b7298ee7580b31e15f8a6a84f78f048a542742ff
SHA512 dd43ede5c3f95543bcc8086ec8209a27aadf1b61543c8ee1bb3eab9bc35b92c464e4132b228b12b244fb9625a45f5d4689a45761c4c5263aa919564664860c5e

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF

MD5 e4a499b9e1fe33991dbcfb4e926c8821
SHA1 951d4750b05ea6a63951a7667566467d01cb2d42
SHA256 49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d
SHA512 a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL

MD5 237e13b95ab37d0141cf0bc585b8db94
SHA1 102c6164c21de1f3e0b7d487dd5dc4c5249e0994
SHA256 d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a
SHA512 9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL

MD5 a334bbf5f5a19b3bdb5b7f1703363981
SHA1 6cb50b15c0e7d9401364c0fafeef65774f5d1a2c
SHA256 c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de
SHA512 1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL

MD5 7c5aefb11e797129c9e90f279fbdf71b
SHA1 cb9d9cbfbebb5aed6810a4e424a295c27520576e
SHA256 394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed
SHA512 df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE

MD5 5c91bf20fe3594b81052d131db798575
SHA1 eab3a7a678528b5b2c60d65b61e475f1b2f45baa
SHA256 e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175
SHA512 face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL

MD5 48c00a7493b28139cbf197ccc8d1f9ed
SHA1 a25243b06d4bb83f66b7cd738e79fccf9a02b33b
SHA256 905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7
SHA512 c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL

MD5 9fafb9d0591f2be4c2a846f63d82d301
SHA1 1df97aa4f3722b6695eac457e207a76a6b7457be
SHA256 e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d
SHA512 ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL

MD5 4fbbaac42cf2ecb83543f262973d07c0
SHA1 ab1b302d7cce10443dfc14a2eba528a0431e1718
SHA256 6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5
SHA512 4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL

MD5 b4ac608ebf5a8fdefa2d635e83b7c0e8
SHA1 d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9
SHA256 8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f
SHA512 2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF

MD5 b127d9187c6dbb1b948053c7c9a6811f
SHA1 b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9
SHA256 bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00
SHA512 88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MSLWVTTS.DLL

MD5 316999655fef30c52c3854751c663996
SHA1 a7862202c3b075bdeb91c5e04fe5ff71907dae59
SHA256 ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0
SHA512 5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP

MD5 466d35e6a22924dd846a043bc7dd94b8
SHA1 35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10
SHA256 e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801
SHA512 23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL

MD5 0cbf0f4c9e54d12d34cd1a772ba799e1
SHA1 40e55eb54394d17d2d11ca0089b84e97c19634a7
SHA256 6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1
SHA512 bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB

MD5 f1656b80eaae5e5201dcbfbcd3523691
SHA1 6f93d71c210eb59416e31f12e4cc6a0da48de85b
SHA256 3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2
SHA512 e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL

MD5 81e5c8596a7e4e98117f5c5143293020
SHA1 45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081
SHA256 7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004
SHA512 05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\W95INF32.DLL

MD5 4be7661c89897eaa9b28dae290c3922f
SHA1 4c9d25195093fea7c139167f0c5a40e13f3000f2
SHA256 e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5
SHA512 2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\W95INF16.DLL

MD5 7210d5407a2d2f52e851604666403024
SHA1 242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9
SHA256 337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af
SHA512 1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\tv_enua.inf

MD5 0a250bb34cfa851e3dd1804251c93f25
SHA1 c10e47a593c37dbb7226f65ad490ff65d9c73a34
SHA256 85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae
SHA512 8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\tv_enua.dll

MD5 ed98e67fa8cc190aad0757cd620e6b77
SHA1 0317b10cdb8ac080ba2919e2c04058f1b6f2f94d
SHA256 e0beb19c3536561f603474e3d5e3c3dff341745d317bc4d1463e2abf182bb18d
SHA512 ec9c3a71ca9324644d4a2d458e9ba86f90deb9137d0a35793e0932c2aa297877ed7f1ab75729fda96690914e047f1336f100b6809cbc7a33baa1391ed588d7f0

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\andmoipa.ttf

MD5 c3e8aeabd1b692a9a6c5246f8dcaa7c9
SHA1 4567ea5044a3cef9cb803210a70866d83535ed31
SHA256 38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e
SHA512 f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\tv_enua.hlp

MD5 80d09149ca264c93e7d810aac6411d1d
SHA1 96e8ddc1d257097991f9cc9aaf38c77add3d6118
SHA256 382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42
SHA512 8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\tvenuax.dll

MD5 1587bf2e99abeeae856f33bf98d3512e
SHA1 aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9
SHA256 c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0
SHA512 43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\Msvcp50.dll

MD5 497fd4a8f5c4fcdaaac1f761a92a366a
SHA1 81617006e93f8a171b2c47581c1d67fac463dc93
SHA256 91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a
SHA512 73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\Msvcirt.dll

MD5 e7cd26405293ee866fefdd715fc8b5e5
SHA1 6326412d0ea86add8355c76f09dfc5e7942f9c11
SHA256 647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255
SHA512 1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999

memory/3528-5599-0x0000000000400000-0x0000000000424000-memory.dmp

memory/3528-5600-0x0000000000400000-0x0000000000424000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 91bbbf97a158072090d9bc9c1857a4cc
SHA1 18d285fa86bb229ec3be45a4b74da6f662bc276a
SHA256 ffeff0cedd22d467ce431096699714d7004b572a2500ac8f19620fca0fdbc50e
SHA512 97bba35b167d8fb358c1e1a1c0b7aedee1d6f3908f978a50f49a1f1e0dc1756b9991ba68defc36ad4f7df07b06e3ce7b340102ff5926f3f5bb948f641043d304

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\33d4cbc6-7173-4588-99c6-f0544bd86119\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 46cb7641be727eb4f17aff2342ae9017
SHA1 683a8d93c63cfa0ccbf444a20b42ae06e2c4b54d
SHA256 944fff1dd6764143550534f747243ef7d84fdac0642c94135ab40f584520f63e
SHA512 dc1b5f363e90abff5c1663a82764296922c842820d2819805e87da6da1081f1b5f2d8debc83ac34a26ce289b7b22588b022433686b19b039074ae184968b9fda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe60fd30.TMP

MD5 a99f57627576b70d18b2023d9c0fa53f
SHA1 9e1bb75a8d1e0d246ef9a24f60e3af1cbef9323d
SHA256 c05de814d00eb822888e3828d1c3aac37aba89e43a71b6f58ea6eaf3db902a90
SHA512 f2f4cebed682ceb79fa30435809d76adea273c4bcebf559cd3238ddffcfc425e5ff487ceb01b54eddc63c823872c77ec33701ce0da8142ec8c727635151e95a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40e9034c4bd7481e9ba3dc7595141f3f
SHA1 d4c8ed6ece14f103f34e27b3f161083e95703d8c
SHA256 dd6cf1e980cece5dd1910077f6ecda8798e01e556bc4336839a5b2679e043c79
SHA512 b1498a7bb066dfa32f3569546131253e4e5174d950afad44355694c0cdb78e0c8a77a3ddba5297a34704732d34bf71ad7a145b15593b8ec4f2d336c8ca03fe8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1fcd7cb07a0ebd2e10e2f257f61d8300
SHA1 c9e24b3aa6bf8c13d654bd75b88915035f43fd40
SHA256 f582f789a0b05efd7e207da7199cd69ba027e988d24a7df1aefae42e36d1c5de
SHA512 e8ca3f890466f374468b0e5f7f7b2d0b2b53f0e524c4bd52fa020057b0e99682db5e320dd6cf6ca4c31a6f1ba5ce622a43f797734e7d3a522f4cb0453f2b6140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\40572dd6-7280-4c4e-82d2-4b0ebebadfba.tmp

MD5 5f34c883c25c539c6bbec911a8f98510
SHA1 a26b3b239a6b0e76aa1d10a9c306b4ba589114b4
SHA256 e6d95c43bde59bfd67d71f25cda5cf7c0573747f4e828e4916c85a936fbe7a3b
SHA512 c641df2b464fc837b6c8bff3c9db74b764eb804212b029554969ceedbf8a133a7fb6bf367723ed3d0662340793bc8d77b1dd001e81b4b1f9a50b7521c80c9203

C:\Users\Admin\Downloads\Unconfirmed 940696.crdownload

MD5 df132e781a5e3987241bb9355bacab1c
SHA1 1a777b116a3f1e77c79501d0b0513eec1931310e
SHA256 b1ee27a19ec65351b3ec51338862b72dade0475c229420f8fda3da816f55d8f3
SHA512 255099b2fba26a447bf90286bc5b6b1a8493573e1c3adcd8f2d969628db1d544f289aeb450eff7ed5c495fefcd7da94579cbbc5e365de50de9625bf5009c8e7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1fffebdc1398eb4e8596324b7d919842
SHA1 57c0edc75448d0cb9b915382197dcf7e8612434b
SHA256 c4797c99493866ae96e54924ab5e2d67c5439cf545867ee5d1ff42f0dea73a88
SHA512 3219fd673823cc3894332bfc1fc34edbe9d848509a4e70e05c6b6e5dcd1a929334cc027fd1811b798d7b9e8263cd89a023debcaaa0a8bd71e4607a08cdb4ed63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ac39b9fab91ec82b4c6e201b8c0ff21
SHA1 7b67b65e307ecec4c6171c212a485b30c8ef8ccb
SHA256 8ae9c422bbad907e33910390ad30616583ffa1da427e3e432d0d499c00e782c5
SHA512 e15dd2ea79a27a2b15a248d56cc65c6c1d87a075bb75a84ba4afc7fe03253d4ac6a6f190d339d38a8b68478b2805bfff9b55f94d6dadb198c80a86f41048c8a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 e77f20ddaea7d4482086bb8190243165
SHA1 38c7750cf2371046a38b3ff48e0e5ec816ab5726
SHA256 b30ba4e6c9ce222121afea5bb1215c3c23595f3c9eef3783da3e5f9104047df2
SHA512 bcc736b7326d63f2b8fad058055d343f2b3d672a3fab83eaa7ed4f59ed50114231f6941af1c2c1185160b40dea20f709f28673f2f46c648e532f88c91db9db65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6bb3da8e195a264673f6506fdeb7f9a6
SHA1 c20840e85ca260f2b297b5daba740c052431e3e9
SHA256 c81ad499467837b3f224d1cd061379832bf7eaa6298734f4fdb1f7c230b0ca2c
SHA512 df9fdcf95e9fdab879db55279aa09278d59b5cba4ba4d74766f51fb04f561de17951b46eb360292eda5abc306869579db77c422447d8b98fc0c0be69a2167233

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6693eebf7babc50f592eb03bb8f1c6d0
SHA1 f495dcdaef225fc58b1de4f221969a0f097a876c
SHA256 ec433c8367ee5dab99aa1afa80507cab387b0fbc3180cfd9c4fba7d33c39a00e
SHA512 e4290b883a29294fbda3dcfb7cf86e634b0c05578763a7cf4ac2f7b6b46f40839c1f6b7750e3cfad2cb4c2fe0aeb3c2d2f50d4187234cb723059ed5b4827cb6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae8b546323638ea837456922680945a9
SHA1 6fcc920a25beebeac9eac5e9c9d977f1f7b14f46
SHA256 19a225d983738b7c085b6568fb617afce588a931733931a9b20daf09b93d6ad6
SHA512 c87e407fffc74608df80b8de978b8f05497396f3865da82c3cf56d62e0abbab2be8b0125fe6ed2ab9ed2257e530afee4cb182bd147be2377d6e7c5c2ab3790cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000106

MD5 b3cecdb68c56273a9a559a2d966d7e67
SHA1 9ae2157fde228d8571bb5ec3a4d3e2ac3ae3218b
SHA256 69cbf6f57cae1af820ffa152a0ef459f25647175c7567f662205cbbc80e4aa85
SHA512 ab09ffdb889facaa1dc09e811cdc1ac1d1e875037572774e4df80b7d6118150f0a9baedf06b283d1c4fa9772ca9826a80e3f5cd8b2dec5e25463a77431b67f57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010e

MD5 e6ca145a2dd3c5d876f3fe8c36e2ecfe
SHA1 2894eae02c2fe88396b01fe9553fbdccd845f456
SHA256 948964f2e77928b6d7f3989c12e94bf10196a676d9700977ce4611a1f3445ad4
SHA512 de632b605e0b8a3f839dc07c891a0470b94ebb2cd45c3a065cb06ca840b875f4e854c963c84696faa645de5f06048f34b70bfc6075a00cc6628a2e14b61a44f0

C:\Users\Admin\Downloads\Unconfirmed 831213.crdownload

MD5 6dfdd64fa175ad3eb7ebdbf535e8ba4a
SHA1 9439d5dae2fe4fd7c6756bc1bc76b08d5624dc16
SHA256 9b7cbf6b5c8b5361850610dc38c5eab8b8867205441f4467164476b5c5ecfda2
SHA512 b80642534612807c8a9745f0e84cb82016d82d37b6927844a24944d8e329fef98b341c717d21a007e57546b8bc46118dcba45c526e78bfdabe32033781154e85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e95354ac3c6b1e536ae6b0ad09426ba9
SHA1 8a8c15e9c5fc324c7bc1102c84a580afc7fc5c9d
SHA256 02394491df1640a1464d425d6d8627ce40d792de75e701c55848124e4c914849
SHA512 85afea6148ba08a83dfb4e5252e94ff07b181d0a1827b50df9e3c924942c0edf27ffe76150f8729ecfb368aa9145490be1ac188fb060aef45de27098df71190d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09a0e74a5467850bfe7f57c116cb72c9
SHA1 49f7722e85bb7ec82b51910a32e3782010cf82db
SHA256 3e1e9f4d2e421329f0cae17c2a6c9c860b0df29e47b316c045f2ea2fdc3ede37
SHA512 d2b69a68a2e6427ef66641c91c63cde70d9deef530458eccdcbc639e96151d774f5af0b91d5c2fa3775ce938fe915ba0df1cb2e594315a7a4c490cf4f1de5217

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000120

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 bcf80fc3460a46d33624391258c06107
SHA1 14dcbb9eb61c8123d59cae27ef196b4c5ff15a86
SHA256 b198e2902da9952d9464dcf9da950d88912f99a0cec92f7ed4c1be24c199b36e
SHA512 1611d2c28b947f108033965232cbcbfb7df47eb6a49539c3bbd02eff1341f55afc974d1656c1cc3f6e2ea55a439279b0d84211b06f5fe0408f3587596ac4d227

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\36\9.49.1\Ruleset Data

MD5 c5e30274fe7b93847f6d7c02410d1209
SHA1 488a49f38459f29e110c706c51b61ca1ae3b0e26
SHA256 e634e3cfdd0d27d0be1f5f9a19748d19d564928765db343503f42a6e1f5dd4ea
SHA512 bc235bb3af269e9a828e6788dbae2b42cabc879b858102f4cc76c0fa02af0e296d20ffc8f134c0a3f9b408643e4810e8c46afeb0c285b892908b06ea1aa1b811

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1676e16a924de0b590dc14e7202fbcf0
SHA1 a533a8fe3baf608eb2eb2fd39ab4186207cf7c85
SHA256 bd73b06367572925079e20deb2a982f6f5914ad0582d44ed71b6ffda2cb3ad0f
SHA512 70c721c5750ecaee58ae23af999527ce04106da4e3550c71ddcc8cbb609baa857940474d102061e77e7d80e89c1502e63b844517841ac4f7f53e530fc0bd56cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 537ad34cc9e670ed08cb9f5ee031a007
SHA1 02121c7446cf3b37b94214f13d894bc385c809ed
SHA256 25a8cfae97521c0d8c85feaef20edb17a303db1eea07a19dfeb31927781725b6
SHA512 76bd6eb9aeb6b6180077fd6d2db57f0ed812e22919330f3c4786e3b423a8461db7fd216b39c78abb24b9cc65143db92322f6d1b0b563e89adbd80fc18d72d137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 93599695078a192a80d4322c4e7ef30f
SHA1 21b0e55b8943f2b13b0e12a12fdfb5dd18d4e6fb
SHA256 e0c13ab457e830c8c6f3e8c2ffbf9dbf7eeff67c78f64dec69eb73ea34965d5d
SHA512 1917e7e3bdbbacfadfcd7598abae4089050fc1896c7fb2214b7a0e0cd796563b5d0310116a73aaac55e608ddac563faaf30ec2dbb817b8651d3b543e23c7370d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a9

MD5 06f26fac172849a514b3910eecf4ffdf
SHA1 397749d994f665dff50cb1cb09ce003a92fc23a8
SHA256 3dcdda02d567d05faf5392e1e209788761b6ae8d94af030a9ee16064a70ba5bb
SHA512 22f09df22d1053cbd6e70cf14e7e7ed6eb1ac81b9ed5c73fc72eeb9dabad4f2d46b4f37e2c43ce8979d55264f992138225a2e60650b83fe51383fcd3bc8a3b35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac

MD5 81f66f062f9c9bd9e02066ce53277e62
SHA1 f87d61fc90ed861f302be2a0e88f7b2415de1024
SHA256 abcfb3b2a9c3024ac1bfbfc3c6d691ee242271746819dcfe323072072775a16a
SHA512 69f1d44a6da5edcf43b629ef036dfc7e4b1363fbabaf3a57c32f7d2469ce7454dc8f82188cdb2a7164502c0316b0423589d63e674e04d189a7b2bdab8401a49d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae

MD5 0c0ab95d1c165a6656102cc23db9e2f5
SHA1 bd6f3a4330e1ffb2087a41b42677a1f04e839153
SHA256 0f2e7ac4c4aff799101178dcecf2dbac3d00a8209009f2137cc425a0f2b0db3c
SHA512 2becd3b0322e3b9c1386edaf1ed6919e2bedb4f4c1fc6c9b8d474b1d469a5643289267fb34ca031fdde7211267529c472f1bb0c85b128026f322c497241ca287

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 cf0b78402c208140ddfd494e35e88f1b
SHA1 b38bca44ade4dd1b6cee701e627097c47df9d907
SHA256 e71f9f1e7019a5e983e6a36a6aa19fe558b60a856f76a2470664278e0f7fb418
SHA512 3e3c334fedd4286c110e45c31c4f4f31ce4dab4b5b78d80ef4358e8271cb4b23ee7780de2d554beff23df85a5537d2d30d436b9e1ae70c4788a507e8a4931d44

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 17791139f7ef2c3348f4df92d342f753
SHA1 ef0d2e76cc4f7fb6fe57995d63b73232d7e92444
SHA256 d72c3f35acd861d9331e36d5b6c7540bd49db9c049e9047881b11c4ab17b89cc
SHA512 092b8b2c3849c9ed667be390a3d5247200b9d04ed890e4fa9fced7cd49e4220aa09842d0f3bd9e557eeefc7bb4d4598c67191a29a6a3b862eba65e9d70af71b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 294d2306a19aa5136dbbe1571630b4db
SHA1 5b7767525f127084794628eb202884cf483c3ddc
SHA256 3a636687050dce8df04c05375b8e442e28b49eef692bf2f389916a02507cc042
SHA512 394463f8515288cdc2d161d6bd6d2a241f1d0b1be4242ce6f3e1ae90b5c577b56c788ea5cbf35b3e90cb0c8a37f274818cb81b13aa56b3e26ffb3ef9e984f69c

memory/6304-6624-0x0000000000400000-0x000000000046F000-memory.dmp

memory/6304-6626-0x0000000000400000-0x000000000046F000-memory.dmp

memory/532-6629-0x0000000002470000-0x0000000002471000-memory.dmp

memory/532-6634-0x0000000003B70000-0x0000000003C05000-memory.dmp

memory/532-6639-0x0000000003650000-0x0000000003665000-memory.dmp

memory/532-6642-0x0000000003640000-0x0000000003641000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-GI7KQ.tmp\setup_01b_bg.bmp

MD5 500fc4e3db1f28d93a9506580d71df66
SHA1 cf1584f68d868d458f50bc43bd0a55f48661b2ba
SHA256 365dc91b696d97d46fb52ba7b6d19e1e2803e275e9331741ef73a7a2b4c877dd
SHA512 e99ce8c7b0c39219af338d0da1193779baeab35997d49f6b81e47a700075624093dc9842c4f34523a1d2ffd542e194d719a31d77b5e965c4d9ce71af931ad908

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\readme_en_us.htm

MD5 a3c2f9c47e3cb6bb33d531696f3214fc
SHA1 53cf5fa1bfbda4a48a87863c05d782b160dcbbfe
SHA256 f0d0170dcf6ab5b910ec29c6b8f4727dd16ae65aa6e642655d38b23e15da2490
SHA512 1fe016f844864dd1d2dfa000defee5b80d8810ee58fbe65fc053be684cd31290e6d6a6014cd091cfa008b5798193112b78444136681f17fb550fa8cc0772dfc2

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\product.xml

MD5 bf814d58db2db2127dbb7c6eb963aba3
SHA1 d993d0d6799b761d825df146c75ae1bc0edbd32b
SHA256 3d65b72a3986c1a88ee2c09334782798981babf5846b56c2f21f23befac0a679
SHA512 b401b6259a94f871c095cdc626c351229e8b2737b03a0d751d105217e294e3a3ca6cb318e4e3856f22b4af567dc65870126c380ae9d30e42defda9a691af1d24

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\channel.download.html

MD5 b6a783901786f0ff3c252214b0d7ddc7
SHA1 8d2e31df7428155a7bfa3cad7665ec3b98d25e41
SHA256 66337fd8b1038c8632455dc02d84c0547462e5893b485f16178bb66f8f3ba7c2
SHA512 0654e8ea42a37b220ae601332a41a6289f9223ff77c2321216f0555aec54a5ba3f879dc4e1d2bce84b1b203cef85c73b8736c833946d951a2148c8d00e81d133

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\channel.download.update.html

MD5 6145e26aa11a0bdadec321b23daf02bb
SHA1 8c7436e037dfe9d62fb3cf4ad75ef44e73a06c67
SHA256 1430c3ef3f8be0c4029ce329e18cc801dccc1e462bbd3d1bd286ef20e9badb66
SHA512 f18746a7bd7d4cb5d864946f6a14791c73527e8b3fdd6f083475e72a1794b9c1778f4ee135f60e06adc7caae3f379ee0780b83c412500ddb736242ad3ffb7304

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\channel.news.html

MD5 a1d6a13a8fdb701df6b853b978036094
SHA1 2a5f2f54b306bd8ba6695642a883e895d3c1b1b5
SHA256 89790b91ac23606af93eebaaf12bd5e42430bb2ebee9a3539f33010efa1c527a
SHA512 d05cf8d438de810299ba34b63baea70975cef5bb95d75257a98f9363f560c5b87a318a0f079762edb3e4c23af85b718015d16f9def0b4d9f609cc54635aa1397

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\dialog.error.html

MD5 684ab31e14bf0abe15891c4bc2bb5082
SHA1 063d19d21aaa4cf9c7c21ac6c20b2cd2880ac8c2
SHA256 461e6dc4ae7018344551046ed2ad6fcb456493f999caef233f6409bfb9582d1d
SHA512 a1dad11be2a1c5fca4e6992d89c2609c5ce415ad93b76cb8b6cfccb968eeb6e07583de51226b8282eaabb565b9ae6f8839aca08b16b211745f1a23f9370aac34

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\dialog.idle.html

MD5 d89ddfca6e81f924fc498ea7c154de80
SHA1 893ac8e1a0d17e47605852b60e038f5254673492
SHA256 6af69296415d51fb199b80b3571fb9612a5f82589864e100ad732b3aabefa4d7
SHA512 c8be9724214a355cb09d47819218768ec6fbbc7b1b1b4cc147892a809c6dbc239e092d64f824107bb8cffacd7f3ff8f1c2d3a154b80e8d1a7c1c14b178e61312

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\license.serial.html

MD5 e3d2e80cf3bcad909d54f0a02b8fde1a
SHA1 10556e2de258f7f87f60d898dfd6ffa56be56996
SHA256 7892e1730d955ada9fb673cfdb48843274477e7b4f1013cdc950022348a6c0c3
SHA512 0b86c50de2587d5eeff3e8eaed58ecc0c1f22a5a0054c23309c1d50404eefaf4aa36d9137cf05b594c6fd601460c1bd7012f339470bcc80c2b93ce5778535386

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\license.startup.offline.html

MD5 3efb680e186d4d4c0fe106cd9dedc784
SHA1 83dcbb199e6cd0ad8c13c72126186d8a0f5226bc
SHA256 b3ec33b27c60554058442f0a92ef075c83e0ccb3cc790aaaf2f39f26e34a368e
SHA512 d5c39d388949ef2635d0ea67c726eaca3bd71c8adecc436270c46e67645781e4e034c871fd305efc3bedb1a1165c7ee49a9c65efb1321661476cb4ae352970e1

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\license.startup.offline.vnr.html

MD5 fe5fa3a8566a5cea5b18250996bd66e3
SHA1 381e2acec269593459ecc834e86f8d82feca0cc1
SHA256 cd2332a545c946c5b9fd150bdaaed5e10608d844854e46c9aee89e07e75b3cc5
SHA512 2adf8b4fd0567a59b73da4da00f9e10f42628b7fe36783289bcffe0e888ce725f0efed5032d71bbb2ed7193f9509bb2101c97a9b7b46f040b090eda6da9e1644

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\system.report.html

MD5 14e0dae4cfa1b2ac63469155a3a1683b
SHA1 4ef802622e61435cc2ee3c0418daacc3bd8bf144
SHA256 98d5fc5e13ff795c333fa7ccaa364b137011c3c52d749945e3d0c717e41b3ee0
SHA512 074e0146898f8841040c505b3ab7434401c2af18cd1a72cb15eb798741d3c27d1bcf97ba8805a10d749ba91453a3b92fae15984588159cc09aedcd219dab0d40

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\system.service.html

MD5 abc90b33184aadffccf83585f7b9a4e2
SHA1 00797c95117621f0b23c70749ccd0ac6439f91ea
SHA256 ae3a30ded6c7198f03b1acb771953d2d8b30b68adef7055a7acaaec4d3a70357
SHA512 a30463a3d2f6ac26724652b603a5fed2ff85c74d6cd5fdc03bd2fab169772f920ab884f8bf8c94f04384b0bd06b87cce62d0067cb04ef53edde74254e847a3e5

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\system.settings.html

MD5 165884632d8fdfb712206c371fa49d4a
SHA1 06a108ad85f5e02997e9a9e47f66812f8eff3d6e
SHA256 707fe3f35b6e668e428df0c73dafba8ff28e491e737d38a66d29520c97299fc5
SHA512 2c797a5e5ba57459c421dd12656c298096aed0993a2ee03689d6d1e7faf0b4110879dee676e8ec973d68997d5893a156503c37b395060eea6d22c30461d7ec9a

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\system.setupdownloader.html

MD5 eef5fd1f7e9bebd35a3067a6cc308baf
SHA1 4e0c3e7a0e4c0f7652e482ef17bdd792f337d980
SHA256 b6ab91d5999944c3d97cdc130e5ec4300e1dc21b1345fd4cf43f1968be59a925
SHA512 68f69ae9fc0e2529d2c3089cebf3a1bd9d1d685f275868336bc1300cbbcae26be74f62585e8c84feec90a20dfc7b01d3d1d2fc0f1efcd53784eb075b760d4e7f

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\trialbar.html

MD5 91b6d7d84733a47615699700529a9148
SHA1 3b11082b0379909e123bfeb92047eceb179a370a
SHA256 f4f62a4523140e982e2f2813f09f0e540c26a0941fdafd383a7340770b6db989
SHA512 33d489560b751d546bbab562cc4a94a07d3dcbe05ba9b1fe4821a299be3f6f2630a3a6d6ed0a824ce94be2dc5173354c48e33c8f16acf9676fbb629431141b44

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\upgradebar.html

MD5 cf39502119309326d7977a028bb27264
SHA1 0a650ce0a44e579c67b09b571037cb022bfbee73
SHA256 dc39f5da6b5aba8e1a0fa89676847db7cb75bd9e0d718602cc876b988fbe03be
SHA512 937c5fa50cd411d34446ab74c9fd7b6e9cbd8b09fb0de62f0189ca0fb9e1541fc12f9b40cdc50088ea8687c0d24b3bd119228db4a9d94b2ad493d8a59fc19fdf

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\css\bant.shared.min.css

MD5 2b64c5b841adfad5060a6d633abf9d63
SHA1 5c997bff162c4b8379e7a440008c5a0d713a7bf5
SHA256 5e4f3766ee17caee5f0a2440f77c93b431292e55b4a34cd936640d6d3f08af27
SHA512 dad8c326ca92b4bb36c124d40d280eb4e08c76989a25de435ac1f2bd018177c6be0fd4b13deade7a0a4d6170ff87256db83d5ecdf5ddf485bb1279db3375a8ad

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\css\dialog.error.min.css

MD5 520f91846386bfff0d3ce9f06bb58313
SHA1 22dd079a7d33af00d04493fa1cdf963a81e32194
SHA256 0a784827a255ceba3439432be3d43fe5b5a221b9e23925b07f5a8503a3e10789
SHA512 02c5b6bb3fe128ffbc45a8e77282271d6449049d69d9eebb7694dec06351cb0949f9d9cce476dc32d0d340ea7c5078e1e912e0ee9910366101287bc02d97290a

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\css\license.serial.min.css

MD5 4c8050f37800215ed4510c7d92240f50
SHA1 97df842b1678319cc96851ca1f6f374ad864ba71
SHA256 6dd58d56b2e4b6346bdfd7df0fb25490486b1dba9fcfe2485a7d678ee697b4b8
SHA512 1113518fe739b6072ca0bd4dc5e68b7d300b4d44c807523637182625efa370cd978854198592a4d1dad832cafd732b0e76ddd5ac9f88cd1a5f7e4f144c9e4ea0

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\css\license.startup.offline.min.css

MD5 5dea3915a9495b40912b923d62ce32b7
SHA1 a0b7e50d0a1ed9067946dac68549c4dd40536bf7
SHA256 0501395d3deff96fa3f78af5132d8e31b8c3132e85f0d4f777d53a4a4ed73169
SHA512 b2e03696c2aabf5552d8fb5832e6f3672cbc668a87a2f157117c6b478803ab723268711e167c1ec5686176a04a118490545e54bf4dd46e088455d0bdb3f31ca8

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\css\license.startup.offline.vnr.min.css

MD5 d3461175516c8cde989b9d867a96f176
SHA1 37235d0ab27620535052d2b7797f333e30576a1d
SHA256 38c5b37e4ffc0caa47048bfe80ec992882bbcc25c034fcc92eea58d7e34c5df1
SHA512 40bea246debaccaab8b5a65c199216610a8537ec9eb4962d1d1f7bea4cb2fa3250f277457be56accbe54368761cc9f03ed6cca45166474160945ae8cf30fd2c4

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\activation-wait.gif

MD5 3aea505f1ff93659216f940c7c576ad7
SHA1 891bfd0c443c3f4af04be80ec22aa7f5a6daa46d
SHA256 e0640170b64185f29db505e5e29ea31eef34f6f1ed8a9e100ffbc8f4deb96e62
SHA512 2eeccb01caf3470bac82421f26fca1b8b065c3fe5cab61597b8d8f4eb323c1116002dac517767646086dcb5d2f81d69d493a5161cce551c6d0401d6b8ea143a7

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\bg-check.png

MD5 65692e37b5c3b76aac23f0464b1db99c
SHA1 c448e499f536ddc26eb75e2f7953223016624150
SHA256 fd948e90a8ba5c323ecc1fd07c7bb2804ab916e1077b891543f791abe229e2b8
SHA512 b5a2f520f0cf132a133e1ce18fe6ec384a4842d3485526abc9980c86cd3511a528b4fd3816c0bfad3c807c09074120ee1cd9f93bbc9abecc1b70ff00cb683849

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\bg-sadface.png

MD5 9cae0e8f93e95c3b285a6bd4d762dee0
SHA1 1dab8c22ca1115c27a07639a97b8ae199c5815f3
SHA256 a1974ca4802ad85a4746b8458f85c5becbcd58832a457a8fb83c9a832872868a
SHA512 c139004fb31c2eb3219585a91f78705ef7e380029a73ceb3988c0d79ac5b8eb43514ed731be36e89285dce32a29dee607fbff84087b764248db81394bce77826

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\boxshot.png

MD5 1ce34863c555c904a7e9a358bd1a7109
SHA1 ba4993b5e7e859128f182ca10de34c80d35a3ccf
SHA256 994c6c9d567920a10d5463b8409b4deccb64ccd891aa05e624b6544fc6dd4327
SHA512 c520f6412a93c37918de6ad4e580d88d67bcd804d89ed370172deeedaf6a8c5404c2d7eee9f24303839d211b0ed35250ebd9a99168ed32ac06472e336121cc33

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-activate.png

MD5 83c4518c78c980235863a0d9193302b1
SHA1 3b7e1065125c533a54631ff544025cce3d1b070d
SHA256 88ba8d927116d0d301c94fcfdc81f8ab7cc83fa5d184156e7a79c07b6c77be38
SHA512 5eb63a2e926d19a7dcf7dafeb7d42b8ebcef873a4c845c2b4abac70bf0766bc89254cce2f7dbe14add1ea86d685223d7d070a81d94f1ed65bf406b41f5e476ef

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-blog.png

MD5 f1d4fe1c872f23c7a79b73f7bb435ad1
SHA1 eb574d50f22143cc99a1edf8e12867b20005128e
SHA256 9c7caca9b8ae53bc09ba7a6dbcab0e1689c93ede15ac42a4008b4f8064be588f
SHA512 362f7e2d2c5ef048ad7142661c063f865ac855d78487a61d35aed5ab52c2e8f41cf1446806170dd6f28b544bd28bcd2ce8b9703fed284708c4627a331e42f81f

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-continue.png

MD5 92ce9676495480ad67b74fceb53a2211
SHA1 8057e2a61829107698df2e1845636528b6c2ac61
SHA256 fb45310af335129d29d54159b04565fa02136e6332755c6d72651fbe20ee4f9f
SHA512 192bfd11c692c442954162316f5062a3bb40500a758da850f4afd9018eaa4c48c84b7be47d05236925f74e13fbdfa9f918f89c9051dec7da79267c92cf282f38

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-error.png

MD5 2f79b3228b0f8133ebdd7b1dbe0c113a
SHA1 b52d1381cf62b774442c255543642f7442adde30
SHA256 c59543d9934006d2ca9411cec623641ad655f2d7764d58fe820071f41ec97bf0
SHA512 1eaa39ee248ad3918c949542678de5270933563da7cae51d5ca46b35f0a3e1d86fff868f832ac0251e6bba0104c5d5c51f7d1a41bb5cee2d963c2b6cccad4d6e

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-extendtime.png

MD5 c12c66842f64096b4ae11f96ff32d7ae
SHA1 86a36004cf0b3cde3418fa261fa4ef8bc787c6a5
SHA256 a08c14c57f2156c43dc9542795f186c7552908a77d3fd19ca4ecedde6082cb64
SHA512 bca2fc8234a297579a0953646a1850214e4c6a55a1ac2cd052f69d8ce57aea3943204fa35b1131748d123741a2462743d0408563085a99ecf4c5db0f32937a1e

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-facebook-2.png

MD5 7bc6c13e8f5651493347ae459f059b17
SHA1 f688391d17cc2fbcc3d4053bc39fb8d71748b317
SHA256 efff23d192f64a7c452f18b5e8876dd89fd2b350b3efad4483281cac892e7156
SHA512 e7c8049127c6d295f4d14ded506f3e9b834b8f2d1d491bb421e56d3667828e4360eb1f73593d990a4302e11175c1b613ed51d1c43788c3a06e7f4aa9f0a02248

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-facebook.png

MD5 cfaab3efd6cfa32762342fd419ac1175
SHA1 f517cb4a5ec9187dceea50ae53c33fe990076393
SHA256 29a8a91f368a0b3713c27b97a2d594d12f6c2f53d7d4f8a5ca4857fa109d6443
SHA512 bedeb17bd0e94688c9b08af10d54a783ab0e2d19f04fcbca2fc20d2176e5b6d6bd49884073b6bc51852402d0f9b1237d09aae5e512cdabd0bc94dd5517553ea1

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-gplus.png

MD5 e63cdbf4ddfcf4abb6912aeaad1d6156
SHA1 ddfd7f38d43385870a8f843ee5f09e2b01caf4a5
SHA256 a9116a799b2bb49b6d302405f55d8d9c45752c13678ecc9f994b057b1482ffda
SHA512 40fa3dc01c449cdfea98537a7f0278afc67d7ae507504f2f51666fe7f0fc86415e843b84f869da4efb2eb81c0cd21e7082221936d7648cb1f6f57bf70f368165

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-info.png

MD5 d3c0c628e76f3bd271d64db168780459
SHA1 a68f95794251483512ccb3f43a631f84e5dd17e2
SHA256 55dcdb444cfd4e37b68c74cc68bff50466c36e669c01c0baa49e90f049492c48
SHA512 7e141c372e79431d779b09ec035a3ae7336893ce0778bc529ab44f1cfb9b2e0c8fc9be084a3619f828daf90fd9166e652dd7e3c5013caee79268ff224873a3de

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-key.png

MD5 f2392a695c56d4b43e27bc852d78032e
SHA1 947cbaa8d6c32331c19abbd174a7111c51db1a9c
SHA256 9ad780a06fdf9821e375ecd6aa58cc65eca4e267284712c49184e7680c061dd3
SHA512 83eee1f29d4fccfca30fe8229edc32d05d948eace4f5df8ad2d6aad28adfb17e4be2288b172f7012690083b548d06ebc5e84f7780e4cf8a0977e50ed6aa80f53

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-myashampoo.png

MD5 3366b28cc83ef4daec647b8417339257
SHA1 11054d8d6abca816f60d75f140bbe695cf86bbb1
SHA256 d6cfd85bd32f958e6d5c178f94ca024b747bdd3ed6fbb8542ffdb63f4037de3c
SHA512 cb0ad8e9a31c8ca3d77b9e9af1d74d5ec6b852df3a27224303f3b4089d40645f04f3d9ae96f7402f89d1884140b675203011a57711f7ae73b5f4b98d0c75e6a2

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-mail.png

MD5 2e4694852cf677912bf8e63e561c2bf2
SHA1 2c060b92fd5f2bb835ef44bc5ed618080b47f6ed
SHA256 1a814eccb58508458e9e862838af9bbd7eb2b2624c5399709b21b75b7dc04db2
SHA512 5d53683e121c425ea66e7a8ea6d6d0677bac50849666790f2311ea47e28c07584047a3c6137c5235f073cb34d73b555a9c445094a18114b97d3d74212efdb413

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-okay.png

MD5 f83c7e4ead894dcf34bbaeee2d564181
SHA1 6d2cf6eff07c91f37b6753c8f56fb2c132177c4b
SHA256 0168fd31ba2a877b33cf3c40e6dcb68238ea0265af5d0e41d497ab4ec3598f88
SHA512 8a9ffb99bcc6f06ad1505454fb0e8b9ed05c892d4ac6df1dc153f34d9f9521f826903aff7e5537159ea9295a3d2e9c14c1eb6baf6659ac03b1875ec886e40e28

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-pw.png

MD5 be84a7e232c73fb14d9471f3a5732fcd
SHA1 4b186d9908f78e644b26dd2e3c85cdfc068a296c
SHA256 86db5e6027fb9d061a3160dfdb5417973ed2e2f123ab2a80a23beb8ab8be8630
SHA512 bf8c6fc8c448f9cac13597e31ed2b467114ce687f407ca06452f9353d38d90db5ad3e2444b490bd88ceaeac194172cf3cb018a1b43729b716aaadfff2f9229f8

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-secondlicense.png

MD5 f83db19880aa40f9b2a4f634fbf2c18b
SHA1 d604f022fab4fa005559fd4ee03c14683dd05808
SHA256 bc7ab16e9dc34491b58ba28798453a3a9693135458625c9fcde9143bc0b4f1b5
SHA512 b74ad7d811d42b1244fdb7fdd2ff0f32efe1d74e876f10d9b9aeb83572fcb844b39392d9d6dbb6e9bd0faaab0e2a5be0d7c176bc34aab10f4f1475d3e68255b0

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-singlelicense.png

MD5 8c7e4ccf85ff47d9bca8be5416773f15
SHA1 d8dda6be3262e0f490e433722d972d7ee32affb8
SHA256 2873494287fa6ef217eb39aa879be9c2f8d131878e343a77105d289f90a83394
SHA512 83289d156deea85c87d2229603a7c7f8b27ccacacf181ac094279958e52fee4c2af4e8869abdec8580ce85c00659b293b4c0376b8f05fa392556bedd51dde127

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-twitter.png

MD5 fed0606c8d79f36c780bc86fa59db456
SHA1 115c78cc0be20c7c73067b65c3aff6710964ff2b
SHA256 bbcb155a24aaa853e0a1743ad39298431ad5b4ed5db49685769d6f2e3ed4e40f
SHA512 e1214c8dbf4babe7dc15d46802e0bb9a9e47343c965394410fcd2883d78cc2834f8c12258455f3c0e91320ab369b9982dadd904eb5e1a31842898b72dc426509

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\icon-youtube.png

MD5 b702bdbd305b23e7e6d59edd9cb20873
SHA1 4f5e0bb01331188f92917f385874e6171ac9ae5e
SHA256 73454bf8c7cc8d64b231dbbcd19d50484736a05927c43521b4b6757a1cf4450d
SHA512 3cde171e02b18105d0695e632f19ce12f50dd46eec384b03c84d184f6761fbaffcea127d5c0e8a6ece8d21b755f046685736c8d7621bc1ed35b41f47fa707cf6

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\lgo_ashampoo.png

MD5 d58f0effa6bd3a6fd960e5703ded7a9f
SHA1 b0a000aaf41192b93e5df0b7777ce085862bb7ed
SHA256 65066955839bbba302107dd67ef5734770b55d2516d0d689888368044cd2ccce
SHA512 9b3a646d5c4875f6c0bd58c39ab4b49f3dc14d0dc0d8316ad8207b763acc5212e42ca56f6fec86b82ab26b148a8b9229aaeb0af441f201f08839aa0f3adb1cb3

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_1.ico

MD5 02411080f23e531660e924725a069c0c
SHA1 0344309f6ae0c51bd6b4f54a8b82fcda005d18a4
SHA256 7d278f862a593c51d9da50b1aca555f994d6de8460e7bb8c96adf8ba78cf678a
SHA512 28b3db5facfbdad51ce077f83e6de6544f6354327b8f72f4cd7db0adf34739a9ddda0d432ebe4f49829b3e58e4a529041c32c2b818e5f42284089c09c5f25443

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_1.png

MD5 a2efff3f16bcf901bc6ee5dcf4b231eb
SHA1 92e4d640d900de6f723b7715217a5753cd9af651
SHA256 04a8228c6178aa247e47b1973d0072939bd918db235ba3af96614483e25d12ae
SHA512 28ac8697cb1e4e0bb42b75b071e44206a52cf9c7415e8f28a26ca1da45f29f279edbefa75665dfefbda7f9ea245214a4164e368e2fc582efb2a863fce6e38ad7

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_10.ico

MD5 c042be22cfecbadc6e327277121ddd10
SHA1 c08742219780775eda1479fce8004ee91abf3260
SHA256 5e800bc3aca70732f600ab17b6a8f999048c5e434338420a86038ddb84a260da
SHA512 2a47949a6848bbfb583dc2c77d251175c0cef1f24821b6fcf713f9ccaa352945294b3a5fe1770b3c75e0d875914063090464b22b91c60578b868695799e140fd

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_10.png

MD5 beceff11c59223114b564b430867a7d4
SHA1 7bf45c0b70a1a8ce59bc07d0751a5cb39e44fef3
SHA256 2bf545ded343474c2d935ab31306ce1ca639ac59cc0720a0445148754d6556fb
SHA512 c73692b0ddb8a867f46c2fee82dc79cf305ab7d87d50a6e5b730d07661ec5e79da7c06132bbf219129e9b3b0b26499c724e22ee741de05bd28ed50810167efe4

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_11.ico

MD5 369038dab4cb253a1c322d1914dc4ef3
SHA1 321557d353415fc16a14432b46efed0f1b4a58e2
SHA256 17c99911199c760bd5c8f7fae3e4208b0a164ba06abfdecfc4da25035ae43d58
SHA512 347ecaa10f3fa3d80069abb9212ef2dcdc32a7326d759833a7c9c1298bdd93fb4f305e2805218995b0a141d4a0c82e01917456522d924ba279f11f5c9585844c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_11.png

MD5 928a8b408ca7d207da75e7485dff19b8
SHA1 c9e4687df997b4767b7d38fb76f3467090b9e67f
SHA256 f5db4196f5a2326a491c338ef201fa6026ace7c98c2f0107338656cbf1af63b7
SHA512 da8e0f97f6e0f4e1c24ceff49864ee7fcc0828648098acccf94b42d953210f610b552ad79e83376dc1459055aa314f30ffb63be3ce6b3cb08129b088204ec03b

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_12.ico

MD5 9ea9e6f112d6b5d246ecb1b03c48477c
SHA1 097dfb0bf81c0f1cdc57cf7c4f62c38d7607cb35
SHA256 17a09b8f66da311c32bff69d1a33c6ffd2904ce6fe28e6a9e52a6de4b9ab08ae
SHA512 a4a900f48cd20fa41b8179568943f14155aa473f8372649f2788e194f6c0849427f5ca88aca13e02f0594d6d980ddfad37ad439dc3b348e5bd2f3756c30216af

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_12.png

MD5 3220bbe79a2edb359a505392d8f76256
SHA1 5736cb441760124092a0db53c7ea84d3f02ea1b7
SHA256 7fef09a8568446fc80aa2782e5787b41bdfc29bcd368cb2bab90111e2e378c52
SHA512 b329a10f74092ffce26b525270202831b08a914fcce8ed56de67c978cd14e6437db903be26b5bf2236dc6f450004d057803387fe3542e3a424cf80331e028124

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_13.ico

MD5 68bc7228549981845d235bf4f98cd384
SHA1 a006dd97a6d9e8f279f7feb2bd4cc094e35fafa3
SHA256 82e70076db0ad6104d4ae9400aa89d7066783f88615bca86bb3f9d18f25b5f36
SHA512 a37bf0f26aaabfddd70dcf65f7d96dec8732df34f1184fb06f48b6176ea7aa6efa7d92a2eb7a9ba84f097e5f730345a665240f7cf901a2d2929b271f1f9f45f8

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_13.png

MD5 4440fc54b2dc99ad935f93eb82f0a610
SHA1 c548ec4d47a043b2ce053479d1a5ca026cb10873
SHA256 fcd8e155dcf9876051c3220878c56c7cb1081bfcb77e396ea11ac9e03db03bd9
SHA512 ff3c0d3ffb40139544d8e1fc2a367b585410602774fe6ed42dcabce715eec2a1760fa910d9a9e4e3c4c3342a5e6b156a45ead8680bbad275af848bb8e962dbdc

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_15.ico

MD5 82e8df2a82fdce816a224255a3f2494f
SHA1 32b5620b8c584e1c74f4d472651034a5475dc391
SHA256 01026c5598c430e405bf9a7d45fdbf6b052d7343808c0aee508510f1e5d7652a
SHA512 d79f2ea8c4b5bd7c4d262760abeefd81ec0a51e6c6f41d34263c4a4a1f6d1b15c1cb7ba40ca1a1261ebc85f49b48b2ca5e2e8c6745b1cbcd576f8998b4c87d44

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_16.ico

MD5 9b2c538f181be487694e414bf449c573
SHA1 c19c887d5d0e313cfd9411cc9bce5ed2f93e76e2
SHA256 63741d0229235f082509da28502af894dca2640577ceae618b289fbb0e5a6a4f
SHA512 bbe2e05961f7cf92e8ef6f70ca2db90d301a7cb22263b53fbcd3aec127b0e5a539fe159c7759c8928b58f7b7c31c9f8ba926ad7e3da15896e110d3ce5f71efc3

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_15.png

MD5 c2fd9fa012904ff717d262c4c945f138
SHA1 1aea6d99bcf4cc669f8b9c59f4ee01ed911eaaf3
SHA256 152781d7f2a7bd790d18809d739b932738814ce4676fe98461369839637c676e
SHA512 f0ee2f6abf72e77f6456ff7c58610bc356bf69744ab81fbd677ff05712790ba2e8fa7ce60764a66b7acb9909171c468f4df4c21829741a776e98bc489bce846d

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_16.png

MD5 faadbd3b08c9450d70ca993cc5242a3f
SHA1 7f0b3aa644923de7f6dd3cf23a8f9c18ea71dcbc
SHA256 de4ca0164becc92b6bdce0b012386f2e698eb8fd5920528a4ed90d56d4036243
SHA512 ab3409e209cb8d412e465018a33f31676a7bd1516520450d1dbcc2900567a7e877f957c84dfc035dffc7b16374cc2dd7abe1973c19128c6a039cca0cb7efabd0

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_17.ico

MD5 a734b7e6cc0bbc38743a6dd6322752f6
SHA1 57eb6307d75ca484f9425700b7761887e90df9ca
SHA256 50727f20382b2dac500093fb26034974db377a9ae1e45a7377c465056b637304
SHA512 3533fb73a72ef57683093d297c1c82545eae43c07a4e096e02a1f448310131fcecfc9a46e186c0aa56b498a1e99df2c3586789697cd44710023edb8972a826e1

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_17.png

MD5 97f2009b5ec38dc48f5b7c00746b38a4
SHA1 093bb556ff767f7cb7343aa06521bb4bcdfeff8d
SHA256 98029ca46e263c71bca1837b67fd9e73dbb0a115b566c28e288aca137f3a1d20
SHA512 751346fad4795e31d506bceb50f615ea9ad99c0df01ee41beb807b19d2649f1940d2f88f972827b60d0ffe38acaef0e1ef93e49d30d94f6a76a5c05dc7340385

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_18.ico

MD5 d3cb8804f4b52e26ace9f756ad0e8e87
SHA1 645611533a28d36195365dc0a502587b321a73a5
SHA256 539328f8a2cb9f77d386e03e902e18c1a587c565ec350a10afe1c7cd6b4299e1
SHA512 a38cae04106d7090467e48e505d01505ec08ff9340077bef4e99726b33b45ffa20f9e7fec86b2cd877322c1fc9c3807aa29a23cd46ae4d6b2302cd2f3822e6fc

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_18.png

MD5 105c6bf983d14e28b64a8c756859c799
SHA1 54779ada3ef9ff0bf05916b954ee70356af9ebba
SHA256 5c6806997696d84262f993325a51636a495c809c0e07fb9399854d1f5e607d2a
SHA512 c9d436d0000c2b98a663f48ea31ea77279aec9413894a2dda7328ec13ceacf47adb82057477219077de7c25ff842160adea122660b9ff4e45d7cc00224a5739c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_19.ico

MD5 ace138f9da1fb68c86a6eebc4801e00c
SHA1 24367733c7cad9804757e862c3946cd56ed79fe5
SHA256 dba4ff90f656aa0e5d5cd6b1c2b9f1edd4070c641fe4148fb31892f96a314e08
SHA512 1fe211159474cfa528cb5943b8dfd121e14ecad6dae4526709c3f507d9bca95012c387392bb6c6cbf9a43124d41d70d9bd1f0375ad41db98bdee636fcd315018

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_19.png

MD5 58ac1db2c74e088c697cce07c84cb934
SHA1 c6ac340872c82baddd0253491c51678fd91f2de9
SHA256 e88afc43f9b57b5c6b9ac8538186dfa69a16d6ce9b3c3aa0c0ec2b03638f444d
SHA512 0965cec8c5e04cf92673fc4686d73911660c71950ee90d1cedb83a375ff2bb279cd671b884025aa96f2c72c3dbf7bcdbedb046d39fd2fdaff80c7ef00ebcf153

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_2.png

MD5 e87dca56697a61994665858c1698a1c2
SHA1 3c1708f3de7108f7c7b904d8d476d6ff864360c0
SHA256 aae3110b8828cc37ecc8dafd5f8f2fb26f7b05d853c37ade6794455346fb67e2
SHA512 63fc6342e354dd4e6335ea548596d93515d794cc5f0cac6c83d490ddc36ad6c35e73479d22583b38e0c08f37764aa5832e1d97a5c622dae8341ce1951bdbce96

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_22.ico

MD5 2ae082b23a3f006510b8d39386f5fd77
SHA1 a54ad59a10f3570209ad759528faa88b7a4d82f4
SHA256 0e2eb0cf2431db2a76de32e43e2341d06c09e8a32b448bfb04a5ce9a09aa5861
SHA512 ec4ad1a2bf83553904985e05c8e41f59fb9adac0a8989cbfd9ea2c2a3b0c00b001e7ec6d8c09f63d6c5e1a51947c9667dc2e4e0f22596aaa9ad1194726cb4334

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_22.png

MD5 67a36b7205ed36b5ba321acc505c637a
SHA1 8822c02d4020fbfb55cb9a5647791e67f31e2f03
SHA256 83d2cd2a8c1a6796f6a35685e5e3440ab99bf7663fd10f526f7b96e7c956cf53
SHA512 70863ad033fcceb7f8861d1541166b8f70a5690a9d16cdbbf1b54a3c0998ee011cf316add45c72074ea610d5a2288eecc18062c0c2b3ed0d99e5b817db350376

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_3.ico

MD5 7ad6c88e35c72c07ae3b05a8cde56dbd
SHA1 c85528f683eeef2b364f0ccf15d6540fa44dcff1
SHA256 a3e68adc66f0765de818b5d34f5f9df62b328a84f01b52dd7b1e18e55befb9db
SHA512 671130e05cf5535a58efc3b5917dfd84b0865b1daa91d0381a273eac04ef33ee4ed18145ae73cf280c387592ed616b3d2e13626e8e7c526368f8d6e5227874db

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_3.png

MD5 23d36c42c5eb5d22a112edd280d5b843
SHA1 1fd11e3c7d71065dba740b79ddfe226e338b0669
SHA256 e8d7fcd1531cdd0f739e1e0f3ec984ef3cad3a2effc503996228e72664162b35
SHA512 62f6ccd5f88824be7fe47b109ca13d3ee6052bb589bc73ce35bee5677ea6ed043f6b5e9d1dc83e089cb90ed8713d30f04e14b2bf40494097b4cd47d94d95a26c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_4.ico

MD5 f65c6f2bab25959e748e9245783e47a9
SHA1 3e1f62356df1a197d11e3d4a43d853ad22d5f791
SHA256 dfea03f6569d448f6f95b5aaecc2d41ff327c9e0cf9eb144d9fadac396a2eee7
SHA512 0562d23c83ff21325d8265e1bbfce09527ea51f11ad2df4be06516927909807124c1459652db3fb640e4317774481992a2ad013575ce1ab6e7b368ba222614c4

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_4.png

MD5 bdc4fc8e7481cacf664acc2ecb011d4b
SHA1 66cfa9065b579bbf72a6d66eb37e2f90785e3dc3
SHA256 94e0b9ba7e0a634ce48a03cb3a5e0fec957bb2eda095d455b550878be94d097c
SHA512 32da36b0448d12d373d1cf60833b2a446a9a106498e13326f96b08b3fde8e15e3b832ce9c73ba2d95989ba8b4b4e714159ac8373f04a11674a0025ce01e82100

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_5.ico

MD5 836afc8d0a32e65a1ff72c9620505b73
SHA1 71d83ee237762a5a1601354fe9b39f7818de1666
SHA256 f02927071ca755f9b1a3a68b12462c2f48ffcc4197bd171f71bc109a9816f316
SHA512 293ab0ff2dbc9ea4eab77dcaa4acd4bbd4691cdf752f5a983f7c162491f210cb4e18998c1c26ca3ac0a146fcb6e43f0f4e7d04f2ee12639756292b80b7c63a0c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_5.png

MD5 a4d0bbf8edbc646bfc450a75f046f801
SHA1 301e61e4a6a06d3126383d26f68f99a896bc8788
SHA256 1aebd792bc9d2de674e5d89a65e3e9500fe2c0d700218a2e90e21f6ae8af8613
SHA512 54a146e3c22414c76f2f08b471b83c318c3befb8df04f08ee720ab2b0a6da65603cde2ce750db00e8b4d3e057c5f33623416a810dd003d4a83c8aff4df41cf32

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_6.ico

MD5 1c747906c616b3bceaac034e148e2e75
SHA1 2c6ec8ecb290e8788617fdd2faae2e73c21810fe
SHA256 6e4956717900ef0711b9614db3a6e5cd86f6b2d61240390b793e729d8738f063
SHA512 9c8c4f1636fd1edefca4ccf14e2cf9feb379dd9cc46bfed6ae90c258048bbeb2471350d65fc2613c5091e16fd12fbe6d143516757397e98fa2c1e679833a7879

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_6.png

MD5 c9701635f048c08c05f227b41810db60
SHA1 bcc4d33f19f4792b0b16eafae2cd3b52c76c3b6e
SHA256 9da9c5d391c24b1ac6540d4a0b5a0c275daf192f6b67024be06657da2f928a39
SHA512 bdaace2bea6ade2c23eeb582ce641e0b23b66cb67d8d8e8a115f9563dafc288fa7f098261e50ced09cc845897500cc3635b9874d71dbbc652ec092b159a2299d

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_7.ico

MD5 1d7cafee31130e5b76119f3dd4231b1d
SHA1 36c1213309ae52d48974ccab7a7f5004cf5516e5
SHA256 596ce2974fd74a8cd5711829c85e970110dce2501f070e4cc67790eaa9162781
SHA512 cf1553d21471653e3bd4de67faea2dc8b5a6092ec91e6ec8a5bb7a0b899ccfd02bbb2d23454d08d55afcdbce458bc9151a8f3e1cb9fb789cb0fadae1d9fd925c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_7.png

MD5 c2f8e71c1ba9882fe6abfc898f982012
SHA1 ce7b4cc0bd69f9d357aafd2924cdb2c659bb0bb7
SHA256 7a89c9b9f78453af7699a22dc3a1a835d019559468393946930be60f0f6436db
SHA512 c94e1f311dd67b2db8b6e523afb893caeea3a4a1ddd4826fced64f014a12af743e4f74f73328cf9af873888797352e32f7106a4ba968c9ee4ca0c4549cc92eb6

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_8.ico

MD5 09e7a5f3e47b4f7de61a4d7e152b9723
SHA1 6518f1558952906c812ebac63391020d10e1c328
SHA256 20662c3d3401a264e9703ac196c31e8102d110cddc9758175c370613444fb583
SHA512 dbca2442d18756c1570267e11e4e4bdd66134e731179f46f3926eee3c0e4e5ae292356bf7493da536788454120dbdb2d390930b467955c6e57fbd26e1b59e135

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_8.png

MD5 ff16aff75a022179989fccdc825d74a0
SHA1 d3d1187a489bf6a07156eca7edfbb5410cf94b1a
SHA256 d7f4268fdd50aa11ceb0b069e56e3688343385a1c89fa79fc7d790755b229d2b
SHA512 61e5fcbd81fdca3a21be1242b0f9918a5671e3398e909f354d338e8dbbe529c5bdc08080e57f21316ecb3a968da09d03e353933182fbcda5e4699f87cf251da5

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_9.ico

MD5 c27cbf31c0dbf781e0866e8205945776
SHA1 b1a382aca94cc6915a292b6ef76f1ab1cd37c165
SHA256 728fb50a2888e5323bc42e7eb5eeefd35066f78755e8816a0b723f0833435a2b
SHA512 e82e5df2827f5c0bda9cb2faf784a7fd1c6781614a712042345ec9ed41bd84adb127e7752028fd9b45a69bbd8e822f16dacd02bf0167fae7630f6ee74ccad8e3

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\build.offline.min.js

MD5 b343cbac48b20ca7e2ed61c9eee643c7
SHA1 ad8e4eaf30cf3548ffcab88ceb4c6630d49247cf
SHA256 ff9cfd1ff3a3fe4fc6319167bc7c03c5d43a0c2633dd53daaee5c538ab5adccc
SHA512 652af372df1af07065e0a966c805c9974f3f52a78e22823d7755ff8516239184506c35c85fc3b55594261ab22e903d286303e06fd178856efa25d97468049f60

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\bant-v2b.min.js

MD5 fc5e2256957adafd233ac2e436b5fc4b
SHA1 a2db74e4ee0f6d36fce2ca1bdf4f145308e20278
SHA256 eab9567b1f0c8d8ee21f81df5e8b6a5e80e7e2bfc9b6c47c238dbcb36806bc92
SHA512 9c099c5b244bae4404c5f5241497edaaf297a35faa38445a9e23e63d05d84f9b460e345b0568636bcb173ba29c85d01d6351d15de9d6bcf9aa02d1df7fd6a52c

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\bant-v1.min.js

MD5 f0a2ca257dcdb8fdeac18317bd6f47b4
SHA1 4d4ee66fd2f1b707bec92fae37c6222bc3821e58
SHA256 aa5b81af0757f686735e4cb32c88eb0d32dc3f75c29d5d8c4424e38ebc91ac8e
SHA512 3b397bf2dbdcd74ae4a32480047ffaf6c58941832ff02fa2cacc9552b643b55be3e5e3e87522e540182f62682c5c6034cc30de2b9ce5c7aa3591ac2c9ff4ffae

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\bant-v2.min.js

MD5 6b67499a5db70019f751b18b1273974e
SHA1 2d5da0ac0a52a2e37be082d43df96bffdb96e419
SHA256 131664a94eacdd85e0c1e664e3d280f21e2c526ed1db9f45d040b843c42757df
SHA512 1bbbfb4e71c524303064db029165b8f2b8277d689d5356fb953ae638a1be098fb55ab53c4977a272fd02161c2dfa87c5aace78ffc72f903607c9392f3da596da

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\img\menu\menu_9.png

MD5 5b9a5a82c041c28eef92f6e45d3bd7ca
SHA1 81443fa718c8be029f9e8db05adaaf69526eec09
SHA256 2549565d230de99d8185dcc4f003df3bd51eda0a3bd82d0a31274c6307681a33
SHA512 b7968747532abe33bf49dd5c4afeaf8d9db364b226ea798f16b1658475bee3d2126077412a9019cffb4de9bed51bed1fbf047c76c2cd3b4d01c2523efc41fb86

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\dialog.error.min.js

MD5 361159bd3b3da82d40364d69243d3343
SHA1 886a819a797d790118f36ed6bed8d9bad2e9f0f4
SHA256 b97ebdccf7d9aa3d8b699b71fec57dac59fc4fa21bfa478e60d57d4ff226000f
SHA512 04973a82131f7211bfdf30b9dfdc567c644d135bae9ba9fb4da0875aa04f4f2fc563d508b845c4079a4abf048e41ccdbd5ad30ec10c5dfb11fdeafa660f013bd

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\license.serial.min.js

MD5 bdda03854c4202d2ae8618b03c8bc0fe
SHA1 982ea03de83d09bb0393613439628931758ff726
SHA256 04481896746624bfbe5499914d3dbc7c851c6820b4b168985aeab3fd8bd9ed23
SHA512 d809bec97aec93888cd37d608b9c23e9497ba80a4dd20884fc150f91f59b36676eed2d43d230da035b6a69b37af0aabe44d4e804dd0d86edadb0a9c0a421c383

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\license.startup.offline.vnr.min.js

MD5 7907aa4fe01653707a3d24c17bc1e34c
SHA1 6a0aca73a3fe7d7bf4bcdfe6414a5f07c8c14175
SHA256 e98aa0741ba52a3dbcb3c3de4ee8fe2579c679c132e9e36a8148e050b3e059e7
SHA512 4ff742618614ecea5ea666a72186bcbe9279ed2b013e8969c07997477f1ec6182e23a57521b5309abea5024d275dc3684076b08e51d096d6f48539cc1cd0659a

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\is-0QFP6.tmp

MD5 4fedf1bb869eaaf56a30258b1368b6b6
SHA1 67316c9291461a26ac7b8eedd7e02434bbaaaf32
SHA256 2b5f6f2b06acf76e6337bd30865a6d11265b7bbae6c89c6e4547f4e6f1202540
SHA512 be32e4ec9f52e76c87643e7ed20f6e14dbeb32a2bd6ebd1644308544cad066b4386ff5a32679f291a5f9443c30a7602c1c1e98d2dc9a4a910bba6b7ca022e4d2

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\ash_inet\v3\js\license.startup.offline.min.js

MD5 36def2c46e01fba3447723fa97b4466d
SHA1 7684877b92fbf303ae9e49b1b49e669ef22412ba
SHA256 4da56ea36c5e42ad1964e845fcccd9cd3f29595778576855ef3e86a864402d3a
SHA512 ba844d2719c0ce95451033e470648b00b67df7cf6cf3067dc620d016e84078c86c43e0995c6ee096360cb8a328de68a7eb9d97b99f639c0eb7c0c401fb6b33ea

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\default\startseite\is-6RMGP.tmp

MD5 d8baffb35c7d4a14b383a088a9449172
SHA1 4972a79f558af55a6f219be95fe80db606c64fa2
SHA256 37a06ef31fb3f796d544bae22349bb1d34526ac23783d6cbadd71d1b4bffddfc
SHA512 10f03b2018c5008a9d204c070a6e8ace746354fa0d8e2c054856481bf85c779b5f477c2dfd2834e5791edc18407048057ed55ea77c786a00a21a723e1c0579e5

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\is-JJLAN.tmp

MD5 de5854076b9d8320e24f9b7d2742a708
SHA1 affeb4d60ac4535c1f1eba687afaa180733efdd2
SHA256 0caa1f0eaa275e1282e422421d37fc6d681755edd5981a5ee51ed86b87200b09
SHA512 a0aaa3be45269065196acd9cc31b8c9a039975ab608902847e7ef9783a5360b0da2461ffe6225dcf226c77d89c75b2ca04563d672c5a8d661da200d6a65114a5

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\OCO\is-9PSP8.tmp

MD5 318f3909ea3592a105bdfb1798792a4c
SHA1 e29dc66abc24158d2f875d2a933ed1afa064d389
SHA256 6b3db2ffed1587649f3dfab617693085747834dd581699e6c8a77d3c17b11c8b
SHA512 cb66ad61516980c3fbf922f36cac9ac6028db75d1a302698e2059f38439d92ddb98046411964e3e3a3d5749848f6b3fdbad99de823571b69ef146aeb136d7651

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\OCO\is-0FL58.tmp

MD5 b0b38ffb2823afb048feb66304587b50
SHA1 972885fc4d39838420e356df20f764a985973ad3
SHA256 c21614ecf234f809cfc4e0974720bbea39ca3c9265c760797f1eac2841fb5484
SHA512 d26fe0da088032871d7a6e11d3a11c78eca67e9de14bfcc31882880815b49dcd496b5f62ea279741b8134325ee6b7d1a330fb4ab32e84994ddcebb5f6e9c81af

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\OCO\is-HJ2SS.tmp

MD5 68a742e3b09655f47c5c36c0656f381c
SHA1 e9d68f612440e2446da6369897d65eab4bd239e3
SHA256 9c35513432ac54ca693260269487a806cf6a045d0eab9e1dc8815d0eee74da10
SHA512 ed4b5ec6531a34dcb37e4aa8715ac907f9a13ac9e20373a9e28035d7b4405bcf14b59834b65edece86c893911cb4ced94b7360e40d9367fe16f614ed3dff3c30

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\skins\light\startseite\is-A52QU.tmp

MD5 f94572bc4bbc44052653a39647766cc8
SHA1 da29acfd8dcaa0a3d92f576fc2c222ad73c0d88c
SHA256 616674d368bfe6c8ba3f1cecc8e640ba45d1d1c9a36b09da9a20f352f15fd324
SHA512 c10c4680326637690ccd59b3af357459342bb1c7bb4892a327d6e304eedb60e86e99d57138bbc217be99b250fd170e99f7a7a76d2ef7e651b0e8ddaa173476b9

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\WOFREE.exe

MD5 26d0c6cbecb4c012dc887bb1f6e4a867
SHA1 b70ff12588570f39bbe6d5e0e82d114610f62c3c
SHA256 8545cb9fee9c51708a50ca3e6faf119a8ccfa38aa2558ca16af48e50332e60a3
SHA512 fced43a1ce38ea8e47d9570428834d8fdffc43d3e672bad8e4e532b3fb64685e017bb53bdfadd6df4f653f58c413ec2ca532e3c4f1536a62e9f8eede49dbaa2c

memory/4280-8607-0x0000000003270000-0x0000000003271000-memory.dmp

memory/4280-8611-0x0000000000400000-0x0000000000DF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a71edbf76bc24e5e36d5fcc5a0df67b3
SHA1 2053373785b3eaea72fa98f1a7c602d5fc16ce93
SHA256 22bfabfa0a58a1a88371c334c05ee23e1455c91697f5a1ca5ab3d16be39207ad
SHA512 819c17578f0fcc5e7fbfa581b9f794208bc9487b6ef95f725b3bfcc75b90513da55ebecbb6caeb8dfc91dab8b563e315abb852d409adc5578517eeb1efe9704e

memory/6304-8618-0x0000000000400000-0x000000000046F000-memory.dmp

memory/532-8619-0x0000000000400000-0x0000000000575000-memory.dmp

memory/532-8620-0x0000000003B70000-0x0000000003C05000-memory.dmp

memory/532-8621-0x0000000003650000-0x0000000003665000-memory.dmp

memory/4884-8622-0x0000000000FE0000-0x0000000000FE1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1f4f9685a180ab9ceb1e5365c1212ca3
SHA1 19a38d2ebad78af421b4d08dcb2a76778a5253ad
SHA256 3a3ef3c170357efed4ef665ee82f459d2f953d44d4f55b5b15f770b93dadeb7f
SHA512 fb6a7118e2e3acf6582e8566d9a362e5c3e68197fb8486d58743de92ab9ac8e671fd2e24555ee8d3f2887e84498ec50516a09a472d813694cb455760c7f89724

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 41172471e9e94a6f5f60c9a220ac96a9
SHA1 f6d5b68722c3113b6a1afa3ed1cf79f70dba20ba
SHA256 8738c3f615e83fe1e5c68ef7ce9927c7896fdf2fd6e15e93f50d5f14c69a363c
SHA512 d49a274a789dc7699a232e737582bf643ea701b3417630937d0379dd3a9816fc3e2949b6a8e4a01cf546935ed4355a13e2bee391ffa79c59358f31693428d0cd

memory/532-8643-0x0000000000400000-0x0000000000575000-memory.dmp

memory/6304-8658-0x0000000000400000-0x000000000046F000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 61d512f53145fb6ce8505d607d905921
SHA1 f3df00f2d18c14175b8fe26a9fa40a6141677e2a
SHA256 9837f5035e02ff400628c45850c7ca93dd8291b78d772500bac2d34fe7090269
SHA512 21e5b77f9fb2fdcc4d365d7e64b5ea09397bc1491e7abfb8edf40cd4c04cd9fb233506bad939b1a64c0a0cee0018b86871eff5c764cd153ae41ac2528588d3d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 a34f6f9cdfcfbbe4d06967691bdcc9eb
SHA1 afcaa85869023e02c4c7a83f5c94a04de0538223
SHA256 9ca78952d6f73c3d7e75953db90d8e1576b1b725a84cdebf8a4cc415ee3050d0
SHA512 7429d1d58dc94f7006c1e1fae8b40112b62267da31bca6dc01c17d3231c772f0dc3755f5d1b558b58c6030b69dd667f4dd156c0516c724c48ff7ad7cf3f0d7a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d4ce88822cac9dc0b6efc6af4446ace
SHA1 bf00cb1763ef8fd7b5acd71e755dd07aa06d9d69
SHA256 8ee5ecf12874eff13ff5a1e405c08e09066b5c93d102c10c71274fb852e24698
SHA512 597afa3733644567e372089d7cd7bb01687a42711293e249bdf02ed695edd7ba63e7a0166f43d593f99badaaef7f356e79ded0f8502c7cf2db1e144d42eb7e58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8c1c1e5e4eb170bdf7a32429a26fe1a5
SHA1 48bb3962792f0f2ba4a0b2f485f2c21f8aac7038
SHA256 5521f5e97d6aac09e5553a1e64df4107a935675359cd17400024c62e6ce7a511
SHA512 cf882ee3e7978c6be82c7977e5d9ce6e3a216cc1e4184ebe0b8f4fc23dac2ba0acf90edce77fa61200bbaba8f206b936f483647f6f424871b2789eb0a85a51c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 85f9ba4487a29e2fe6522f9274262e24
SHA1 01bc18983392fca14f4db03e2fc9d270f9604a68
SHA256 06c689e1a106476af21b2476bcf304c1fbe9edf4e0dd8315f772a8747eedce92
SHA512 3433e2768528c46229141ad87a95e60ff2a2cf9048feb3c9ca650ee115ed3d73665b363171750dc70f046f3e420b25f7b97900a8f47a6b1f5b0a281f6aa8f0ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 8ffc93179fbb28e6132f2ce5c8b11f25
SHA1 f0cd3f0055ce8a2b7d1fa9285fefb14bb014f948
SHA256 c14394727c120575d84263d4f4282bec1e94d46b39c60036003f13f131210295
SHA512 0f5888d53ecb50ee1fa0009a69e9773c7cebc487db6130ed4702099a129ddec0752c8970ff87f530464fcb5f8298ba65b5ba3db8af6fd79902f1e40d960c260a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c5799af3f1ce10552baf0b365d414bdc
SHA1 76347266a3749c5dd859d668fb82976d59e34449
SHA256 6f1b54f1680280df5ce4216fa79fccff1a22e8ca8fe4dcf22333e1a68c245f8f
SHA512 87e040e24cda318bee505a0c03ca1f98d08259d4452538a83212fd15719a6c205c3148d58668c746a6f3a28a86767290eed27447b94ba8dd77a6aa02b47d708e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 53674fa312b653aa7e65155ee28a2d64
SHA1 66c6ef49ef37b265a3273c404f2fc0d21b61ff47
SHA256 360108a28b482ad7ddf7b0b5d3d631ceab77c8a001e056537d2b44b7dd22c7be
SHA512 c596029fb1485e7a0765d8138e2fa66c61a9c8648734965fd94326abc7936a5d672f62fee75787e0c967a8ea152f28ed4fb95ce178ff10b4d8c9f119e2715b11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 4c406cd678d5653e95b0e0ffbfea721e
SHA1 f8970bf765cc445ae992cd9be3f7765c9581230d
SHA256 401e6efb217513ba42783b73cf4a8c7f516161182c6d5d9abedab4dedf63c8d8
SHA512 f601154a006cc3a83ad3ac3b0a0b756bd1adbd21114a1fb7a3f8de0fe70df72563fe3891b1175391d18f9a762805bbb063359ac392da785d3b8ff5e771be819a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 9d3ccf1b07aa28fb9fb0a801ac393ea9
SHA1 36d7d9ef3455cb19e9f3b2dc445a1bc777301e42
SHA256 45b589d2ba734491e1fe971716563563c7e164263b5432c3f5a96267f8b23276
SHA512 14740831de3b8e41839683b66c43b3331a7496e70a04193296cc4f148fa10204b0c7f3d484229a073c2b1b7f0b74877f72a5f577a5771a32430880ac0186a041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 bd6d2762faf9d05ad17c296e8edad649
SHA1 3dac76f2fc303b7555b8243475b40c27d94f3e3b
SHA256 fe85104f67188c525e35015512ca72d6b821e365863cdf1d6cc479879556d75e
SHA512 0de67cec8b3deb2e0114558f3a74755932c84f652bed97c9fd3cf44d930752f7ff48296bece5aac2dc052f8699e7e6defc15a82f575e52e34782d2940d535367

memory/4884-8918-0x0000000000400000-0x0000000000DF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 92e60ccb5f6012e5f6588425bc16d674
SHA1 c977517a35261cfbbe64d797fc36ba02bc8ded7a
SHA256 b1259e683602cb9087f63141c17ff2335332af3dd433130341c64b6f6d410b98
SHA512 d89cfd88a7e8077591638ee2509cf5dcd07a695b1c554e9ab137b3d64739e49a91ceee18f86c17c36a6e31fb8390bbf1939a9542bd8a245b75c956fb38435e92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a5079c3447e9ea0139d5c4ee237c8992
SHA1 36f631b9d4a474fcc461115a2cbd2a3cca39101a
SHA256 d146bba02a8efda0d5e5e237d9536bdd566abb1219af405ff6e603d2b0ed09e6
SHA512 9146f1fdc3aa9d5e7531c631ba2ac4214dc18a670651f82a8a2ca696baffddd14e42e4335aa513b691ecdf34a1ba7ea7360ffcbdc6484298b7752af3159c0310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0816748728cce67f80ba1f369fc91b77
SHA1 a476f6f30730b6795e058a69e1dd6bcaa9cdef7c
SHA256 43f36e9638bb7aa034faff6d7f23732f0d2b74f2845c11424de25a609516c374
SHA512 678b7e5c0a64d98f1a3f067c84a5a2d571070b87b50b107ad3b069f30f052f0d427a6e206908bfe7fa25c7b809dedd3e866165e3b24594ac941c30cd54b0ad3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 085776df3d74c05e7b6ec48421b67b35
SHA1 36a270e2ca9a5508d9d6de6d87bf819ff9a07aab
SHA256 79b49110293a96dbba76bfa3c8731f78f61ff9b2a8c4de5cdb06cd8a0342ea0f
SHA512 f41e650cefa8592ef3df3b2b47dbb50ab6dbb382b0887dbb2d81341a98cdf3ed3b3943bc32601ca7292a2947985ad9fb394c14bec569c26c4bf6e9da7fef03c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1c7ec27d94da04714401b9adf0b17756
SHA1 3e18d51664cd7c8036552c1557391ae0e7d3363d
SHA256 57be391e5772faf9845cc18c3b6c5e428c1181feaa56c5dd4c4d16472c9ebb52
SHA512 067ce3414a4fdadf8b1fbc79cd0abfdbde43e60b848d9f06e1310f3c1192ab2135347d570baa9c1eee1da941f70e66a85ff4a82fcd6286268c542c97a5f2ba24

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 6f4fe716a2e5cb42d0d0f1968592c262
SHA1 db71719b09416ae1083bfdc75c9063dabf8f929b
SHA256 323cdf134abc45500d6ab53d90e5ba58e79349007c423525163e61a807360373
SHA512 21d3fa88a37dd033e14a3bb080284ea51e99b1c50e81036ded9e90db15e142dce4d5e40b1990726a54e121166aaf6209998d9177afa7df60eac6a9ac0ff4f7ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2daffb465fdf9064d98748035ed1997c
SHA1 a47b18f8f220afe1d6399d1637acf2d4b09bdeae
SHA256 7528b55c6a9e10942a7921b8f3cbd66baad91322621421d623170f14e1db9299
SHA512 1eaa46992a8683e9341f1bae134ff855a924ab8a5fcf24465ba00ab9345e3984020a422004d880ccb114fa41f0428154124ed99e366541c558005ce6fcedcf42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2cdf902def4d0936874ae78348cee48e
SHA1 d0165f9cbb79567f9bf972027aa648307feee707
SHA256 256c7abb6e0a8e5b44a8e96d30709f8d89aae79f9fbd99012e22d11218b38433
SHA512 ccd1e987ae6b143e851c6aa552eae292d387e4da5556c12c27af894df001ee38179d951b79071371b7203eac7a5f876cd35ea2ef04ac2b7ebe87ad5c934728ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ac2964b2e98a986e_0

MD5 4a2a2dbf734e2e84a9ca582f5557809f
SHA1 199f391d9b9f67d6afda0942879373f885a23c33
SHA256 04cc4727be53818a0db29aff31a871d8698ac7a80e88c6ab56d2cebb5afa7a1a
SHA512 3929a5ac3185e9aac47d7d16b692ad1316bf4631b6e1819745b36f5aa8c9940317cca8cdb6f7cc076bdddcc2a2845cbe8be8be3d29199386d59578b65a98abd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9eda721c101bd0ae_0

MD5 3241716eea845f620368f2a5d401d72f
SHA1 00a145927171a7cbb137dea496497e53fdc637af
SHA256 ea35b896f40897548db93a8a3a7bbdc9d13cd6a0a068549bbadf61883f539282
SHA512 e7972f7d71cf4fbd6c451b20054fe3b6c4bc01c28c53f3aa00eef0fabdbd3e0b73bbe72a22673b199882cb51f6601f425350d7d4889d365f2c8f3e50ada4744b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00015f

MD5 01431d5302bb16297a9b547f001cb900
SHA1 c467acd763351b69244967088b9b961a1f6e63a4
SHA256 f80fbe6eeab5aff01dadbedc2e67de991b753da360d76741267ac7f6165a40ec
SHA512 df0a98466ad16d48a4a53436ca3a35ec5e6cf57177377748c51d8ce3bf8c67da78233e0b03beb2251c5ca0dbae97a5fbf601fa9225541ba74c3e186f6c902eb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f11cd013fd5b3662_0

MD5 13e69448da191d79740a2724cf1fb392
SHA1 7041cbbaa9d0dfec892acbe0eb11a583b5793fee
SHA256 788c09c985c91d9d9441c7f73c5cb974f219dbb65ff60d14dda5edd8af711a2e
SHA512 b770232ac324713927a995979d952a28e455e3ae648a40e785732e9b9c7a61b0dfcf000d4dc258eea2b2464a64a9f2a0124ed500ba2b62fcada75440ec9cb2bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1c407122033bce67_0

MD5 61ba10b751b9f9448a39ed284b6ea4aa
SHA1 dbc904e5f1a5702b64fabdb8f0450dce7d697c41
SHA256 9dd17b05d2b6dfefb6cbad0c551755341e529d5d1c71d3f7361e858168fbd32e
SHA512 98b27057a4a2f83b4707763c8b39402fe28227038ace9e21a6b9f7dce3927b2c2552c179700b228f0785b2c317f8b2da2a903e00f1b3144a435ffbf894b20691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt

MD5 c47ee1821bfde0c551ccfad462c6a2c3
SHA1 197de1c772ca46c9aea4ad92f41ef7036b4709c3
SHA256 33789fac33dd107533620b99d732be6fd3d69f0e95be3d6aba30d5e3bb8ee71a
SHA512 77ea62b8df085de044b7ddd8df33bf9de98ff55d8e0012e4f64949df3bf15c9a61804254770e92d538048b3549cfcf859ae99ff15b0cab54631e4c093c742bb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt~RFe628373.TMP

MD5 2782f2e2bcca2c52733b9fb90bbea8fc
SHA1 3976074c9a7d9aba23ea3159ec1368aa8c0a08b7
SHA256 41d86f2e55d57642ebd4d8949cdf6d0af3e5b2eb3581bbc97d670b259f3aaf14
SHA512 7fbb141265561a0f3574d13422769993798dd0dc81ab8be17ec042bd47241252a960ca66dca9ebcbe800f412081e1db7d80b41f3cb0f961025a12d3f8b53ed10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt

MD5 96fe5365cf30b6e10dab36827486b498
SHA1 541e0f0a1de894f052028f2bceb4216d51691694
SHA256 ded0487e59240a56966c6b6346d927de7ec5eb891ee14647eeb4584d4e3e40b0
SHA512 7c150ab6850f767416a91b84e8745159907294f8acc381c092df86290d8c6269f5fa5b3b5b40820126666b334ad9205071b52d0149d6527a76dfdb844ddbfecb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

MD5 361ffda722bb3db1072cc5eba0ad06dd
SHA1 6c8607cccd10cd1be807e0166de411b943972abb
SHA256 76763051008c585fd223a4d9808a8547831541e33e23ec8f9d88af68bcdd176b
SHA512 10486af4760f09ce7d3b6f16460704ef86458fe38ea6201d87757743297634e3acbd19c80e577541543f2653646270a7a6ac8cfdf30e53faea791e1c0458712d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3b9883a84f4ade2d_0

MD5 da2a4c48fd3f4321d5b22acc203a128a
SHA1 ee3fafd81d02b9423cb7542e0cf0f6a4c7402f5a
SHA256 dcfb59a97ffc28aeb143018144e65e940ce8d2bc006b2b45acecf9394c5dda68
SHA512 a98dd883f0f499bbf53b49390db5c01a3df990419e58d0358cbac85dd4baee4f21929e0ffc01a65c666c2316688dee3e2636280ddd956ae5497433e49136ae93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb165017a5d28c78_0

MD5 b70dd1d77baddff24287f60c8ad1f92d
SHA1 63a8539eed1baa8c5e415a08412a3cea2078efeb
SHA256 07ab3e82afcbfac75d6aaf3211d2c4f53ec8925bb20bca8cce8a20900d9e7966
SHA512 4fa8ca454c92ba4e66849713345e9aa5d6b9dcace198a4bb66fbeaf37524a385edd718597c84ec1f17d5387b63d1243ffb21a00c6c1d38e9c83b47d0c96634a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a37459484a7b62c72ad0868838c93fe
SHA1 1e8ff2f4f31fc59c3eafb974bd9586039dbdacd4
SHA256 69ce1cab5c4d9779fc61ce11cb3a0a618f044a6d810b9dbd819f65d1d924ef66
SHA512 ca7f34974dac0d22e4f8ac1e058f9b053feb14c89b3e9485d4e1a725bb72672c90d9fa4a43a64b14856cbaf0b8a5c08076a77e34511994b90d52d9659e62e6f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40de9e5fb22fd26fa7ccff54900dd385
SHA1 ba43ae4a2a75787b5e2559c8777c6e78d098a4b5
SHA256 d6efb2a4fbd4ec13d3f4929e0c1bd12273a6126e0aa6e2fb7721e3e9e2705fb8
SHA512 653e339a80edd53129152d7fbde7d18c7f366697f3b0190390f926ec8cd9a807f79aa40851e1ba589add5b2e50038fb3b623e7fe7b96c727f57ab77502d9df56

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.exe

MD5 b56a43de95057fefdcd9294f028022be
SHA1 b152b1ae2891a518941da1f99d56456249baff4a
SHA256 f4ef5bb5a9f9ec95087f69be76914c829fc6a6ee5b01c0ef06bd46d5e323738d
SHA512 a0c06a331076f728b28e279ff795aa8097132194a0bca3bca0ba971586361aed7949373a0130b5fca39dc363139865c441bc3422b40f01882d66b67f74f10d3c

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\_ISMSIDEL.INI

MD5 975b2fa797879f614a312bde21d4e6d9
SHA1 8af353c134aac3eef7df3e4d51d0d367ab78de47
SHA256 22f9fdfd49d87eaaf814a4e2b9aba137fc907eab55a397bcb6995a9bec6d6a82
SHA512 c067f9061d6925692c0a94945492bf58f66fc429ee7011439d0e5320ff5c27c856910e48325a773da266cba0d2caf804f8df7e35b404245aa87cb6f366df4975

C:\Users\Admin\AppData\Local\Temp\~A871.tmp

MD5 c8c14ae5fb013da397ad84646e33ac83
SHA1 6a1da9d6f135d1283ebad9ea64554661d63336c6
SHA256 296d51f6d6cf3b7904ab73b5272d60e116fea0ced103015fd2379e0513ade223
SHA512 06d839d492617ffe9959b12730a25dc03c59978d80ab7a2390d80fd119b62a45218dcee8b57a59f4001bd2395b4c9787a3e15089425c2ab99487af3ad19cd42d

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\0x0409.ini

MD5 a108f0030a2cda00405281014f897241
SHA1 d112325fa45664272b08ef5e8ff8c85382ebb991
SHA256 8b76df0ffc9a226b532b60936765b852b89780c6e475c152f7c320e085e43948
SHA512 d83894b039316c38915a789920758664257680dcb549a9b740cf5361addbee4d4a96a3ff2999b5d8acfb1d9336da055ec20012d29a9f83ee5459f103fbeec298

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 16bd1b5dd68ed5422569b23b97970af8
SHA1 3781c6855a8152d16c539a6b38386df40a971492
SHA256 0a08029bb8aa40479d88eff89ac11e0451270665ffc55c76dca2947c3058f243
SHA512 ae65bebc4cb0a7c331e1e163fda10445df99fd5521f863326bb17d1de533781fa078c875a805a5e23b6759b4eb689e8d1e3e8b8096170bdc1a8bfa70ff96bd5c

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\CCSetup.msi

MD5 2ae8a6e50e70e1d0dd9fec47a9a3927b
SHA1 e284897765192ed8fc8c9c2db0a98816d9d57e07
SHA256 2f6912a60200c3b075f901538614b3a55771648f4cbdd93c3f01b98ddfe41a93
SHA512 1efb7b6b4fface78df37d6c5f92f88e1b68fb0bb884298e5a988f3bf868f6dc76f57f551f239c95d1dc745029d94fa05b465a9afbfaeecfc5158cef85b2918c1

C:\Users\Admin\AppData\Local\Temp\{CC098181-4B0E-4805-BF06-576C35930197}\ISSetup.dll

MD5 e185ecd29db053d239e628ee4b9bc6c1
SHA1 1bc04fe7a9de73a74544fb01ce505cfae39e540e
SHA256 c71248a504f0d46041ff129b54eb0114c690ef88101b59d75fdb0863079099a4
SHA512 0d8f1dfce3e244059f0c2c42a0d1fb5247e44a86dca03aa577c8a8dc0bf9df4bc93604d14504425525a78dbda5af7acd8c77404c650ae854d1b7e2fa90c9c736

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\ISRT.dll

MD5 b4171921e8339f2c5712b3c58cd86965
SHA1 146ac8f91f65780269b9aa12ff90079159578275
SHA256 d72c678d0265d44898f6f85ae0a65ad5429a10564ee5070de93a75511f438f2a
SHA512 8d009c6863e782ceeeabeb8f1a39cf594e916fb94eac4a215e4cf9e82174170fa5eead12312801f3e787c7e7ad9badd20f5a03c7302cc63a2d33dbd0d77f4536

memory/6280-9552-0x0000000010000000-0x0000000010114000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\_isres_0x0409.dll

MD5 cbf32e9e7482eda0ed5490cbfcf42fd5
SHA1 3c411155e102f44003da3a981e833073243fcad5
SHA256 6b458dcf8e27154328f5ba1c6496a6ec480a3af6fd85aa2ac438dac822a1f128
SHA512 c4ba46040f346308975fff55704f435f7cd5bd9c21b50bce2e750364017a0639390e5b7e6588100b903f8eeafca74144429e28136e53cbe49fc7101952a201e1

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\_isuser_0x0409.dll

MD5 8c464617de66d8b5946b5a1faaf30da2
SHA1 b43779aea7fb9a4bddf2abf49aa7c6702b8c8531
SHA256 4df50d1cb2f84aa0beef7dd33801df0e85483dfe000ceb5fdcdb10405be6b21a
SHA512 37b2eac9913b56a121c6bf83e8ce6fb30590c89a46c1c22ae0b8d974d0a0b975b8807a581b6473a8a497b42f2e34c26c9a6c73ffe01d3f3b306868b8e7f078d0

memory/6280-9553-0x0000000002EE0000-0x0000000002EE2000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\{B2413D76-8682-4F21-8A18-B8DFCB43413A}\skinbafd.rra

MD5 7568981428a026c5597569e15c918764
SHA1 61b70714f95713c7d48bea3e815801713a1a2254
SHA256 60296347d78f52d5ccd20a8cfc426719f4821ecab61463c59ed32362d63d7646
SHA512 e498ad274dc6c317e007df03379e92edb1741fad641b4aefacbbea267abdb2e09fbf54e990c1330ea96a7b2a92583cfc18f6c1eb3618e773cc7e8375916c1111

memory/6280-10041-0x0000000010000000-0x0000000010114000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1a278539561d42afeb1caa504b1d9964
SHA1 d8627997a67d82bddbcfc52bc58645cc51223dba
SHA256 5eb29f7dffc995f97b0a67354310e15f02348a27ee5dd807223fcf2e95105806
SHA512 7aacd4b859febe4e9d7dc3b0cdf66c3dea70ed2640fe30ec429a88742d07a547bf5c17de4fec68a34f8d75edf5d179d4bafeda788e75a830f037855e6a9490ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dfaafb2a33e27b1166189849405cb6b8
SHA1 dcfa512f4a982574c86d775a03dea1db38d15b62
SHA256 4bcd578632f35dc175cb49c452a59031a17d3325a31377dee130a5950b7c64fd
SHA512 30f00c8526fc96c7f5d47ba7f4243711bac44fc5418efd9820bde4bf4580fd37ccf1d802d8ad1545e923e22eb8d1d6275fcc629d9edb683cfb4879d0a2b9b294

C:\Program Files (x86)\BonziBuddy432\Reg.nbd

MD5 a8ed45f8bfdc5303b7b52ae2cce03a14
SHA1 fb9bee69ef99797ac15ba4d8a57988754f2c0c6b
SHA256 375ecd89ee18d7f318cf73b34a4e15b9eb16bc9d825c165e103db392f4b2a68b
SHA512 37917594f22d2a27b3541a666933c115813e9b34088eaeb3d74f77da79864f7d140094dfac5863778acf12f87ccda7f7255b7975066230911966b52986da2d5c

C:\Program Files (x86)\BonziBuddy432\Reg.nbd

MD5 61e3afe953ffed0455e6646c8ad0ee8c
SHA1 1c06cad8a778878fcd1315ad6fc396864145a36e
SHA256 426c87b2c4b46e12c589546e41d82ddf6ea69dbd1aafa157c8f89786390cef12
SHA512 2fd674f437fb29d9ccfeeb3f38a55ffa3495623d12b2d264390f52b84f188ae6dc5420d66e89aeccb6d13b43ebc8fa391bca1847027b3c0d29af81a848ba45b9

memory/4516-10152-0x0000000006720000-0x0000000006746000-memory.dmp

memory/4516-10153-0x0000000006890000-0x00000000068A4000-memory.dmp

memory/4516-10154-0x00000000068B0000-0x00000000068C6000-memory.dmp

memory/4516-10155-0x00000000068D0000-0x0000000006944000-memory.dmp

memory/4516-10156-0x00000000067B0000-0x00000000067D1000-memory.dmp

memory/4516-10150-0x00000000065A0000-0x00000000065A8000-memory.dmp

memory/4516-10151-0x00000000065B0000-0x00000000065DF000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4413a7452d19ed817a53ae2022a87f1f
SHA1 5c29a055b303c8e4a14e41cc5d36f64e95886f9f
SHA256 c3934c63c4bed3987deba518e8f1e4b0683f8039e29152460684bd863c27a333
SHA512 c41125f348b6f498de407c5c16038747633bac1870a0c012f40eaa70cc8fbfd170fa34c4f28e851c1c98ac02988d8db671d8e2c8be5d9b11a2c251a6cbe56c96

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\ver938.tmp

MD5 1a545d0052b581fbb2ab4c52133846bc
SHA1 62f3266a9b9925cd6d98658b92adec673cbe3dd3
SHA256 557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1
SHA512 bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

C:\Users\Admin\AppData\Roaming\Launcher\Dictionaries\es-ES-3-0.bdic

MD5 471061756215fd1f387f076ac014303c
SHA1 d8397cb5900f52a5cad2416ed8ebf53caa1a3adc
SHA256 e6334dcf080aaeca679db70565762a2c296ff5780c1af263530ac7345736bfa9
SHA512 ba9d0f2deb2fcd77e75bfe8a9c6241da25c7eb9012d0374ccca8e9cd9cd1c9615efd5f3980166b0b3431c7e3e55ef013cbc37f0d53bd1e2411afb9363ceccb05

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 46ae4d7c288b79c20e174315225bdc98
SHA1 3c6794c308ee35f78e826a65b6f118a516fc6349
SHA256 0291fb65316a72a1ee119f0fa513ca525946c2a78d6ebf4e659cad98f0cb39eb
SHA512 c37849d227700e8b2e18f6be325182110d20a023b4bbbccdfbda0653b12ae2a55940f69b56c62e7942e578ecbbaa4bfdf22cea30163da9b6eb1907eb93df5e03

C:\Program Files (x86)\BonziBuddy432\Reg.nbd

MD5 98fda960c45345e6b594c6cdb3e3b82b
SHA1 f65f0beeb76b99f2c79e8fcb649707393d3640d5
SHA256 2f29e5c7b53f05c483e5e8bbd4f2fdf89749aa42af3ccd3ebdc7810c717b0400
SHA512 78f0e234cd4033d9812c59bdc6a5d27326bca8526d53f639179537663d8a04497d2476cf3044b259237bc1c2f93b8e03f411a35f0889c241794a80a6688a49d3

C:\Users\Admin\AppData\Local\Temp\{6D205E57-D9BA-493A-BBF5-E0F23171CD17}\setup.isn

MD5 158b74e43cb4ee3467e9db23afdbd32c
SHA1 37cabfa89afd4ef71dc1ecb67976ec4d63895769
SHA256 ae7e9458770cda907ac9205730d3ee1315bc0c14a5f143247e97c03294eb5560
SHA512 a65dc8a3c521d9ebec742af065adbb0b57b24b2d00998895001b90a6809c8739084cf043562e450c9bfced0f22f277e510b8da492bd2524c4bc10fd4ff3ed063

memory/3920-10640-0x0000000010000000-0x0000000010114000-memory.dmp

memory/3920-10999-0x0000000005820000-0x0000000005822000-memory.dmp

memory/3920-11074-0x0000000002FF0000-0x0000000002FF1000-memory.dmp

memory/3920-11133-0x0000000010000000-0x0000000010114000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\W8BIYKF7\suggestions[1].es-ES

MD5 e2749896090665aeb9b29bce1a591a75
SHA1 59e05283e04c6c0252d2b75d5141ba62d73e9df9
SHA256 d428ea8ca335c7cccf1e1564554d81b52fb5a1f20617aa99136cacf73354e0b7
SHA512 c750e9ccb30c45e2c4844df384ee9b02b81aa4c8e576197c0811910a63376a7d60e68f964dad858ff0e46a8fd0952ddaf19c8f79f3fd05cefd7dbf2c043d52c5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 93e33ae800565eb4732bc76acacff88f
SHA1 ca069641d45d562378f5ce6389619bade7ab3b99
SHA256 b64ada6eb773b49ad491795ebc9e2d5d3d7cf3c1a0c6444200e67d19733ab876
SHA512 d7328f0acfcbb0ee45de301f0e46468a3c29e28b630ef2e6bee0e0c2a09e15bbd5543c5d072e630f9be8db8a9d81963289243c4616d54cf5dcc08a550c1da188

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c14decece1f92f518b3d215d5f3ce1a6
SHA1 3f0a7c6252c9420206c40c7643ef9c40afbeb160
SHA256 5834120333ff46a6c7991249e968b756e7bc77b1ee411ff079cc02e94c99264b
SHA512 7d12845636b9fc85a39e907a914307a7523df522f017717f91a083db61c4f6c99f2d45194c3afbc280fc79d61ed9ea478b166e087185ba074c6e78a6d68ab15f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f469d9f1f12fae03668dabc2dde9312c
SHA1 927be5ff2e21adbe6d8728c68e97f3dcaca3c87e
SHA256 dd3dcc320112c86db22e1a959f980d573723c2d419ea1ff7281fb437d730c44a
SHA512 b7f6e2aea68bb88daac3cff677b79c333b7f248f4650c701ed20b8bb9dedd353c7ccef0e8855e2e749e8e9614874071f51a8497f0cedb61a19ced785e47d6307

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsRecentClosed\7904e703-e42d-4322-8cf2-8fe6f975959f.tmp

MD5 3fe53456525a813eedb427652920629a
SHA1 f00d4c5d2be596eb9f58f2b20da1a47435adca07
SHA256 b8b1ba46924fc779469bd8fe55c2e083b20fb761337ea568120ec9f3bce346c1
SHA512 d8c9cacf85dc2ec124c45e2c57da154c11b1598043e15f399f4375ed829564ed5050ba600a1d2d1bef53ecabb8491a9db6b89c1eed5bee1da4a3b64ac06a29ab

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 0ea6bd96e40124826d9f30e376bb24a8
SHA1 cb1e0b19931841803f8ded55528a10d34ce55f00
SHA256 3f87eb59492127dedc90e14789daab5e983f96bfb44fb6f39569c4ab1cada828
SHA512 07bcc7ddd9fe28a4f96ce8e97cb155b92f97f39edaa5ea9730f3fb8449af2bf62945f616e9453451c329b002b82b1c229666b1f9196657d3d8eaee096648b358

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18ce4cc0d57acc8776b6631d97430ae2
SHA1 4fcec1ef675423805d459ce4f70a2cf8c1852852
SHA256 8223ac1991cd9ffdf2c29e69ee989fb9d24d18a4199267faa30bff7ed5edb06c
SHA512 1dbe018fb576c3932304277e15203e086bf1a19041c15ceb409e07aaba1c61ab264c19031fc002fc65207c267a8ea78d3c07bfefc554a837ba709739c862c10c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\41fe8a70-f9b0-40bf-bf69-7b20f093dd62.tmp

MD5 22a1f9abdbc10c451bd2bff3c77f539f
SHA1 c8b02b7227d5d62b8d6a79c8b08b65d6ecaafb42
SHA256 86d8236c3ad5b49ede96da2866eeb8644a0ab4fb2845bbc33f1ee7c1d7ddfd5b
SHA512 527674b933651cfeeb37e4f399d3745a6183debeed2261febf63f20ec06528f47ed71d7b7b8ca2705fe2aaa744506ff4f425e604122a96a0001ca9532a0121fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1601b6e10dbaf3dcc579caa071bca379
SHA1 5870b2fe702667e0ae4b287b75db49368536a385
SHA256 4e6ee023bf247233ad02888763c2ff8d72f1a8b01c3c0fe096dd42e65744a828
SHA512 bca26c3c174a68e07a5a168eda4a38cbc3a70281e8d30e853c7ee7fe367a9819350c044bd2e0403b2f5c0ed9e103346a47bfcb364def748a4eef9403416a7571

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\infdcenbdoibcacogknkjleclhnjdmfh_50862.crx

MD5 7226d9738773296b718ca589c6aaa62c
SHA1 8dc82ae99132357ba8f26fbadb3bfc65a42c8613
SHA256 0383ee2a212d77d9160da50aa5f5446d45874f104c68845b8f6ddc52906a5ecd
SHA512 fb88ff40c5d231fc603b9290a8948b23ad5b6c8e9c7ab870d283ccbce3b7564536570e56921c2ccd256564ed430755b5a685c7d48812ed79829a574f96f33ee2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\style.css

MD5 71a55b724f0c749bae05f133a554df18
SHA1 e3796d8293e427f15b96216dd70169a83aacf322
SHA256 1a1df7ee46bfa5593a1c8b0929dd6e60ee3e4119d4085205f416f8456309d432
SHA512 13f79e74fb09b65887dd127ce253594507916c4540d054a5384c18ae47989959bd4f932fd5bb9caf4fd20c5fe1c749253b31904da049d9c33a5d60b32d2dbd68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\_locales\en\messages.json

MD5 747f69a79eea1707ea37c5aee47ad8d1
SHA1 d93ff3d3187a4214be43fa7531036b4b9ba25a28
SHA256 2d0dc633b6d637e40f13ff9dd4a7fb85910196ccfa8eda1fc33034e086c93085
SHA512 b842e0634c404203b9b41f40e1cddf36da76b3c8b8b53fd0b9009498d71e7da8171eaee3438de6a52a429b44558c503a70ff663628d214bbad89dd84019b4db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\captcha\recaptcha\processor.js

MD5 973ab3fb73054984e23ed41d446ef028
SHA1 0abe996308d65a369de738f211add4c4eab2afc1
SHA256 7393b705885e5b5d02064de4a5a3e0ee7551d502be4edcca7a6045a412e8a0ff
SHA512 34d563ca64c0d25254893ef841188e1b8ca9db2680702594080ffaebcd0e70469af3a4a50acd3dfe74f1b6ff58e7ffb3084ca7bb8e0df2fd5b887b2d05f65a4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\script.js

MD5 c835dd3b9e1ed8e317d6b7634814ff6b
SHA1 7395a1915381875543bc4c16b72dbd1e64fe0828
SHA256 cd0fbea6971d66b450e216c85de1a95dd64cbb01509ac2c29e921838fc6eded2
SHA512 9124df0c270f0ac7c9d7e79157baa8de93bcc858268932ab7c51f9862c16b80432c709d67ccb10d3a82afb733ddf13833200a066793814f8eec5faa4d723ee45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\core_helpers.js

MD5 3d063ca7ee50fdaed333ffbfb5175e2a
SHA1 aa73fdb455ebb9d7144aa58b4e94bdb0fe87a709
SHA256 b3277fb6592fec1fdd11c952c0e580c460730bd90bf2f531d3291a1b3072a542
SHA512 856ff516a41eafcb138594295a436bad7bd60cf1a055e7069dda6f80ae788982eb3ae6b82dda36ec7d154d395264c97b6534ed7f2bfa2cf6cafab70e75c66c38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\common\config.js

MD5 4a1cb26c8c272be88855ac9023bf1887
SHA1 1dcb7e5c5575fdbe687d2f84ed567549b79e7497
SHA256 e7272f8b40af9603b3333a6935c4d16951920cb1fe537bf9bcb8b50ecd52ee36
SHA512 43a669f69a6630c97c997b9e2a4af3969afad9fd794e2482def2064db5e4989789844ecfe4cfdb88c87e57ba8337b43dba9e08a8b46821e2a7eb492fe3c42a11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\vendor\jquery\3.5.1\jquery.min.js

MD5 dc5e7f18c8d36ac1d3d4753a87c98d0a
SHA1 c8e1c8b386dc5b7a9184c763c88d19a346eb3342
SHA256 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
SHA512 6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0c822ba641b51682ff187265dc98e34
SHA1 ed3681125d50195fa56277af639944018a5ef559
SHA256 bf974594d610703bf0b01cc56b31da2d2aef1d51b96cc0401e4e2efe310cebf0
SHA512 0325d0d46b65c438cb7ef3a6db3d2beed252ffc9819d772746646abe9b75b4d18714a3b1728937b1bad0e666731de0534a217c101ad9950fe9fd71c4a7c03225

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d518e318b24087723aff66630030c26f
SHA1 6ccd69f9eeafb220178a768f645864bb3362c1b4
SHA256 51b627497c47aa21c48f7b144811c00c0cd5f03c14c958ef11430995e62c613f
SHA512 b935c389cc2793329bcf5d5b8227589b078050c304fec45b915fe68b09925b51cc7702cd5c71d399b720b047902a53153e41a3a73748870f89d1f1c1bde9c01b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b6b05d8b13b4a3c12ad9fef06e4b9eb
SHA1 f57b37c60d8d0c046c8a200d932b162e01b892f8
SHA256 97e1b0f7db48e6886c6aad8dbc508cf1ea00585e4e703c575e9e5d0b760a4a40
SHA512 81612cd6233d25f0c447680b1244e4ba618bff1a9258782d698eebd07429ffc5ee17a2d872f1f17e314c28c65268dca5f331f135057ac6e0102b66d484201ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\captcha\recaptcha\hunter.js

MD5 5fa6ed9e7a76383939b25fcb3b98e5cf
SHA1 2eb447e0abd95a62faa77d4859ffa0c3d07c7c5c
SHA256 ae7695591cc98cdd9b5c2c10b2088c01f289c3d44d6dd765a5834d7da61a6dbb
SHA512 e544f7e7091d9939f62b72194771db6a13a2b29c5ef6138d488757807af874eaa6acd5c8fb1033e471d157ae6c66512546eeed886a2f2c44739f1b03de9cab5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\captcha\recaptcha\interceptor.js

MD5 687a3c090080c6551964e1eca6b860f0
SHA1 359df0297a83a09093413a052976dc1ebee52127
SHA256 4bdbad02476268381ed4931a83ae1d35032d07024401c58345318dadc7498e37
SHA512 e36339f33e92c4601918f24a32f00f0b7ee86f5976cf33c4f20190e3f9e5acf58e8b4b1e2555a438af99514469761212bc3022aae35108d6f60bd4c6e6ff70d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdcenbdoibcacogknkjleclhnjdmfh\1.0.2_0\content\communication_helpers.js

MD5 90b4407e5b06f22c345182c4f119e2f3
SHA1 34da3bacc62d479f14dd800f25cd082f18cbb78a
SHA256 3b2128fc390d8ed3dbf76479e0b460936f09ca553a33456fe6081ab2361bab57
SHA512 a833c209ec57c9a763fd25c53166ffe492ebb779431304f48a8e731b9e9f0bfd76b1a641ebc6e4f2c24717298500e5a2c0ae7f4196bce279dcd639f56bfe18c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fdc495f794592fab88470c01ff2f6703
SHA1 35685578d8227632b29ba3345360fc8df87d4261
SHA256 b4563fd65b000ae48faf6b7a3edb866704f08068022fee31424ab6619b15c341
SHA512 dda44604abce6376c9420148c0bca059cf0a735b56b21cfd62e41f05dc42ac7c8fdb6891a3837bd69b2b95ae675e8edb421e681ebb4e0d5239557352cf4fbbd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d51c3022f59f687cdcedbd0d1465674e
SHA1 47b3e9c2cb5cb669452878809c052bb80fd5efb5
SHA256 81901b04875a18e5435973e1bfe275524d7f841361fce56f15a64e126bdc43c3
SHA512 e837a3392e8e510e5adec8635e129330079c80a44f256434f15706807662fcecceb517558ddf3d91b84e2ebf642c08ff4aaf304a1f9f94a9f6793d173607c94f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 281fbb9f56097bf84bb8f910ec9c6c12
SHA1 f325fb82d2e09ae3f1fb7dc246611dc94b672ec7
SHA256 24b402ae29893cc28168a8667ce00f50ad517c4c80caeb081e62850c08a39390
SHA512 e4228b64db7f3f9a0263afa05af1d7b13a5f6989da82139421d37d688b55907f2339a119a9d36f3364ca130ecb2171c407271e413cc994e97ac4e712e42112ee

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 54c7da95a69123e62e63c13ab1e1fbda
SHA1 cd5fcede253af482d889b64af52b48cdcf3f5e2e
SHA256 8a4f542a738e03e75e374334ff01e116d6f2fccf3c35c0ee23e0dd4624a3e4bd
SHA512 984f8bd42c205ce7e941d334dbc7fc5acc264a5285ee4ff0d1cceaa2553d10a1c2e0f059d99f5f3aad352c74cc190d24cb313a10b150609f4523d951f471dfdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dfb29c45525de61f95927f57356382e8
SHA1 52a810593c8e70c4f9bd9112e175b51cedd8753c
SHA256 eb83257555e4bfb52024b1c4bec4d3a0463f66ac2c6da1aa16d0b8bdeb41b07d
SHA512 0b26d12d02a918584436d357695a2519dee0d975a8814658be5d54f4d457ddc69c99fa0ef7814938faa279073edbe222a10a99d0007e7a51ddc761f7588aa379

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7107b531e7faac84cfab4c3cd4d4b5db
SHA1 0e2a8b3c3b47b90eb63e403e53214d11ee2a095d
SHA256 aa321a7dff6113d88ca85e3857eb9eddee3b8957227bb350f6ae60cbf0af25ac
SHA512 a1fad855930c4667b230fe01c15105f53108c4f07a26f350249126d11c90ebc4d9eb2784a47d5a08da69a8b4068b810612730430af696cc191e134d51f91e14c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Webstore Downloads\hlifkpholllijblknnmbfagnkjneagid_39996.crx

MD5 fba7a4957ebd5783a149a3f31dcc3067
SHA1 05fda5a43549061c6ff2ff49fe54f5059a1598ab
SHA256 411376371e1a57568823881d0aaf9c82cf5771ba25d1107e8a362fa3479375a3
SHA512 64a89c0ecf9606019ce1e48b1d9c71c425097855ec2b474952e1f40733fdf8b0a17d8631cb6c6d353de105a8343088eb8d736ae9f77382d0ede9641441641288

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlifkpholllijblknnmbfagnkjneagid\0.1.6_0\content\clientIndex.css

MD5 cd646f66f09c26ab01f6482df7b542d3
SHA1 334ebda32e491edd20573dbbd45c04c4bc68aef1
SHA256 8422db4f0352cde70594d91040ae28a453cc0c6932c4c760afb30f9e8a6107c0
SHA512 baa6c47449174983fb8990a908a4fc9d4cd6dbb40598226a9262645532001810489303f455bbec50543fdeb765cf6f05ab8f5b33cf2fa220418b104496bc7baf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlifkpholllijblknnmbfagnkjneagid\0.1.6_0\_locales\en\messages.json

MD5 ba3d8cacef2178fc6e36def418b686c7
SHA1 7c07f7ce07814d34ae3bc78b30b5bbe40958aa09
SHA256 e3a28a462d2525de4d158587819510b90202ab9764abc2a3b552c31400c0c129
SHA512 b993309ae3ebf6bf349252e3a1500a8c522e5670d9550c577610c68844824ff555850bbe9d1da36fb1fb9d3a4244e0d3d05ab1b95c6bb601e476f82bb3decf74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlifkpholllijblknnmbfagnkjneagid\0.1.6_0\content\clientIndex.js

MD5 2a0ceb973bbe8fb7ab6f9004d3f4c84e
SHA1 dc1098bc91d33e94de100f6380f2dc705dd9209c
SHA256 c6d55cca77096a7f8e8dca940714383965a338fbc79d204b3c8840fb31dccddc
SHA512 70ecba19cce695188985ceca46d8ab7fb7f12b4717a1917cde1fb5a41642dd058205a0b16f1973a57f2915015532ad9fed5091c4ae056254c585ba6a8dfdbc10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlifkpholllijblknnmbfagnkjneagid\0.1.6_0\content\captchaDetector.js

MD5 6a821e9ed0860c8cd1b06bb4ee4ce230
SHA1 44a6f33b007d44b58a4a7d99de5e0c7acfc00cba
SHA256 589ba33b1c0194044faf10738544630c7e07445744732ef84b249c78cabf6c03
SHA512 557c6a28caabc596cf1d966e2522a14fd7177290703285fd8fabc75aeec31b1fd64c16135583f90f2eaa4c825a56471eebee04c1dc76da6deccaab8d8c1c306b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0289f715d71cad12d485b228a170e2e
SHA1 edef14fab77dd7c225d189ae725effc3748ed4d6
SHA256 292a59441befb9fe95fc453b9305f17048e6de93d1c1d3d6189e7c143c36bb93
SHA512 62876417350e64e6ec9fd30c78aaa73460ccb91d34ccb7ba52bf1b60ed85b45240231c6be8adc35d4dddad23fd51cef7a43311d3934016ba5bbe16a6315ac90a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e8267f95fc8c87f149d79384aee6a880
SHA1 3925b06f86e9c3d8590660d929942dab6c178058
SHA256 109daabd5618c3315cd9abae8e6687b0b83850187650afa072490809d44e35f4
SHA512 1edcab2dd89691f36f422baf71a88efbce8c981842fcddb821d52d657a86defb966c7b121646ec337001ba88d50091812e08d526ba65e421e2b35063923f9c03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f399b0ea602a2d92_0

MD5 279bc8a074b4945cacf71a414e295a96
SHA1 c6446878f32a1adc607a41cc1702c958ffb294cc
SHA256 d541c6ed972c654e570c1b9ceaa4f01f7edad4336d69c0964d40b8fe0cc86e3a
SHA512 8d79360e80d71dc6ce5fee92225cc732d3ff343de3cb854a03cd91ea70f257a4a80cf94f1327f2553e3f5d440f231b58a2b429be6a4c0e0bbed9b710fde76cc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ba54061886c82dc2_0

MD5 a03bf7874b1ced49120b007880d9c8bf
SHA1 9d09177b7b13f96a08cb57b4bb586863492ece50
SHA256 d19696ad58a6d176f35f5d8c6829171d9cb13d0d7c688c48b904719fb534b6f6
SHA512 4235b999c1b97c8bf09b8b0003057135d0484f38b3b955feae6e3b3eb96561a87afbe260046d82b70aeaf6f14726b1ceaa3074eaf7e129e2a0ed041262b81cef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d1dc19d99e3f8b56_0

MD5 610444cbf91c750afe0ffd1ee02a6134
SHA1 e8ea5d635a0aaa0ed4d5d46ae4973f879ea237f0
SHA256 2c3e55e693645189004a9224395a5d26fb2b7d80e25c4726fc29205decd2c66f
SHA512 4dd0e566b3ebb1b370da98f7d59d58ff3426261233f5fd3413ce1363b2d576bab69cee7ad3df215a0fa9866151a56c3c7e087f7d90adc8ebcf0c8ffdc754f72c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\759fefd8adee0ea9_0

MD5 3769a7b52af25a75ca3fa0fbc712018b
SHA1 96a906e4b780c9125432b5ef191d7c4c8b0d6b85
SHA256 d790f8e00100f3e94da8df5085c584e6b26a19e5aa9789b4850f9d3cdaef54c9
SHA512 74e15e3c6f138e768bd36417c4131f477efd893852cddca9c2739457225eb8d1186ee5a9aa4c88a34d2e8b9741101d8c044bc0818a48db931fcce1272e317a03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e6446a14af38f3ea_0

MD5 00d390355300a89cf977d8f9d98f70fd
SHA1 0b6d682bc51ea19bbbcdc5b4167d906751ed32ef
SHA256 fd4002350011e3f049799a71ebaee30c8746199cdb974587a1d68de69f60f276
SHA512 16aee3dbfcd2dc4ffc3d11432984064560db91990a2b241226b69ca6767e40299c1e4ba6148a469acf8a115c9249816ec63a5cd6ddf69083554a3dc158782964

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f3c18a03292c2e7a_0

MD5 154720e6e5ec60c3829c555f6d5787e8
SHA1 abff618b724fa0eb2771651ec73a119f9efff38d
SHA256 2ca0a183893c846009a14f8a96026d50712e96e1761aeec00ac7f7916ad96fe6
SHA512 3ff88f71077cf565ff4c22e253d729fc5b6ac8dc94e83903f91fb35c7d534ae5fec5dbfa65bd515270b7e3028f9f7bd20f8c1f532be166ecadef66f51edb9100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 458243a7e4a8f00fd693243bd55099af
SHA1 41dd5f938b0d4001ddb9c3b8cf77c71f17fe8ac0
SHA256 b1a30ca2928cbb1f45652b0308f1d3f515980c0e38a0a6299bf6a868765d344f
SHA512 b80a44e7ebafa658ff931b9c67fdb42fcf18504140291fdb1639edd61d1b459e3855d5bcd58fdde1f3fb6582fa94f51d878b1d0926763396cf20244ca3d30f82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 96edb32b60fbd01eec9c249f2567ddc4
SHA1 061fa01a7e35fd04aac2642f4c6322f9bd0ee293
SHA256 996847bfaa94e5b986a6ca0c226a45df2a1e98e6b7eb8f2ca4d2e0e407b8c6cf
SHA512 0781795aecf64032d1bf9e8c1492eed54c8f720fc173ab3847f71f1d37457980b26b33efc9fde42a1ba972e57405b19f00639794117883f720170de054e2c920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f818897fe3a0d2f7_0

MD5 5876ff3182bb33e1eabeaa30768209ba
SHA1 a4ca73e41d9efb0ab7d149d5190b24733291fb68
SHA256 9474b2b77620a65b513e4c1ba526c0fad883f1bb8a395f1512d13439ea71ea0d
SHA512 5aa07ab2013565bfd5df70d503ad7639696fc32dcad209350e734c9f998910fc3d2c893c6189bef58c157a8fd8eef14bfd0644268134e08d3c4b196d5db26102

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8cfb19a32bae3f22_0

MD5 604382a4bf1306ce75a49d435ddb8043
SHA1 a652cab9d88b982df1d24acead3d4cf56da9f106
SHA256 de04f6d66d73b6a0018ff931f914c29cf0a83f1734590aec9db67255d52aad45
SHA512 7c7958afcb3c1d72488d0410e67846e9eee832ab9dbc6d1c647a0a5fb28e8a0a2b47c124d1476c7d37d3c028928f13784995da80e9949d380d00e4444cfebaec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7a41f0d4c9d49e5f930c187012da32e4
SHA1 32f4f710d129f763fb6aed97b479844888629f1b
SHA256 8b3b3fdeaa360cda181c71a7318877c2a52b791fbdfaeed8ee178f7978bad72d
SHA512 ccb45e34a564ca2b6d06c2d0d94ff81c288fc76554d3b81e2151c0d1b52616acdea18d15f95a7490abceb814843496fc9426e78698d12093665b9b5b282892db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlifkpholllijblknnmbfagnkjneagid\0.1.6_0\static\icons\cs_logo-128.png

MD5 846df452dd5c2635943196ea625bbc3a
SHA1 1c608a85ab3eee39a92cc21b254fd4e4661dd3a0
SHA256 b91b6c587340162e0287debbe836e2f3b896f9464906b8cc5a5bf0349ebb667f
SHA512 67b7cbc35eb643a18aa09277cd76a2c255903500ae73161596f14081a0ee5acc531f37280f87d9182d7e414ad8598fd98727e995dad9e0725ec4897051ccc8df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4d20dccd13d85f92_0

MD5 f86d016d20b14e623ed318f3b3d9194a
SHA1 901fe7c2778787ef50f631cca7a89ba114b150c8
SHA256 dde7df78c5309f9d7face59efdd8abf792512f29400144abec4a8d2898d7c17c
SHA512 9e40336dd859e1597339d26578aea1ed6339f05febafa772dae0f0a6efe09b2a97ed68d7ec1937d047836668b3e771fce34f66e489048cc79eeba81b70b7f817

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40abd13404843bb0_0

MD5 82a01417466d67f8efbd49da205b3d06
SHA1 5532f6b9f7182adacfafb7b4e3d1598a67cf72f8
SHA256 978d02ca2929dfa95b873b9c237aaa6c7d2c8d35bffdba9cce510a5f6cedaae6
SHA512 04b5deb355bc9dc0e474b742715f0745cd6daff0b825e914d35a94530576118fd7ebdf5bc164fa47eca527f80754e12818c6b3a35df1e529799ac0fff2562988

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\99ad55e2e9a44277_0

MD5 85f3264fe714ef493013e5d6baab5569
SHA1 5359359cd3186eb907dce29e7d7713b0de92b8d6
SHA256 08423d368810949225bae8cfa1606249e77cd60da5c5e1d5603a64a9cbcbff17
SHA512 bd0aa3a186dee6f6cea3f82c2cf6c0d799f460a97abc54fa0946eb6038963a8db4dd0bae835f0cbf21a8974fc12b59789596248e4a2a68dafa9eb7a79579e383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3f04b9b46ee8f36c_0

MD5 e3964c696a79aebd2cc69c658098359c
SHA1 b3debe21c61537f67e0b85037035a1de74a3bf85
SHA256 e220d76caf244848b59b7de765c9a453349e7c3575b38efd074cc9e66c709540
SHA512 528d339116a0de7ebe6a3c8c1e1f039214d282284c878e5bce6dbde1bd29eab623fe1b5a2bb526801ed7770e5a1a37968708bf8cbbe2246c5fb8b0089ea4d419

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5f36a7b053a8b923_0

MD5 9903eec5c4bd5e4371b3f2bdbc6acbfb
SHA1 208ae680c299cd419edb500b69d9997934ce27bf
SHA256 069db59fb572adc268f5a2eff6b59c7a88e263b9b7fe509a57aad61256211c6c
SHA512 8ef936bd01172f4964a506fd4db66fc3eaba9759ec082e8a9b06d8c113797fd4bc1e770bed8f7a958dfc8458730ba48f4551b889092ad447dac9f783da52e299

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9f5ee4004c83f0e_0

MD5 1aab9a7077dfcbc0d4493143f586c634
SHA1 53e52ac79a74ac5774a42b3e1b6dfff194d8f8df
SHA256 7e1fdd4bb3fc704bf9124238f22f1de400c500628848a422152a77b6ffef1ad7
SHA512 f33e3fb15577d1e861fa55a3e56e95fb7770d53aad954a178b21d74456fdb691d57374274ec63f4fa471538c45f483fa1ffe81b470a8276d20e863167cbafbe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c61ec4a9ee82d6e3_0

MD5 606668a2e0da367db89c63eb08b8ba24
SHA1 e86d99de4402e50b87d44894e558a948ff05fde9
SHA256 612bd62527c95d731c2bba3306a12d282b4fcc4a5fd6ecfc97531217a77bbcf7
SHA512 d2ea8b7168280fc2014ef4a658e8b0f3e00d73d089daae3a84fceaf5978f591f6981e59bae79a0f3b1b8fa66f2c2ef3de59029cb65f0a25fb8bd7ebec04ab1b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\496cfe65cc3ac78d_0

MD5 b80767aef29021ce52046670aa5faffb
SHA1 b7355db37cc1e889eac298155a0f850e1a0ffa94
SHA256 eb055973bf6cc98de4fe0730a633a0b3b9c75e18665088a2aabfd719663d489d
SHA512 e330c9336bb0472443d79279124e07d630507a82371a38e6f65bfb9e2e94329017436c696dc963dec2eeb0545634f00c66f0008202de7c99a9ee326638d35472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13be21db998481af_0

MD5 252f8e3a46c40d689ced78913478db4d
SHA1 d71107b2b3ffb2933fada50365a2602f5210687b
SHA256 a63d518cbb8ad2ec6a408e1228fef3f9c57e0c26f428b3fd36171a9af4471e54
SHA512 431622134b080615ece1cdbd24a1886048486fd42f280f7c88c6efcbe3374fb5c8e72233fc33ff35b7fe6b8f85e6a94e2699bcc1922911e0d87580fa0dc645e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0750cd1ee488f9d9_0

MD5 e04fdc1a9610b47a21ee1e14d8932b7c
SHA1 3bc2e5e7d9a608961229663d7ebf4aaa92076a1f
SHA256 cfc42e97884498cda0137f84a0c7aca5461560a042ceb1f5c635153529856684
SHA512 4b6222c6d3980861e7c71d0f517459181f818cf9bda15214fa000a2e3e096d31462d7db4c4469404297c2d1d60bbb84969cfbfd6d44358434e70b8fb106b9406

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab

MD5 765ba03dc2c85652332da21b8730caf9
SHA1 9b54b7391459479c7edb0a51faf67362c91df6fa
SHA256 56fc77d5de80bce3bf7ff938bf4560b554f4eca324e902ab127303a39ffe3d1c
SHA512 ffb9ed4d3a62d688c8d0ebbf42dfe638cd0688f474e729dd6ef893c13bd24f11cf8102c0960d44e23cc6ed4449d81cb9dda731ed082c2be26f099267a319a777

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ad

MD5 ad98878f27b516a0194840c45845d69a
SHA1 405e69432b172319b5f6519245701bf1e03116ed
SHA256 a7160e67f2722ceb69a20f04167731a39c501b3c0444b8cc7faff168f30d7a36
SHA512 5b34225af563a47565935eb30db11b79741937ec50c93b8e9a9db9d85e022ae4c824c8b7391ce9013627dd2c601095455dc0874a80b12cccf20e603c90f2355e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\LOG.old

MD5 b7aac0e7ce0e5e49332fb0014ac1aaea
SHA1 56455895cfb73d3df55aa3932cb34457abe996a0
SHA256 8b6c6560edf08c69a1fa83990048a75b8056777d08973fda445eb68b95244f85
SHA512 3851f02ca18706921678723357c95e85ac904e3be537d51751b5e49b04d9ce1bb586cd8242a26c2b88d3261a0f3899770204daf70aaf565fc80a9087f03f38aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\LOG.old~RFe66e21a.TMP

MD5 f22db14e90ba95206ad8b47de925391a
SHA1 597858134bc5d7ad55303d24a8ccf20df12ac1e6
SHA256 c6812d2bd745a78d5e1ee6b6928e43deb63abe0e91ac4156b2a280b8e8f59adb
SHA512 e4b25bb93b729dc3817daac75c544417a9f683945efa1a53cba60438d308894636894dca44bb8d7749190ed35d0e1a0f58364266de0446c36c5b193902ff2d28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 6d61f6e2e4d7a75665c0c8f7e89d133a
SHA1 26a88f586ff40ff9081739c1c8a4d9cf71f6586c
SHA256 758b7b576455e839cdc06ace8142612a9e38a2e68222ca7465dcd739724be2b4
SHA512 4044eb2f3cb751c623dd4ab665057d5dbce36803a3ea1f673d2d2c91fc59fadab4d0d4e663b69381cab16ee0dbeccacb7ce10db3c8e18e3b55f6f61fc3525606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

MD5 492fa70c20fe43c6e0e5e633d2f2592f
SHA1 2a8a92b9f39f5c0e81839a53e11d054b1092a52b
SHA256 64434e1221d1a27a8e2e8c64d764e500c991ef881b19b155ca98a8ce95914b97
SHA512 80befa1e58235544bc304c1406b3bf7beb01b23a8b45dbfca9a8ad6def8497ec84db9384c9cd4438acdfef1aca4663642b840e7feeed982541f51138df5c61c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\index-dir\the-real-index

MD5 8a452d0d59e9def40f070fd177c652b8
SHA1 496f8fd226afe4ab2a17242e12bc60668f64fe91
SHA256 faa23cc65c879de6c66adc559f12fbb109e10a15d009b42d9d668e42280c9226
SHA512 1ee310c49409518b824c0243e8ab4181ab870e1e220e0dba186956f6cb7dd26109fce6f79e0a1cda3bec96d27e4acb08324e05bf5ae61c2c254717489aef2650

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0336d5d18adac08ccbb1ad0b9485f720
SHA1 8b61aa7726552657c7eb7b6b9a218b32b17120f9
SHA256 965144bd9cbda2f7bd4eb4d96becd35bb4c2b802b9b3d51d009540fd691e8e0f
SHA512 3a40d578e256acccf576c7dcc011610507e7eca026200226591c2373bc4c729078840881472cdb0232429340a851fdf1eca3ff9d37bc6d931002a799d06b1a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 1b9dd35061958400f4158baebbd288d0
SHA1 9a7057029a6f6b120825a1333e38683a86a84959
SHA256 b20454b9b88b60b9658725eb4dcc9ec09ddbd75a53564fe777a768c1da687632
SHA512 e4161d8f46259b89fab9f11b1a58c114e415277c35b074537afe43ef1d584735b978e51ecdecec72f45527566c97e6346d7e7c91d3312ec98bcb4dbaf14b50b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\000003.log

MD5 6723ef93caf6826d728d7075623570bc
SHA1 29b81321a66192249ed2dd9c4f6541e44a107503
SHA256 76e952609e54b09e8eb74f03d00c5cd96e91ab847b56642be9b78b1edd8947c2
SHA512 f83c5d175b312ef5c06d90b0e4e41c0b8a3d6301699bef8a62a4b02808021f1f686803b27d088434bc93e6467de30630645279db60efbaa3e38a0a4adcd7549f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 e4ad5f14a85b54e8526e4b1606305d7a
SHA1 7c5a38dfb1f1efd2c43e1435acb4f07de1ede674
SHA256 1e615c6324bb481b62630a77bbd67a4cd62025564d6ee3787f97a3167339e322
SHA512 72bb30890d9c6df275cdf08241857fc1b5d5caa347663810986ac8df37b141ce8a89eebbef7c29f580281bd61bd02646b2e48d9447ce3dcca7ce6d3e99b8e89a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9c7edae3064ec92f_0

MD5 07293f9fa64742cc7e8459377cc17f32
SHA1 751a058c57cf51772fda629c9984b609a7f02558
SHA256 52ffed56e67b918c2e03c8a928440bf4e3329f4d8dfffde76214ec2a01d8ee7b
SHA512 8df30c255a36a79f251db2fc94685aebbd88e0c53dca03c05e7a512ba2c3b25ed2d1f20f5f3266971aa2304ea487eb54a68d6db3f850253bcf116ff69beabab3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\10f82e44ea259b5d_0

MD5 66f1b0b75ddf3c775e2f46f4dd63b8e3
SHA1 ac9aede03d3b3f06b454b7f5dee564732cb17aff
SHA256 78cd482221061ad07dc0a6f2adcf614e73e1ba20540c5876b8787d6f6a56efbb
SHA512 1b4da6bfda30aab7590d2a8ce54b8a83ba93b082eab5387a1d10eebfc70e873279acf0e7ee6ada43af47171eab7139c97040b7ffce214fd3109f0d787fe752e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\LOG.old

MD5 b454a436c92ae4d5d6135533f393f22b
SHA1 a162dcfca5d9d29a200a498541df573696d83f7d
SHA256 05fc90864fc6e577f8b006623232af6caa74b851f251bb70f5c030694ddf9b80
SHA512 0db48dbe5db8343daf8e1d632daeb0f8efafb88802a9101c6152997ca84d5996b69aa4f94d762db286b59fabc0451673bc1fef734d8952e0986286c5120513ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 0f7b8a562d21c0410b89dc8085488249
SHA1 e173aaf3ed7de69b7dfd79a1356c7d593f376b5f
SHA256 4df42f809eeb9fd5dbf7fa6d6ce42ad9cdd4ef29dcf7c816be1c068cceb8d7d1
SHA512 9199a1d072591b8f3d41e5810cbadef1b49c4aa5f7dd6dd3416af9bfd78b1b6ab454dffaad3bd0b9c7b53c0ec973ab863a815137d435a5473442f1814066a62a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0cf5f60a786448c92156694db7bf3f2
SHA1 3ce47acdf7391c25f4ff5881f2aab1a2ca8d2825
SHA256 53db89dabacb21981f79fa3c9de2140ad0576c798854a64c47fac71b0179ae14
SHA512 4af06778ff0282966f6a32b26d53b2406e2bc30224c6c39a0e3c90e84ebe5aa8d2fe3125bdfedf54870695a8aea3f4049ec3b56c112c76ceb12f7070e6381cd6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 56db255b2b9b213c9bb2a744cc129e94
SHA1 68be627f3f995be2c1fd82b41e64802499fd063a
SHA256 b87b2c8ae2f444605175a9d1737e7eff18f97f6282cdfc1164ed8a7afd9397d1
SHA512 db96a5e6801bb8d996ef674be1061d7032abd91c136f558f67bc06f07aa10252cae4cdfab4bcd951406fd5ebd7b7c6ce271d037b647f7b8c700e92bf01288ac1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1c60b90c190923374c2ceb69eb2ab2b4
SHA1 6a95cb71911594e08b0ec16434d9de144a793da0
SHA256 7660423d738ce9511ed0caa855d2d04aebfa2da0829a024eb12d54778adce937
SHA512 3fb164aae9fed23b7846fa88d1f1347e035e8796f94331c7120e0365ca03188a8dccf4bd9d653a3b653bc4c2cea78e7630a71fb52786bba32673a9ee1b5ccd6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d0

MD5 42aabf0bdb929f9b343025e5fe78fe51
SHA1 763f1cfc16dee9ba940ca014713f37a920c21f06
SHA256 a081578a4a7b21e89342016915794a68c064d11e433c698e9e764feeb80c99b6
SHA512 02f829d928165ce0fbe11437a5fd5c9c68dcc83f6529830a5546327100900fe17e786a4be11cdd7d3ddd1da19a02e24be5c6e18c99add469cfc7c02d74cd700e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\19bddc55ff5ede17_0

MD5 7a50b761ce415eb1df7de6279d4e5521
SHA1 a73a4f43b059021a649d5a978156c541f76cb014
SHA256 ab7d948983b30c652f43994f6e2c5045718da6d49fe2e4b97026bdf2b94e6b5e
SHA512 d81ef7298bc76d048eff9748637e700b9c0aa650fab7bab7c8f1917549aaa757b9c24a5ae5f3df692d43048a3e02c5f66d9d7c35ecf772450ae6934c758f944b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a015e8bf3d56677e_0

MD5 1ee4a559ee3bc0494b54fd33f9d2dd55
SHA1 d1142e8de632ab1cbe7f0b405c8011de3c6aee46
SHA256 c97dbef97dade835588a1797131d9b4f6341be08398818abbba92f13aabcddc1
SHA512 cccfcb35c9ac8a619b84e31f8723f143745a7bfcaf41326cb7f74098517bca5bc87625751ad0d5668f871dec3305c9f4dc1ca37f2936c51d1b199683fce409db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4816943d9cee5da9_0

MD5 8ebcf081406d28d215738ca641088833
SHA1 a0dd5c11c978b5f632bc19bbd01e1d1db751117a
SHA256 f0970bb6e0a12fb8fbbe962d0531f289de77a4d0f7fe161c52da3236c46394d5
SHA512 4bc0e9721553d5c0cb9876aa65f601b00fdca1d16af19a5c7ec05bc3d04e388be4ab2b9455d71d3a57975368f03118780eda149b1a07884d3c95509fd779a3f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\209280f24033a9d3_0

MD5 258e80ca440412702aa3c8762af5bc27
SHA1 d27851bd4659291834f60ad1d49429a8e64409ef
SHA256 ef7bd3f0f1333fe5710135e2f140ab57b3078054f3e598a4493639843efdb4a0
SHA512 62a953ed25d82da89958ac5423bdafe111b454fef66e9bb1ba4856e8fb11f70ecea4850642a1b435e2a064b4b917ae0984845fbbd53492f6df7711e92706c3e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

MD5 2c10a446174e7854e57e3af122aa19ab
SHA1 c42a3313774e3bf27e48d6cb47ea2b0b532893fa
SHA256 cb8efb4a8650fa5e36e771324f5b5920c3e460056af4698b7308f4afc12a1953
SHA512 e5d512020a55bf4545a576e083053485b5b3a076b6b3316258940fc4eb5941bb56de4efb3fce1229a5c45e7af44588043c5347a2f81fb58fab0e777732496c16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 664ff8f87e0a39613d963fa5f077415d
SHA1 154a0df81614ae7e91b9d190ef4d2647a5ce5f32
SHA256 827d38cb127aeb456ca1e6ee0b747392ad33a21fa11dbe175179bcd7bd884b32
SHA512 8f408742da17f6d57fb15e6ad11d47197c48ca2b8c1b6b83432943ffbb92c3d9915164441c932b6cc2acec672f16a17f103b42dd9aab81542428bfd927e79c67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 99110471822220dd79e464792c6a66b4
SHA1 fce7b15a3cbacdc7395a63b77ddfc3985dca368c
SHA256 b117915178a4036a450e2dde2524373c21f0e6109a192cc539ea4ae473a2ef7f
SHA512 7b876776ccda3d53136a793c92565e3b809d7496c72baf4404b40b8a2fae87cd4fb7706754b800b2a0d962d8037a144b28a15a883da6cf79106aa141def28395

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 cc7eae5da0769736a2cfa7c378bec6a9
SHA1 fa4008a599c49d2ef31a7ee75a32d717f5c80c2b
SHA256 b991d68fc1798683e306d8266dbe40e8506f2c823468927df140f09e38e77152
SHA512 03a3a12c7426bdfe36453c15e1da98416a78551d60d0d4a0724802b810ffd3cd15c18623b992e46a21762f43287a5d63a41196241004776c756ab8d9a52090dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

MD5 e50fd4b72c8087dee4b678ac98baf511
SHA1 ac4fc03ddf8bc1b9299e305ee6373b2c231f93d1
SHA256 79b51934d4f6c12b4209223cbd39904a0f9ddbd19c36ff027edff49ffced0a8c
SHA512 9901d22a1a59d310742891c1b1669fa7a6a7a77e2ba0ab5a1e223fc3985aa7a1a02f909fbe5aa54dd532c579a49b433832c8228424bdb40f9fc3cf26df1fdf6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa23f68b8dffb65643d52cdddfd7a651
SHA1 0b99e876817f36632389dd9020114139ba3d7717
SHA256 73d67dd43d94e3d146d64f2ab0acfca6736ddcd66b085756239a4156c5bbda09
SHA512 9a8b74ceefe81b59a4932d54e5d572e1a3211599cb951f9df127c2c28a1b992a40469ddf671edfc965e7591a62a552a858e371f5a44ec390dc0add6b088e57b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 973936be0b0ac3bdad8562b578e42e54
SHA1 c1a5cc9d02bfb55c7a98532cfadef16a2f299231
SHA256 cfe273ea2d2dbe71b04459bce76ef9beeb4a2f24666f0358db63156f96b4472f
SHA512 ecff52feeda571d5e2c234a93e538bd3be659be4f77281d3b00fc05f7f06672d30fab9035b1d86f6c22d148466b5c3983b78295eec1bc9397a2a9b3e1b215e3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 178463cd4e58a1c16e4753afd48f8768
SHA1 e6f2f116660273d13835b14dbe347b38d4ec1b33
SHA256 c84cf96a8025165b9cdb931e1fa5469c1b52e9e17b866fe622c762b25ecc49f9
SHA512 af34841953cdbcff638e3393b3c986a7a81832ee0c81ba787dc518adc73da1201d5a2ccb37321665fa41c2b630693fad39f35d5b72959d24e48b9ec79aaedf9e

memory/3964-13074-0x0000000003130000-0x0000000003131000-memory.dmp

memory/4536-13086-0x0000000002A70000-0x0000000002A71000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b25c545e-08bc-47d1-8a21-3494c0384b7e.tmp

MD5 3be40e611b4cb008e62756c3ce80bb8a
SHA1 130d492afab01bc1d0a8f315fbc4c964897d7544
SHA256 8a0a4fc30dfe90887500ce00235d2f15aeb03b3aa15201b17c96ff7c5cf88975
SHA512 aa2a1f9c99d8a224e51843ff2e6ec41cdecab4a0053c6d9f2375c7492df1d41b79cbd1deaecf649fa137ca2a7f994f9a681a1eabd34693f044cd425438172e11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8f0f3c0857400329e9675307daf8c83a
SHA1 2a0f130397c634fab7cc99478f973b3bab3ec581
SHA256 fd08b294040cdb41fb9ad776e0df1080f720e506169028c17fa854e9cfe7e81c
SHA512 5c30182d1cec7f17774367c6f076a1bb5df4ab1a0b51fc3e426d36dda7a95290acd6d526f5bad334944a887d986e30ac0c6ec0a8c1e89c4dd9cfc8a1d807b22c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1bdaea56edfa0fe9c4460ef2e1e63351
SHA1 80d2c25dcc5db239164b8f12cf7003c01ff1447c
SHA256 b386284f7a29f94624a0bf21ed13bf5389b9eb465f26b85006a8b38562eb9697
SHA512 d7125913dd5e84c6184a55db0818123b13836279a1173523204ae54edb525b31130071e419f66069aa40b1b19b5a2a8ba92d2d9136ec586af6a52009d2f10c89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3e87953c446a150d514ab288e22d4cc
SHA1 baf601ec0ea23b1c78d9ec6db65347586a8bc7e3
SHA256 554ed1eb86d071bd4a1f350ca62e1b7b83522319e5b78ad388e814622cc0b510
SHA512 ad537e27a4bd5088b106582167325ac52e1ce472fc8177db641637c324f209c38d27828f953ff57d048bd70f805bc37fc865eaf94644f820e22af7519b9b656c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 08ac4585b549e7c0f85cd67b2f1c35a2
SHA1 a56b9c47bd8e83f24258d4045749f185c5fd8791
SHA256 1b9d19ae9784cfb091c74838c7e78c1c0d0bd9345e421c03ed63750f9af37276
SHA512 37b83bc0356c9822f61bfc827d3d530cad3f68b0aa0aee3df11368427b34e049743942c417b56ce751f9f8a4d4df85906357cc580061973ae3a91af5f4484a75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

MD5 1bdf58667ee4ffbe7b28bb3ffb2c90cd
SHA1 40561b99aa1f9f598c0f93e31d49822bde524f6a
SHA256 a15100afdf3ed154c0e61f1cd36c41aade2c72b12c7a3fa505ef17de0c642fd9
SHA512 2340e2965162ca66fb85a0d69725741e52ddf0ff71187476907aac6eedff12ebb04f62300da704fe1cd24c6aa79832fd05c5b4dea236ce4734bb220ef009f705

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 251b087ed9f509e19ba4199a2efedeb0
SHA1 6498fad808f6666e282375a05c8c8abf8bd0955e
SHA256 0060fa65ce47a8eb45ead6729d6b5eb33a83b1dc8cc17575d681ced73ecc1593
SHA512 3a0c554ec1796b926e3024eb77ce5409707654ebac61106698de1b475c50cf33105d53091b68e3059be45b77598cec39d4f9bd837724f2d1557b62a02de0e2ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_1

MD5 74aa249f762257785942fedcd1c37a0d
SHA1 eb5b36db5ebfcc16ffd1ed7a7beae0d7e24fae96
SHA256 c8ff5a5aceec82a6865d01ac36b13297c49e6c8eafcedd5e10b48d5a4bcea5ff
SHA512 c9a9ec9e9d4ef670e6810ea6d9c25f6eb403f31e021651da780043c925e4617e49ac3d15bbc4119d1b0c27ac2ef87bb2600ccf51714eed7c78432af2e4c2a72f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5973996f0d3ea1f0a9cfeb69687e6615
SHA1 10f7734f97ef5f23dbac4319b5e0a5656f8935ab
SHA256 e2497a5473bc2651d4f4fe031a3b6f9d02a97f032e8bcd38335b3e02e7c7dffd
SHA512 129fe47cc353d67eebaf2933b7da162db9a84334639185c12aade7dc00888565e5e8a5b74fcec9cb33fb3041b92f0a970cd5e3e879fd163e305f75b831bfabcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\3b0f7bc8-d5e5-453a-a941-0f2eb7924213.tmp

MD5 2133671caa34abb876e154af4bda6c57
SHA1 8144ce8518944ffd5f52abb57f96514e4358787d
SHA256 dc1a6e0fe3b58785b210597ad27283ac1c16b93287ec26496658c0d5b23ee0c5
SHA512 7d6d16c945be6511625bf78d4a4462f9dd56336d8c9033a01e74f18d1f0a75af76dc3645c3966596cd131c54d4b6d7230e6c9587f76029f11668b7d84bfd742b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1f40b4e424472171a9c7cf28f0d08837
SHA1 86c0fdd4b86103e8d84a6929cd42b72387771921
SHA256 357c6a8e2b6f0d0992f822bada5de66ceb83a7746febb9d3a6354b8d07b47122
SHA512 0f3dd00b1bb547a08dff43db739808b3d0478607b3c2ec7b656745008c442132cad5d0440650445f65ea9ef392c14a1676926e7e7810f30a0352b5284ea6cddb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e3

MD5 95ad70b0720495f26f4b7dc7aa152c13
SHA1 d325d177460b579980d6b36a4da2defbc709d6ce
SHA256 7d40765179bc45d7b2a36b9f0d49d12c2048abb154ed0ecfaa2433417fd0cdbc
SHA512 ca9f7e4fd11ce28a5eacee9cda062c8418b4d6cb440ed82328c03d7c1d1835d7aa175a2ac5e35ce2ec3ab6a37ed2fae0bf2eb61c7b08199299b6dae9e5194fc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2e03bef6d75ce4bb4f3d603973d2c36c
SHA1 d3e6300e64efff4aee8995810af1d0afcf1f01ec
SHA256 5963b300c61554b3add86934b8f6f69b0f77ae345d1260bf23508139018ce0af
SHA512 c9cc27b99e750bd8b6cf0ddde2d85beb5f5ca1d4b6aaf2b9ad15399323f81e5cb925abeed70dc28ee222aebc43c4fa3ba06e5463355583c1f76c87a7507e93c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8ffb7e43740df4e9d62a8365f2213157
SHA1 1d25a033402b392f15e0ab463f791bbe47424319
SHA256 cca0c6347b45edb6e15cb71708e969af0d9f2e31cbc2ea1e251d99d94382c8f4
SHA512 36f9bb56dc5c00d3707e0a960059690c49ac73c8c58712716e4da746a19d5e6ed4331a10a9231014ac66dc630fbd27e5ae650255b1f93ea42b9f22b9c2847183

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1d39d6c22fa9ad7470755ab5156d6059
SHA1 1e66b95fbeb2ec1d4b8aac250a2cad50d06220e4
SHA256 1733c5f11ecc333b01e8c3e18508a32c5b136c05be025b62a94105336b21a665
SHA512 ad0b65e007e409db3c71f7e1b38a0cc6f25548144a3d933c873ed35e4907484a5ae37fa159b0bd920356203cce1acad1b8ce36527ea238150b9d6befe23fecdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 686bcfa24090c76b3f31426350c6fead
SHA1 3efbc96baaf24ac75dd869cc5fb94b02778fa9d4
SHA256 ff4af1ef252b1554970cc9293654f470d446b27cd992744ead9d0293dfb75272
SHA512 4c6a3504417d6bb876089c6459dd80c617e5915610749bdaf5e8646bb997b1dbc87b5a6751bccfe9ca25c07339ef8c69bc0d1ba3a3823d789f1022645a24a4a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000211

MD5 ada8c7cac7861266758a2aeb42393a3e
SHA1 7c11e2417c6e9f671997c08e4fc599e9ac8f391e
SHA256 de78332df8e93dd69abf4216e6306b07b2e2d91fa1cd81475d0ed2118fee69fc
SHA512 4a21cb747c172a8a9be564e3e0241c4cbc6f7d875224a62a3453dd99fabde8dd65442ea4ed8280f145276aa28c4da20ee654fc9020373a83ba5c7915c51dec9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 30424a4a86a3879a2d0cc45fd69192f0
SHA1 d73be889912dff7a34e712fa39abd5a53d1465eb
SHA256 4754e2108f07d2a4a322120f9724dae5d2eb63048343c5653d30eaf22cfe92e2
SHA512 576692320c77ca3e4ff454126e2f234da7431cfeed69cc332bca86115f5defe8af4246ca5977db896a933666f35b807bc1d26085bdf23e8e804ad332fbf1fac9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 41eb81fd07f6919efe952390cdbba67b
SHA1 e79382845c6f3cace216ab3faa7d31bcc793aa0c
SHA256 79f373adcd86660a7532fe4801d956f005cd43ddce50f1e57ba591e249adaba9
SHA512 88e3fcabfd10592815c03ad4d6a8dc5f973bb616ac89242741edbee5c5926f8faad751cfa77d010840448a7d320fef2bc0c3c297775da4b38597dfc148e51f53

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-29 16:46

Reported

2024-03-29 17:16

Platform

win7-20240215-es

Max time kernel

1561s

Max time network

1562s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe"

Signatures

Reads user/profile data of web browsers

spyware stealer

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\109.0.5414.120\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ml.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sk.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_hr.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ru.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_uk.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_pl.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_am.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sk.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\cs.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\el.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_th.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_en.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_bn.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\es.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdate.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_es-419.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\psuser.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\chrome.VisualElementsManifest.xml C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2336_1991325300\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_es.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_zh-TW.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_mr.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_th.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\VisualElements\LogoBeta.png C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\psuser_64.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_et.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\tr.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_nl.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sr.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\d3dcompiler_47.dll C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\VisualElements\SmallLogoDev.png C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdateCore.exe C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ca.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\chrome_100_percent.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\ar.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\fr.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_tr.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\lt.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_pt-BR.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_vi.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\CHROME.PACKED.7Z C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\vi.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\vk_swiftshader_icd.json C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fi.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sl.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_kn.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fr.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\Locales\da.pak C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\libEGL.dll C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2336_1991325300\_metadata\verified_contents.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2336_2116029539\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_ro.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fr.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_gu.dll C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_bg.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\109.0.5414.120\notification_helper.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2336_1991325300\crl-set C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2868_2061276119\Chrome-bin\chrome.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_fa.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.372\goopdateres_sr.dll C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ServerExecutable = "C:\\Program Files\\Google\\Chrome\\Application\\109.0.5414.120\\notification_helper.exe" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\INPROCSERVER32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\INPROCSERVER32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ = "\"C:\\Program Files\\Google\\Chrome\\Application\\109.0.5414.120\\notification_helper.exe\"" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4EB61BAC-A3B6-4760-9581-655041EF4D69}\AppID = "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\ProgID C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{909489C2-85A6-4322-AA56-D25278649D67}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.shtml C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\LocalService = "gupdatem" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32\ = "{B50B3FA2-B519-4C16-A932-46E9FFD1D910}" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\ = "IPolicyStatus3" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib\ = "{463ABECF-410D-407F-8AF5-0DF35A005CC8}" C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{909489C2-85A6-4322-AA56-D25278649D67}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FE908CDD-22BB-472A-9870-1A0390E42F36}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ = "ICurrentState" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4C0B6D8C-1ECE-47E8-8C92-4CD88C0274DA}\InprocHandler32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine.dll" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4E223325-C16B-4EEB-AEDC-19AA99A237FA}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}\Elevation C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.OnDemandCOMClassMachineFallback\CurVer\ = "GoogleUpdate.OnDemandCOMClassMachineFallback.1.0" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1C4CDEFF-756A-4804-9E77-3E8EB9361016}\AppID = "{9465B4B4-5216-4042-9A2C-754D3BCDC410}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\NumMethods\ = "10" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7DE94008-8AFD-4C70-9728-C6FBFFF6A73E}\LocalServer32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B50B3FA2-B519-4C16-A932-46E9FFD1D910}\ = "PSFactoryBuffer" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\ProxyStubClsid32\ = "{B50B3FA2-B519-4C16-A932-46E9FFD1D910}" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\ = "ServiceModule" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ADDF22CF-3E9B-4CD7-9139-8169EA6636E4}\Elevation\IconReference = "@C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\goopdate.dll,-1004" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3COMClassService\ = "Update3COMClass" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\NumMethods C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\NumMethods\ = "16" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3WebMachine.1.0\ = "Google Update Broker Class Factory" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}\LocalServer32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57} C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\ProxyStubClsid32\ = "{B50B3FA2-B519-4C16-A932-46E9FFD1D910}" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}\VersionIndependentProgID\ = "GoogleUpdate.PolicyStatusMachine" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}\LocalServer32\ = "\"C:\\Program Files (x86)\\Google\\Update\\1.3.36.372\\GoogleUpdateOnDemand.exe\"" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}\Elevation\Enabled = "1" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\ChromeHTML C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42}\ELEVATION C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32\ = "{B50B3FA2-B519-4C16-A932-46E9FFD1D910}" C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\ChromeHTML\Application C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 1544 wrote to memory of 2384 N/A C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 2104 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 3044 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 3044 wrote to memory of 1468 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1468 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1468 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1468 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 360 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 360 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 360 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 360 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1968 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1968 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1968 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 3044 wrote to memory of 1968 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 964 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2384 wrote to memory of 1716 N/A C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2980 wrote to memory of 2648 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe
PID 2980 wrote to memory of 2648 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe
PID 2980 wrote to memory of 2648 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe
PID 2980 wrote to memory of 2648 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe
PID 2648 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2648 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2648 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2544 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2544 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2544 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2820 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2820 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2868 wrote to memory of 2820 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2820 wrote to memory of 2360 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2820 wrote to memory of 2360 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2820 wrote to memory of 2360 N/A C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe
PID 2980 wrote to memory of 1772 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe

Processes

C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe

"C:\Users\Admin\AppData\Local\Temp\ChromeSetup.exe"

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={C6830189-A360-FBC6-9312-5F1B062152F9}&lang=es&browser=3&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regsvc

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regserver

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzIiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRCQjVDMDYtN0RFRi00QjM0LTlDMzItMTNCRDQwQzA3MzU4fSIgdXNlcmlkPSJ7QzA0OTMzM0QtM0MwNS00QzdFLTk3MTItMzMwQkRCMTg5NjVGfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezc1QjEzOTVCLTY1NzUtNDlBMC05Mzk5LUQ2MjBDRkZDRDEwQn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iNi4xLjc2MDEuMCIgc3A9IlNlcnZpY2UgUGFjayAxIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7NDMwRkQ0RDAtQjcyOS00RjYxLUFBMzQtOTE1MjY0ODE3OTlEfSIgdmVyc2lvbj0iMS4zLjM2LjE1MSIgbmV4dHZlcnNpb249IjEuMy4zNi4zNzIiIGxhbmc9ImVzIiBicmFuZD0iIiBjbGllbnQ9IiIgaWlkPSJ7QzY4MzAxODktQTM2MC1GQkM2LTkzMTItNUYxQjA2MjE1MkY5fSI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSI2MzkiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /handoff "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={C6830189-A360-FBC6-9312-5F1B062152F9}&lang=es&browser=3&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty" /installsource taggedmi /sessionid "{54BB5C06-7DEF-4B34-9C32-13BD40C07358}"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe

"C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\109.0.5414.120_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --system-level /installerdata="C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\gui7551.tmp"

C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --system-level /installerdata="C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\gui7551.tmp"

C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fd91148,0x13fd91158,0x13fd91168

C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe" --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{CA8B0AB3-AD79-48A2-9B0D-7473E782B981}\CR_46ADC.tmp\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fd91148,0x13fd91158,0x13fd91168

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzIiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTRCQjVDMDYtN0RFRi00QjM0LTlDMzItMTNCRDQwQzA3MzU4fSIgdXNlcmlkPSJ7QzA0OTMzM0QtM0MwNS00QzdFLTk3MTItMzMwQkRCMTg5NjVGfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0Y1OTJDQTZGLTlFREMtNDZGNi04OUFBLTAzMDUwMzYxQTk4NX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iNi4xLjc2MDEuMCIgc3A9IlNlcnZpY2UgUGFjayAxIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNDLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTA5LjAuNTQxNC4xMjAiIGFwPSJ4NjQtc3RhYmxlLXN0YXRzZGVmXzEiIGxhbmc9ImVzIiBicmFuZD0iIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iNDMiIGlpZD0ie0M2ODMwMTg5LUEzNjAtRkJDNi05MzEyLTVGMUIwNjIxNTJGOX0iIGNvaG9ydD0iMToxZzh4OiIgY29ob3J0bmFtZT0iV2luZG93cyA3Ij48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL2VkZ2VkbC5tZS5ndnQxLmNvbS9lZGdlZGwvcmVsZWFzZTIvY2hyb21lL2N6YW8yaHJ2cGs1d2dxcmt6NGtrczVyNzM0XzEwOS4wLjU0MTQuMTIwLzEwOS4wLjU0MTQuMTIwX2Nocm9tZV9pbnN0YWxsZXIuZXhlIiBkb3dubG9hZGVkPSI5MzEyMjYwMCIgdG90YWw9IjkzMTIyNjAwIiBkb3dubG9hZF90aW1lX21zPSIxNTMwMyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzA3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzQ5NSIgZG93bmxvYWRfdGltZV9tcz0iMTYwMzciIGRvd25sb2FkZWQ9IjkzMTIyNjAwIiB0b3RhbD0iOTMxMjI2MDAiIGluc3RhbGxfdGltZV9tcz0iMjc1OTYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleUpdateOnDemand.exe" -Embedding

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ondemand

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --from-installer

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5d46b58,0x7fef5d46b68,0x7fef5d46b78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1592 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2132 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2148 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3068 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3360 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1436 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2212 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3812 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3864 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3904 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4016 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4004 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1268 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=852 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1000 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2012 --field-trial-handle=1280,i,4619286149098804201,16363123582573693248,131072 /prefetch:1

C:\Windows\system32\taskeng.exe

taskeng.exe {69894D77-A933-47C6-8A88-1C6FF3BBCD84} S-1-5-18:NT AUTHORITY\System:Service:

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /cr

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"

C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

Network

Country Destination Domain Proto
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
DE 142.250.186.35:443 update.googleapis.com tcp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 108.177.15.84:443 accounts.google.com tcp
DE 172.217.23.110:443 clients2.google.com tcp
US 8.8.8.8:53 www.google.com udp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com tcp
DE 142.250.186.68:443 www.google.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp
DE 142.250.186.35:443 update.googleapis.com udp
DE 142.250.186.68:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 142.250.186.138:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 clients2.google.com udp
DE 172.217.23.110:443 clients2.google.com tcp
US 8.8.8.8:53 update.googleapis.com udp
DE 142.250.186.35:443 update.googleapis.com tcp

Files

\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdate.exe

MD5 baf0b64af9fceab44942506f3af21c87
SHA1 e78fb7c2db9c1b1f9949f4fcd4b23596c1372e05
SHA256 581edeca339bb8c5ebc1d0193ad77f5cafa329c5a9adf8f5299b1afabed6623b
SHA512 ee590e4d5ccdd1ab6131e19806ffd0c12731dd12cf7bfb562dd8f5896d84a88eb7901c6196c85a0b7d60aee28f8cfbba62f8438d501eabd1bb01ec0b4f8d8004

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdate.dll

MD5 dce0fd2b11b3e4c79a8f276a1633e9ae
SHA1 568021b117ace23458f1a86cd195d68de7164fa9
SHA256 c917ad2bf8c286ae0b4d3e9203ab3da641af4c8d332e507319ee4df914d6219c
SHA512 ba89867fd2bea6166b6e27c2a03a9a4759aee1affe75d592f381d9cb42facba1af1535f009a26f2613338b50de13b6576ab23c4e24d90827739f1678923ff771

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_es.dll

MD5 f49411f7f8feb475ee096db6a5938290
SHA1 6926ddaf08b3f701fb357f032e76bb33e63f50f0
SHA256 e7a76d367bffea50a8f0b2f8daee91b3e5250431127a9dfdaa25980c39b22573
SHA512 0f95d6cf92882a30dedf4b51bda94cff87da327843569aa4f3c763fa2c658378795adaedbc3d93958128376e51d2d0792958def24a2e19c57d6717153d3512ff

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdateCore.exe

MD5 021c57c74de40f7c3b4fcf58a54d3649
SHA1 ef363ab45b6fe3dd5b768655adc4188aadf6b6fd
SHA256 04adf40ba58d0ab892091c188822191f2597bc47dab8b92423e8fc546dc437ef
SHA512 77e3bbb08c661285a49a66e8090a54f535727731c44b7253ea09ffe9548bae9d120ef38a67dfa8a5d8da170dde3e9c1928b96c64dfc07b7f67f93b478937c018

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleCrashHandler.exe

MD5 4c3832fbe84b8ce63d8e3ab7d76f9983
SHA1 eea2d91b7d7d2cdf79bb9f354af7a33d6014f544
SHA256 8fe2226e8bec5a45d4b819359192ab92446b54859bf8877573ab7a3c8b4ada76
SHA512 e6e316bf3414ffb2674bf240760b2617ced755b8a34ad4b3213bcca6ea9a0aa3c2e094319d709a958f603b72197bfa34b100dbe87b618e17601b2e0dac749f84

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_bg.dll

MD5 0d7125b1bda74781d8f1536e43eb0940
SHA1 39818cacce52ff2edfb2a065beb376d43fdb0a93
SHA256 00dfe30f3e747b5788f7ae89b390e63760561a411b7e39257376cd13700a1e0b
SHA512 c34d7405acceb7186cf63e75083981b9230d2755e207fdfd1dbce7d59a96f30ec04c28c12dbe0ed96fb595c63dec8819c08d406840787d9b9797568fbf50dec2

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_bn.dll

MD5 64ed14e0070b720fcefe89e2ab323604
SHA1 495c858c55151e2400a1a72023aa62216033f928
SHA256 635f3a7fd3c1f62eb91117189ac84e1a1e5c3a8e104863d125c16e8be570e3d1
SHA512 4fab73de11e595c7e4edd9a66137f8e7b0b13db1799dbe4c10dd766783079d38d560c6cc1bf9af4bc1abd71f1706643bd9a31c0f58e55df3d0dd7d739e1480b7

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ar.dll

MD5 d1c81b89825de4391f3039d8f9305097
SHA1 ecfcf4b50dfbb460e1d107f9d21dd60030bf18c3
SHA256 597fe53d87f8aa43b7e2deb4a729fc77131e4a2b79dc2686e8b86cc96989428e
SHA512 a2be34c226c0a596efa78240984147196a4de8c93187af5835f0cec90ed89e7dffd7030cd27e7a1f1bd7f26d99322e785e195f5d41bf22e00c4af08270699642

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_da.dll

MD5 13bb66cf80aea019219f9181496b5b74
SHA1 8bbd83fff1bcdc01e93ed263b8564519a7c6fe7c
SHA256 c9e878e8c3a2ebe17df25c3406a0c449d93e56620e3006e83ce777952f47a488
SHA512 e7c84e8c600767cb4df43b9ed1c5220becde79c32f832158bd78368ec9b04422f272715bbca5a261da967fcb019dbf01d154467c77d2775e46e19ab3f6d64f9c

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_de.dll

MD5 c1dd450c8f536604579902fb23013233
SHA1 ae60094a4a1a2a33624a65b0ce3132a77de6c6e6
SHA256 a8422f753e831ea71c41867cfdc767fcbc05874fc039a0101bd05c571f8d822b
SHA512 35ab265a6363856e40156185bffb93d6481ea321f63a033160847cb88cc0764a18f14f9a72265e2f1f9caeff4702efdd147a46b23614fce090e08b78cd3ebc4f

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_el.dll

MD5 59ba1742a224cb96c89ca335ff208409
SHA1 2b595feed6efe926cc87c16534c3b8bafc511cdb
SHA256 2836ec2d0830b66f281d65cb24f9ea2311e6464f13d4d0e41547be5ce994582e
SHA512 a4e7bd47af97387ef0828daa4d1b6f820faef02c28e77dda0da08e0a4766f2beac42d4ac5dfec82e7c3fd1a39e9d6a1359d45750ebce4c0e6722567b1df6e919

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_en.dll

MD5 0d30a76bbcbc637382fad5a927297a2f
SHA1 39dbd1bcb5372e06aa4ffa3a6fe0010bf8652517
SHA256 dc22cbd055cfae79301c7906ca1e2a1e926aaf943fb11d8060b91202bd5759aa
SHA512 1d73f9a223ff1d292a4886c1377a2dca0459b6f757f814d73e66746f25b4e97fbaf90188d96cc1829bc9a288b5a118ff472fabb1c401994b1524d70e92953f8d

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_en-GB.dll

MD5 68420a06ad032bd6a79b2472c3350476
SHA1 4e301f757c209dc928ab05370a51abca66bd38d8
SHA256 bbd19a75809f516726289377f97d67ae5f9122fdad0ad9f34974cbbbc91b9968
SHA512 9829cb34552d85b99441273174e801f401b1d7df3c7140e8bbdb74b77008e3e258bbafab2afb3f01f7909198c1376a3ae9360c941c7df60ad49309fb916b5f8f

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_mr.dll

MD5 b7479d97664ff3f68883a4665ad46f03
SHA1 fed7419a8408adecd531d6f7e1a24bfbbb97a25b
SHA256 d8b54b04a01467927702a439f875de02577721da3d6b393fc9b6d5f81f0e363b
SHA512 3885c46f4763961ac41ecf4e33ef67f560b14672087894bc0d72b6fdf1e73feecc5a4990f0df52759032085ae4b9cf918355010954166614b18e3cfed2e82645

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ms.dll

MD5 7f3113def8e50c086bbe84273477bad4
SHA1 f29165a7988ed9b46fa162b02cbc58e3baf9dc8d
SHA256 60821a3672d3170f4d2e230e4c72aa3fef58cdeea16d0af22b5c2077bd76750a
SHA512 3fb6f5ea722e81ccfbaf01110fa341f8299a81b71ae072f52d11e2c8b3bcf202175f9c8e176c289aeac9d405d9919e406ae75929a942b52f49cc52a0858611dd

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ro.dll

MD5 dd97a63df7ddfc0ed38f09dcfb8f31f8
SHA1 ed049d9162f9216ee6b440ede178af8ae489501c
SHA256 69333435afbc6821a0f40497466f98fa8e20a10ee928b2a85ec711ac77d7442c
SHA512 f2b99a9fde86c21bf99423d1686a0d9a7d4a064ae9b648346db65ec071e86e6070b0bd72d24a2806a316108ed7cb9b1bdfe8713e1c8f661bd66ef5f540e1207c

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sr.dll

MD5 66813fb0d3a66fc673133c288aa21f29
SHA1 c934f77f2b4e8f8be1d9a63497a7549e5f9e4a7b
SHA256 6a5459c40d0e8f8d7dcb3aa457d70bf3655f8b9f52121ab16adfebe56a8aaf73
SHA512 ee7f26f6734f8743aafd7a41b647dd92330618f9014e88bdcb8fb3e1b90f7b6d6a3cf4df22171d7add5df0af8196e8ad68c85bcb71a4d75f1e31061a52055fea

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sw.dll

MD5 e17047f1905dd4a7c54f6b7391a3a2b5
SHA1 460e93c96b4605ea4ebb8cc3b5c98880b238b38e
SHA256 21d08e9fbc8d311096e48d0121b6e139308f008e588e9fbb2c044ad54d0c6fe3
SHA512 3a060c089a5a200ec38a275f44ecb02c56764efa0860e4f2ce4362820265c9ef2a8e5b5fd94aad6ce7e9fb619cc4afd1bb477fbfb3eacfd5dc961d0a38fc552f

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_tr.dll

MD5 e05348222ebc21d3d1b4aed180a62566
SHA1 851394ae7d9c9fb85979b7d0f660a415004def0a
SHA256 531415cbe8c0753227934e926446872416e1593bd653826aa29bea9e6f5ac668
SHA512 055a1ae42f5cd9229884efbea235085326b1b8904c4c28c5096430bc528a19ac29d450740a76d5c2bfd69d67a7e78958343fbaab575b80ac495b3e373ef26502

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_th.dll

MD5 21e645b6564a4bff088abcdb94f7b4ba
SHA1 db9966ea497a9c5532172f8cb70d037fe2daa13c
SHA256 08e643f88d1df3f681824923eea75f7dddee55d6ab62dceb5a812c05ce8c753d
SHA512 81d7b60b211230c9af1cf4b016e80092e3e765cb40e775992c850495ce8e4f9886f190a507650f26f092a468533fec03b01ac3837d94282e75380602b9db5e78

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ur.dll

MD5 3c9da7f71844beb6dd85f8d77172b908
SHA1 d54ca9cd4187dd7c165f549e34ed577f6b4b8315
SHA256 5c95d80d684e8a886dfbbcfb54f2ef4ad6c26ff0e17c6ccfec2d8373bbc32a18
SHA512 ccd2b2eb17a25c95e8596600cdc629ee26780d014788db8a526df058832aff7ebb2bb3273e5c0c9642d5949e78ae5a9f89640aa3c8807fa106338b459c9ebcd1

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_uk.dll

MD5 af3f42cbb576430ddd211c4a1fa1d5a9
SHA1 69149b4a0ee61c2250bd1a758fa7aa7c281a6178
SHA256 4d72aad9545ab5eb6a89e3690675abf9007caa376d9da6b0c8cb5c704ba9407d
SHA512 903007ff6e99201d38cf4b9ecc54df9f1de67dc58cbcc6277cede1be2fe8ebb508d6a37dd4fd98d64e9a2616625544ae1302daf335c2454c4a56c7cb4d18dd1a

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_te.dll

MD5 456e12d968e0e77270173ef937915c3c
SHA1 0daf03d2c505467fdec7b5bdfbe3699554892164
SHA256 c5c9ac04b400b67c6cfdf2ee9c21901df239a00cabd402e59af0a00d4efb0173
SHA512 aa3a63145ee88d266e8b57202d01e934aa79b14c6cff6dc1381b1c526a3f890ef6ea2917da7af1acdd04785341b025fea3709e636c9d36745e644cc2abf5a1e7

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_vi.dll

MD5 154b7a3dc9ae005e0d502e2d02b3473d
SHA1 03ee0b94992a6edce78abace71c9f4efeafb7c97
SHA256 a9d43ae666670ecd93a16e131f402ec40067e44657a0bbc5136b152ad4706804
SHA512 823246acb4205a60610b5fc09f54f758a70bc1596e118e323a1fa5092621094145cd5ea75a22cddb944bdd7cd3a93d87b88ea887b1455ebf028eb6b9d0c1fc13

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ta.dll

MD5 2c0f7d4ee79fae77026d5733989b43c7
SHA1 fe9395690cd573794d40f04e16b828138baff120
SHA256 b61196b93e653dc3b6ab3cfb367218081a88a2dc21f678deb79ad47dcaa2d573
SHA512 32dfcbaa68f8cd387dd7a05d056368382911d7ec80b22475d182912cd27ff3888a0865916b9d76d76777a24f16facf54ee342d1a7f4ab3b87624dda1e72a367a

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sv.dll

MD5 54c3bd48650dda24560a3f567929a876
SHA1 53c6a27155ee329774d97b533210211a9946d607
SHA256 ab5cb8da8269308eaf2a2c0cabacfd02f21787c08ac99c5380bd74a6307ce6a7
SHA512 009a1397bb13b0b4a2c540eef4927c80754ad27a88e54a998732604a902c97594fac3e46303224b90f5329168d3aa468610be46b64f25833fa5e68a60f2baa7a

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sl.dll

MD5 10c0234687254950bb93f7c379c1da49
SHA1 45b21d2531ca4f8ed67767c3e813b3a5f51845d3
SHA256 0eaf7f8721f2b51d10ff36c1ef0bc7cd958b351a81a720e0b8908f93048fb88d
SHA512 1a6ea2cdc3b55618f8145ba957089f01c613e407797256fa540a7ac9723a216419463a07a0a99fdc62d827dccc5f6290f84e79b21e810ded9f990331e422d70d

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_sk.dll

MD5 59e7c6d09737f36d43dc66cf6550109b
SHA1 4bdc91ba8fc182ed213345e49b2806918cc03712
SHA256 99c406740386846de02fd0b8af6d63b1b6de586f0d3125846b904c8b2f35ffef
SHA512 bbac8e066927efb40545e2d474dad921dca646407e2bb2360f6f7802e0cbfb71c4b60ae8eca6c13b49cbe469141a301194cc43cb12464e1e826c56ba0a04e4cd

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ru.dll

MD5 6534fdfc9541218c0cc45450ff5cf322
SHA1 e34f0094597907895db8e5460a2177231c4e3c82
SHA256 08fb286a2823fef7a25b8359beef81f6f1ba65de7a9e76ca598612a981e3bc8e
SHA512 4c86efbab153ef7fd06f5283737f1859cf6f10dc3f64d36684ab0cd81d3eb5b2a7ac2fbe6c1ef2f21c3eceb67694560894e162e57dfa1e177a64d67cd8537e52

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_pt-PT.dll

MD5 82ef6ec70333a490acfa9e46680a5d50
SHA1 7dee942e0af205b0d5e65a237fcb571602080d61
SHA256 21193d4beead2b2d43ad2417219018803103b5e0db94273005c0f480c3ef5d73
SHA512 c819ba1f42fbf11e446dcd2e4a51e9f2d607a941d0380768747286d0f8dcc7872fd76669f411a4a61e9e0417aae4e2d6085611abae62777feac6e9a4e1cd6061

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_pt-BR.dll

MD5 9dd85190c1ca43e4ea964f6695f34865
SHA1 f0c597a48312d55a6b820eeea05747b99d815a96
SHA256 ee5403a3ea60d3308d4999e6092aa4ad80fec2a90a701e7ede44f29298c48737
SHA512 3ba6b4143dfd3be9f9f5cf4d80e54f99bc68976f7bb662f97bccc80bc1789494a35fa958921589d65131d5cb1784fd09c48f7bbe940ced165ef4b0dc9afb998b

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_pl.dll

MD5 355fe9ce9db81686db356a30c17212a4
SHA1 6eb7892a5ab482f9f2e4c91dc12700e1e0eeffac
SHA256 5a6d70da9a5ebae1d28d8fa97ec40e40b271d5386648a5d00e28d49fd41a2bb0
SHA512 b76653623bbef763639ab79f75173811962727b677bfd359952224d61a4537f8ec8067ce9281145f1500d68b4133792c1a03beae9708067d3a57bf2138e63d9b

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_no.dll

MD5 9efb18e27e49361b5ca0fe4eebb286b2
SHA1 7e522beabde6ad87aec419f4c26395c64d8382a8
SHA256 3c066ff77d407ad1547372027f0c569ff65b06f1a5e34ed578ab9e6b87ce4876
SHA512 5c034c37801cea6fa3219d24f81b62bd416e4ce2e9102285be34ade76d80ed0229d7951c8b4626e2aa602991a8ba5424c2409a50f9dc8909d335a84d6bccc52b

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_nl.dll

MD5 092df8fbd33220a72d1a81745cd61722
SHA1 16ee50224dc792a144dd8445c1b1017f0b22d252
SHA256 001666ead47d5efa71ccfa9818269e137f0c4ad90f32d758a9e6d9bc4560bb9d
SHA512 d2da63cfb76879745de3d2b537673f584bd2f28fca9582a8476f78b69ae0caa156085b61c33f03737748b942a1196ec0f1a4628766ad85ad6de60c6d68cb5ea2

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ml.dll

MD5 1a68c9a98363c381f08922f560250758
SHA1 5c8fab19a6fce550c541ddae84c1ed1eeb1d9a8f
SHA256 2a308897298977866c0199c137f679773ed63ed703b1286d07cf0e1de45225f1
SHA512 c22490c4660ba897c34eaf2f1681b9ef713bb8da72969db4a462ec8f639eef1a3403a7cbafe8f86906d69a4c716e8d638caf89aa9911996d1d1600b0659bce07

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_lv.dll

MD5 dd5164441187cd34cf6b4571ad06b02f
SHA1 12acf5a1184c074ef04b52f2e855866b815fe61f
SHA256 df49a28d88b5a20f2bd26fe17fd049a04baa5c27c0c9d96203335c4ee52d4413
SHA512 c1bb517c682f211f6894c06810bf13079dabbc1912d8f6932746c0dc774b1ad836c21cb2e7f19f7575eb4ba989644f7806f13fca2653dab7b44960a567788a57

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_lt.dll

MD5 979ddd15d4625f2d9442308ac23b093e
SHA1 41bdaf8e7930a788e72b2e8d812d3ad8cc9614d9
SHA256 546ec90e214472e91048428924aea9853eb1a0baea8fca9af87f5b4640440078
SHA512 148e0c38279d1ae560713fa4c0f2bf1c0245b6971d71d7b4a2cf44c4d512ad1fc8a9cb33ce7554f4a4855cc0ef319c6e72784cb2c4b87b324990ba945c31ef9f

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ko.dll

MD5 5c8d844a20331d1753b38babc1ec567e
SHA1 ebf130fb8c1550d329aa2eb008780c2a8a69dc06
SHA256 2da70429e0e6b931da700861a2c0b416d9420c3973531edef460079fd2d95c8d
SHA512 0a27588c7f5791940ac4d8946533a1572d70f8c4fbdf0ce35a3c15a3ae56d77d2094b2b2c1ed4090bfad4ce11488d616d5bedfe6dc62ba32ab33714abce8ec65

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_kn.dll

MD5 78ba7d33500cfa4639519609f7cedec8
SHA1 9b0d9c945917d61f8a0caf2c3e11d0cb2c7e6c7f
SHA256 6c8c7692fcce08684ead91e0a68c09121e46e45c1aa5d30aa9342d9ff099a3e8
SHA512 f3e7acbaaee401a2a3b0a68db88fbf6fb620940cfe2891d822f38ef18ee5739d0ce66d5f440eb8ccc1d336ac5a406bb668ca20eba9fb494c0adff3bde8c73d96

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ja.dll

MD5 56c037987597e28377c43df3fd64a2a0
SHA1 1e769ef90a0c8c5bf3c4a6d4e4ff5897a4e1ab84
SHA256 d158b0a602fafda9a117ad6065ecab3f02159ec1055adbac8979b311db83e1c7
SHA512 b2982807011cc473842aa89aa425fcc504d91072e384246122ebdc33b56ecafe16b746cf5206d2686412f90ee663b1545565cc050dda600295aa8bb4fa0f6828

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_iw.dll

MD5 7c89d57d66e73d8f09ebafa1733e61c2
SHA1 d2cdf93717da261437a841dc7bea321dda20736a
SHA256 936ca4058d17ceff0ad72ffd721ec87e76a7df8066fb10110a8ae7bf311d5c27
SHA512 205eae74837c601e459ba5d7a994f3ba76b279ca67ffc8d694d9b75baf72bedaf72f18443417010c19fd3c97560aa7c1284b319a738afea5a2402d7763fb1674

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_it.dll

MD5 49a37b39ed5f6fc7f8ed271afb7b4b00
SHA1 e688384442cf0c87d95afe2dd4ac9219e2ac6862
SHA256 d6a2194ed9fc11cf4ee229d6282225e732594c345b3a948d78e1e25287e2bb92
SHA512 d75608306a0b44a1a6c8264804fc77dda034a83a2e1198a982a388b99e595687aa2b1c34d49f4ebc92b05f4932319eb0f66caa5d749e1a8f0b33b51a379367aa

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_is.dll

MD5 d9bd75ad7a3a353cee9c40044ce5b794
SHA1 5cfae92b010c7f15c0de3faa2d556501077eba6c
SHA256 569ae0a08a78a956848b5a468247a02a0a0917657de3dfd17ebd67cfc929f38d
SHA512 256c11f9c5adc1efb11a3eb0807226afe72bdf02e6657104001b11c12961accd2e9ce4b7c6f8ec8dc577f8b25d6049f18f143786f2b9b5b2b9b6f14bb480b7ee

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_id.dll

MD5 e8706af39491f7a579a4a03d7e97ee86
SHA1 2f0cb0de6a34f368803003bc33f260137741d525
SHA256 15dbad35e7fa0dcf3ac2f08adbfb56981e3365f91d801c71f913fc0ab7c4cb52
SHA512 b3544f99cbfd0dec7bd2b9169364cb2daac8aa388f24f27862de71e4bcf40a24ae42900510aad30cdcfddd0594b62083ce67c9b573c8fe3a3055873ffab7297a

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_hu.dll

MD5 5601a611f2801a57025ac0f6725ce7e3
SHA1 bd2f8d12a70b19546adfd22fe6a590a4274d2669
SHA256 bd765a07250856c9ecb5a8319f04b9bdf4d2251827324ab5066b3d731b18ac18
SHA512 41ea26924ebf780e5d91ff8e5383d31b04076197b43ba964860556484b845e0590bf4cd805876cafb7cfb3082002cb35454bfc34c55e17113d9778a73182bc38

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_hr.dll

MD5 b9114cc4de1128c5156e3afc7f8123f0
SHA1 ff0fe96553ade4200d68305dd2e694dc91a2995d
SHA256 2846c112a3f0a3c6b050fbac7ea96dd3733f117068a5cccc8b6cf16ede9d4c47
SHA512 3bb6519556cef59d91ad92e11987ae6a36c9436cee5fe79b2a08b24fbbc04207c1114d466c0dc05f63221b368cd13b818b0c87188feb2511716a2ad75675a478

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_hi.dll

MD5 8d62d3b71591fcb40f59b6d0f651614d
SHA1 2c7b1831cead9e2acb85cebaf1c2c53784476f38
SHA256 ad368ca65db3e0a9417634d6bd2ac81c38858f875c1cdc6d641c2389b99d5a59
SHA512 9ad0a199148eb21927c1ee3976fde7be2968063955b1a5526fe18b62bc12c3b4d6e2d7dad7b5b1e8f76937733ae4a38289a32bcebfe60ab50f0f80648ce80711

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_gu.dll

MD5 9acb142c6097bef9a56847eaff078a5c
SHA1 d69d206d06dcf09b46b0e8bb47c177cb2a5bd8e6
SHA256 125b6ee3b4fee064eabc9baf671a366e4e88f68c97e582972cf741d914284628
SHA512 49f06023c4c70b75aabb81b586114704bc905480f4c0978e8d4315c232ea0b5d7d9545b7d02a9b24b71f72b066e926839908e2ace1ccf245716e6ef2fcf1193c

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fr.dll

MD5 048033bd00459d6a545744ba1d46ab45
SHA1 1f9cb02b84da6b603b8be9a717f4ae3f32cb3f4a
SHA256 52099330cdfdb45b04db7bc0b2003762906afdca4ce16e7a33f0b4f7aebefe7b
SHA512 66a676c37e03dd326777534aba889410a6ecf43e17a5f5736415a5be179d4f8aefd626a1f28b4869d3dd17a296b04eaa88d20c90796f9a9cfc3899007a08748c

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fil.dll

MD5 b039877936c8bc88efd93656e8e2fc3a
SHA1 b27e928267e2b7085e45cf6f450ba8bcc0af66e2
SHA256 7ffa28c0273c63aad16d3ac3419144f5bb8ce3484be73c45130927aa3ada6e43
SHA512 26992d60966d56b64b0ca2047f9149bbac8e6522d14ac2a9b2a4e57d5991f26a050e02fcb475243f0787221fc2307d5523f2c33b6abc3f6c7aa5daa1938f67f3

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fi.dll

MD5 0ff6b7be8cceae26bd9ade3914b987c3
SHA1 6bb771e7c844ca501cbd1a05c0c19bb2078a784b
SHA256 52e75123d0c6ca6904a613aebef15dc9e662a7296089923ea690b4e627e5cbe9
SHA512 98e13a07d13691eb113ae63eff36c7c9041582ddfffb26f3918c0e87f484315930a0e924868c83dab46349bc09dddcb5bf0ae7a01155d9b1e2d90aba5ac4834b

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_fa.dll

MD5 66e75aac042e5776513c1a20f360df78
SHA1 2916825a831048eae55402371591221be27eba3b
SHA256 2528329f2177422671714b67c9d292e681791c26e6fca8d3e99d92434f23d686
SHA512 6985d5004b6e919b7977c608be044004d2c1aafe1f855dd4b47dedb2f3a22cb04608df2c6079480b7cb3d08f8605c8aad1b3279c78482afd44280db143508839

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_et.dll

MD5 6d9e77d00e750d6c56784bd03dfe7137
SHA1 e0c8e15adfb6b3efdc2eb1f7f3fbf5301d185ee6
SHA256 feececd2144da0f8d7006695f2e915fef34b1cf1c00c867e2a08cf8d9e5b5bc5
SHA512 8082e6bbf590212cdfd5b844557b66702e60220cd02d5850fb821a4a6527d4d5e82f1fa7595fab01f76090e8992ebab92de614205db4413ffb6bc48c9c10f185

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_es-419.dll

MD5 4a28036303c7f36827a757d0950669b1
SHA1 af5fa8d2dbbd8f8bdac508f187731cf33ff8b960
SHA256 0047475c9353a570604d437d8985cebc7230b26f010ef30f4176f93f0c2361b4
SHA512 b5eaf77b729142abc233974c3900c39cd75fd2252e8ed49059bfe607d2b1c74b28f347b86793aa8e5a12c87701bfce8e9c87d34e262df7be559ecbd0f56e9c0f

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_cs.dll

MD5 8041b1db1f5a00dc1a617f02d9cd9744
SHA1 963bb4e81134089d12b26ad1631bb0825e9b8fa3
SHA256 c823d54a7777e3cb0ff2bbec829833f0ad5bfbe58290af02e0f85a877db50fb7
SHA512 bfa81a184e2985e2755c941137562c40ad4903a9b883f84471ff10636c363be909db0044bb4320c1fb615303ee375d64675a894abe08414ff1c0a5da0e22d450

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_ca.dll

MD5 ba783ac59839551280618c83c760d583
SHA1 53d1d10955e322a6135b047eecd88a4815f9b6da
SHA256 c2d15f8da32907d8cea1aaa0d51f16bc692a74141fdace43a84c78647433a086
SHA512 a635d52c20164a02dc3fc4ddb961bf36177014e0cb27e50588013a0e9f3787194de3c9da160672b62b25eb94ddcea366bcaa44b6bfa593da77c97aba48f8a50b

memory/2384-89-0x0000000000360000-0x0000000000361000-memory.dmp

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\goopdateres_am.dll

MD5 46f8834dd275c0c165d4e57e0f074310
SHA1 7acbfb7e88e9e29e2dc45083f94a95a409f03109
SHA256 91ac6c9686d339baa0056b1260f4fd1394ce965b1957aa485e83ae73492f46b5
SHA512 b615fe41b226273693da423969a834b72c5148f5438e7a782d39191ad3013e2abfa10d651fa2ded878abb118e31831dc7dec51729b3235cebb2b5d7f3ba2ade1

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleUpdateComRegisterShell64.exe

MD5 0fe3644c905d5547b3a855b2dc3db469
SHA1 80b38b7860a341f049f03bd5a61782ff7468eac7
SHA256 7d5c0ed6617dbc1b78d2994a6e5bbda474b5f4814d4a34d41f844ce9a3a4eb66
SHA512 e2cf9e61c290599f8f92214fae67cce23206a907c0ab27a25be5d70f05d610a326395900b8ed8ed54f9ecbddfd1b890f10280d00dbcdad72e0272d23f0db1e53

C:\Program Files (x86)\Google\Temp\GUM1E0D.tmp\GoogleCrashHandler64.exe

MD5 dae993327723122c9288504a62e9f082
SHA1 153427b6b0a5628360472f9ab0855a8a93855f57
SHA256 38903dec79d41abda6fb7750b48a31ffca418b3eab19395a0a5d75d8a9204ee7
SHA512 517fc9eaf5bf193e984eee4b739b62df280d39cd7b6749bec61d85087cc36bb942b1ebaed73e4a4a6e9fa3c85a162f7214d41ea25b862a4cf853e1129c10293d

memory/1716-281-0x00000000000E0000-0x00000000000E1000-memory.dmp

C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\109.0.5414.120\109.0.5414.120_chrome_installer.exe

MD5 f2009c81f52c13c3876cb72339f9d225
SHA1 ab09d7e36df282897e9c8cd7e2402d70cb783956
SHA256 adc1a5953f2a7cb0ea42e02cf0a55787494b852ae575b24eca4cdb48d93853d1
SHA512 c511316e5ff0e07c6717cc1f500fe0aae74d0214d2466fadfef7acc6802a4510ca28f0145b2d7beddc36911d9336d8fed3eb9b660bcad92d23fa0625a6c3d7b6

C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\setup.exe

MD5 b42b8ac29ee0a9c3401ac4e7e186282d
SHA1 69dfb1dd33cf845a1358d862eebc4affe7b51223
SHA256 19545e8376807bce8a430c37cab9731e85052103f769dd60a5da3d93ca68c6ec
SHA512 b5269e7392e77a0fa850049ff61e271c5aab90d546945b17a65cc2ea6420432ae56321e1e39cfd97ccdb3dfc37ddbd6ff77907f5685cc2323b8635c8cdb4a84f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\scoped_dir2336_172729638\5af48efe-23a3-441f-bcc1-dbbb4257d314.tmp

MD5 541f52e24fe1ef9f8e12377a6ccae0c0
SHA1 189898bb2dcae7d5a6057bc2d98b8b450afaebb6
SHA256 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82
SHA512 d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Temp\scoped_dir2336_172729638\CRX_INSTALL\_locales\en\messages.json

MD5 dbedf86fa9afb3a23dbb126674f166d2
SHA1 5628affbcf6f897b9d7fd9c17deb9aa75036f1cc
SHA256 c0945dd5fdecab40c45361bec068d1996e6ae01196dce524266d740808f753fe
SHA512 931d7ba6da84d4bb073815540f35126f2f035a71bfe460f3ccaed25ad7c1b1792ab36cd7207b99fddf5eaf8872250b54a8958cf5827608f0640e8aafe11e0071

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8436dac6a419a2a16409ee2d9dd33cd8
SHA1 9a42b9c4692e3eb8b3e8878f03c15fda610cc58a
SHA256 903b06a9527d39aabfc460f2a536c9d6f50f04e043fec2375ea0f83915d45b37
SHA512 c16ccec5dadba8cd075c26b5929bedf7e01bf13cb9989ef42eb91e84d00b54605cd5b33826a775b3f5e961ef9343d272ff404c82721e731562d7b84f0db37731

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1675a0e2e9b76e7c7881849c6f208225
SHA1 6cca050980b399f112d810ee6349986edf341bff
SHA256 df5a27ba90267939af751726045214f6a0f0979f254866af88af9ff3af76be2c
SHA512 13ab74aac0dd836bd2fac43e010e7ec4a655bd44e5b1399893f500b505455a2fb98b649c80ad912a3462feb646b3ccd24e4d1c02e879f5e8123dec0c859befa1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6aac5afe4cef73834a7845aee7a1ddbf
SHA1 c4038e8786b86ccbe0fc3e63f49bd8bfd47578f1
SHA256 3de31f3a9adbfedc7d175179bb77d9485889c7f7165c653de5fc21417463069d
SHA512 a2bf9cde13b6e244580f29683072b3edafb63092941b76be305bcac936669f2b0fb37c4a2494e75bdf5a97c1bab9d1107f1797dc3ae4b15663f0995815178979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b65976358401ea37b152d84c1ab8c704
SHA1 fbf05ca014a204f36dc0e8f0dde7f7c1bdff7c66
SHA256 8598a3c603ded3922be94859d36ceb604f1c7e9df25fbf7d8566ab28cc07d474
SHA512 082a3cc37b5b77c83ac0203681c9496b9fca04139bc676efbaf9dfe42887f6fb96770b8c35829b27955a891331e5036b007e9c4ca7648ce3ebf0ca86c163df77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\905af96b-ccbe-496d-8d81-ba6dadfa7ca7.tmp

MD5 1300171aef7f54b85cb3fd488eb33ecd
SHA1 f8731f978159868656cf732a3e57a6883ce7a613
SHA256 b87994647dc0b0ae885e654f290ec22a51dea7d33922983bc744d72bd4ef452c
SHA512 0ce26c69b7deaf5ee966ecc240a4dd88a90ebbf509ec7da0c43fb394f403fbd0f57312d4a5093efe12f062d7e5f575a49a421b7c68a65b8cde48b8e43754b6ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce1dccc51f61d6545c04269e45ea3391
SHA1 32df544d06427ea18981a2e48c64543a85f65889
SHA256 1858458d410feb99a60963402bc230d1637586dcdba00f1b3af6781a9c0f79ed
SHA512 ce27227ead01cbcd0bad3c8eae03672b662ba698b0dc58db401b78e00c932b7e61cd9474da7870aa86f5ae8d89e7b42f2556052cfffd6a221246408604374e89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 cda68ffa26095220a82ae0a7eaea5f57
SHA1 e892d887688790ddd8f0594607b539fc6baa9e40
SHA256 f9db7dd5930be2a5c8b4f545a361d51ed9c38e56bd3957650a3f8dbdf9c547fb
SHA512 84c8b0a4f78d8f3797dedf13e833280e6b968b7aeb2c5479211f1ff0b0ba8d3c12e8ab71a89ed128387818e05e335e8b9280a49f1dc775bd090a6114644aaf62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\fa78998e-5ced-40e2-909d-158b65e35566.tmp

MD5 673a1dbaa8c10d776b91dda74d9bac62
SHA1 0b6fd399f9a297969492922c4cfcc560e54f256c
SHA256 d3d503c6730dc12670ff5f1f218c15328a099992ccbfc884e5627ff95a8e9217
SHA512 5f72984ce8933a6898221c8da7d1cd3ef3ee700ebfa212c6bb12ec3561a6c9d7cf12689f09dec168e00bb0301f281f7e1f91e537a5afbb7e2951242082654454

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 718fa86448d8d8cd2db3490df44db433
SHA1 fcf9e25d372039eade58c302201735ba0929342f
SHA256 9b145ee51b15a351592350cb77287e2ee95a74e833337597f9dca6924a75ef4a
SHA512 cd07b08c4f1c3a98b4d835b6e20e5ed4a3c56f1ebe4de59fc821ca95d6b425c28aae46ddf7d28f91f236292123bec3b2b4fa5edf30828115a8ceacf5f2181a36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9688eee94ef735a3ca5412d1239d7b04
SHA1 d921abbf53339ded02b8cb3036bd0b38c63c312d
SHA256 6e41f5e7a67b8fddaf3c625bc3ee1a802f562b5ebcf054197cb90306ae3e8ae6
SHA512 589500faa53c305c22dfbc6db60ded0ea8f21ce76ea15622ce8fc5376e1a3e6eba7459667ada27f12cdd84fd9330c9648ef14fb733ab7a42a680166af788e14e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 284f40bca6f3b2381de0dc43b5a987ed
SHA1 ee06eccd19b0cefd98cf0fa462d9809b5f059240
SHA256 c45b9b97e81aa33cc0082087d9d51feb26159563ea84ff32d554d6fdda7c3550
SHA512 54aa9ed1eaa3970a4481bf0d695562641568a0f1c2845399602a451de02613755c805b5f09967d4200637988bcdf7a3baa5fa19f2d31fc47b7d4aacb64036811

memory/284-887-0x0000000000280000-0x0000000000281000-memory.dmp

memory/1476-893-0x0000000000340000-0x0000000000341000-memory.dmp