Malware Analysis Report

2024-11-13 13:42

Sample ID 240515-sjvxfseh8w
Target advbattoexeconverter.exe
SHA256 af09248cb756488850f9e6f9a7a00149005bf47a9b2087b792ff6bd937297ffb
Tags
dcrat discovery evasion infostealer persistence rat spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

af09248cb756488850f9e6f9a7a00149005bf47a9b2087b792ff6bd937297ffb

Threat Level: Known bad

The file advbattoexeconverter.exe was found to be: Known bad.

Malicious Activity Summary

dcrat discovery evasion infostealer persistence rat spyware stealer

DcRat

Process spawned unexpected child process

Modifies WinLogon for persistence

DCRat payload

Disables Task Manager via registry modification

Downloads MZ/PE file

Checks computer location settings

Loads dropped DLL

Reads user/profile data of web browsers

Executes dropped EXE

Adds Run key to start application

Checks installed software on the system

Enumerates connected drives

Checks for any installed AV software in registry

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Unsigned PE

Enumerates processes with tasklist

Checks SCSI registry key(s)

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Delays execution with timeout.exe

Uses Task Scheduler COM API

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies system certificate store

Modifies registry class

Creates scheduled task(s)

Suspicious use of SetWindowsHookEx

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Modifies registry key

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-15 15:09

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-15 15:09

Reported

2024-05-15 15:52

Platform

win10v2004-20240508-en

Max time kernel

2520s

Max time network

2523s

Command Line

"C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe"

Signatures

DcRat

rat infostealer dcrat

Modifies WinLogon for persistence

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\", \"C:\\Serverhost\\taskhostw.exe\", \"C:\\Serverhost\\services.exe\", \"C:\\Users\\Public\\OperaSetup.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\", \"C:\\Serverhost\\taskhostw.exe\", \"C:\\Serverhost\\services.exe\", \"C:\\Users\\Public\\OperaSetup.exe\", \"C:\\Program Files\\dotnet\\swidtag\\wininit.exe\", \"C:\\Serverhost\\System.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\", \"C:\\Serverhost\\taskhostw.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\", \"C:\\Serverhost\\taskhostw.exe\", \"C:\\Serverhost\\services.exe\", \"C:\\Users\\Public\\OperaSetup.exe\", \"C:\\Program Files\\dotnet\\swidtag\\wininit.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "explorer.exe, \"C:\\Serverhost\\winlogon.exe\", \"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\", \"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\", \"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\", \"C:\\Recovery\\WindowsRE\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Serverhost\\chrome.exe\", \"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\", \"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\", \"C:\\Serverhost\\csrss.exe\", \"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\", \"C:\\Serverhost\\taskhostw.exe\", \"C:\\Serverhost\\services.exe\"" C:\Serverhost\blockcom.exe N/A

Process spawned unexpected child process

Description Indicator Process Target
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe
Parent C:\Windows\system32\wbem\wmiprvse.exe is not expected to spawn this process N/A C:\Windows\system32\schtasks.exe

DCRat payload

rat
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Disables Task Manager via registry modification

evasion

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\installer_29374.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Dupper (2).cmd N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Windows\SysWOW64\WScript.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Serverhost\blockcom.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\Control Panel\International\Geo\Nation C:\Serverhost\blockcom.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\installer_29374.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\Assistant_110.0.5130.23_Setup.exe_sfx.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\Dupper (2).cmd N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\winlogon.exe N/A
N/A N/A C:\Users\Public\OperaSetup.exe N/A
N/A N/A C:\Serverhost\System.exe N/A
N/A N/A C:\Program Files\dotnet\swidtag\wininit.exe N/A
N/A N/A C:\Recovery\WindowsRE\fontdrvhost.exe N/A
N/A N/A C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe N/A
N/A N/A C:\Serverhost\csrss.exe N/A
N/A N/A C:\Serverhost\winlogon.exe N/A
N/A N/A C:\Users\Public\OperaSetup.exe N/A
N/A N/A C:\Serverhost\System.exe N/A
N/A N/A C:\Serverhost\chrome.exe N/A
N/A N/A C:\Program Files\dotnet\swidtag\wininit.exe N/A
N/A N/A C:\Recovery\WindowsRE\fontdrvhost.exe N/A
N/A N/A C:\Windows\IME\uk-UA\SppExtComObj.exe N/A
N/A N/A C:\Program Files\Common Files\Services\unsecapp.exe N/A
N/A N/A C:\Serverhost\taskhostw.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\winlogon.exe N/A
N/A N/A C:\Users\Public\OperaSetup.exe N/A
N/A N/A C:\Serverhost\System.exe N/A
N/A N/A C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe N/A
N/A N/A C:\Serverhost\csrss.exe N/A
N/A N/A C:\Program Files\dotnet\swidtag\wininit.exe N/A
N/A N/A C:\Recovery\WindowsRE\fontdrvhost.exe N/A
N/A N/A C:\Serverhost\winlogon.exe N/A
N/A N/A C:\Users\Public\OperaSetup.exe N/A
N/A N/A C:\Serverhost\System.exe N/A
N/A N/A C:\Serverhost\chrome.exe N/A
N/A N/A C:\Program Files\dotnet\swidtag\wininit.exe N/A
N/A N/A C:\Recovery\WindowsRE\fontdrvhost.exe N/A
N/A N/A C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe N/A
N/A N/A C:\Serverhost\csrss.exe N/A
N/A N/A C:\Serverhost\winlogon.exe N/A
N/A N/A C:\Users\Public\OperaSetup.exe N/A
N/A N/A C:\Serverhost\System.exe N/A
N/A N/A C:\Windows\IME\uk-UA\SppExtComObj.exe N/A
N/A N/A C:\Program Files\Common Files\Services\unsecapp.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SppExtComObj = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SppExtComObj = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate_bk\\Download\\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dllhost = "\"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OperaSetup = "\"C:\\Users\\Public\\OperaSetup.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System = "\"C:\\Serverhost\\System.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontdrvhost = "\"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon = "\"C:\\Serverhost\\winlogon.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Serverhost\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\services = "\"C:\\Serverhost\\services.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\taskhostw = "\"C:\\Serverhost\\taskhostw.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\unsecapp = "\"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SppExtComObj = "\"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wininit = "\"C:\\Program Files\\dotnet\\swidtag\\wininit.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System = "\"C:\\Serverhost\\System.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Recovery\\WindowsRE\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SppExtComObj = "\"C:\\Windows\\IME\\uk-UA\\SppExtComObj.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon = "\"C:\\Serverhost\\winlogon.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\unsecapp = "\"C:\\Program Files\\Common Files\\Services\\unsecapp.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wininit = "\"C:\\Program Files\\dotnet\\swidtag\\wininit.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Serverhost\\csrss.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\services = "\"C:\\Serverhost\\services.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Recovery\\WindowsRE\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Serverhost\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dllhost = "\"C:\\Windows\\assembly\\NativeImages_v4.0.30319_64\\dllhost.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Serverhost\\csrss.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\taskhostw = "\"C:\\Serverhost\\taskhostw.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OperaSetup = "\"C:\\Users\\Public\\OperaSetup.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chrome = "\"C:\\Program Files (x86)\\WindowsPowerShell\\Configuration\\Registration\\chrome.exe\"" C:\Serverhost\blockcom.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontdrvhost = "\"C:\\Recovery\\WindowsRE\\fontdrvhost.exe\"" C:\Serverhost\blockcom.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\AVG\AV C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVG\AV\Dir C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVG\AV C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast\Version C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast\Version C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVG\AV\Dir C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avast Software\Avast C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\gpedit.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy\gpt.ini C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\system32\gpedit.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy\gpt.ini C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy\gpt.ini C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\system32\gpedit.msc C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\System32\GroupPolicy C:\Windows\system32\mmc.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\e1ef82546f0b02 C:\Serverhost\blockcom.exe N/A
File opened for modification C:\Program Files (x86)\Advanced BAT to EXE Converter v4.61\uninstall.ini C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe N/A
File created C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\chrome.exe C:\Serverhost\blockcom.exe N/A
File created C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\7a73b78f679a6f C:\Serverhost\blockcom.exe N/A
File created C:\Program Files\Common Files\Services\29c1c3cc0f7685 C:\Serverhost\blockcom.exe N/A
File created C:\Program Files\Common Files\Services\unsecapp.exe C:\Serverhost\blockcom.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\SppExtComObj.exe C:\Serverhost\blockcom.exe N/A
File created C:\Program Files\dotnet\swidtag\wininit.exe C:\Serverhost\blockcom.exe N/A
File created C:\Program Files\dotnet\swidtag\56085415360792 C:\Serverhost\blockcom.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe C:\Serverhost\blockcom.exe N/A
File created C:\Windows\assembly\NativeImages_v4.0.30319_64\5940a34987c991 C:\Serverhost\blockcom.exe N/A
File created C:\Windows\IME\uk-UA\SppExtComObj.exe C:\Serverhost\blockcom.exe N/A
File created C:\Windows\IME\uk-UA\e1ef82546f0b02 C:\Serverhost\blockcom.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A

Creates scheduled task(s)

persistence
Description Indicator Process Target
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A
N/A N/A C:\Windows\system32\schtasks.exe N/A

Delays execution with timeout.exe

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\timeout.exe N/A

Enumerates processes with tasklist

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133602594179371824" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3558294865-3673844354-2255444939-1000\{3BAAEB13-D452-407C-9329-7197BB0BEFAC} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 14002e8005398e082303024b98265d99428e115f0000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3558294865-3673844354-2255444939-1000\{51E21470-E40C-4397-B3E1-E608B8917928} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings C:\Serverhost\blockcom.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings C:\Users\Admin\Downloads\Dupper (2).cmd N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe100000004f9a47b432a1da01850d6bf13ca1da0113d9c586dba6da0114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3558294865-3673844354-2255444939-1000_Classes\Local Settings C:\Windows\system32\taskmgr.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A
N/A N/A C:\Windows\system32\reg.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\blockcom.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Serverhost\services.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4052 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4052 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3172 wrote to memory of 4840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe

"C:\Users\Admin\AppData\Local\Temp\advbattoexeconverter.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff6dc7ab58,0x7fff6dc7ab68,0x7fff6dc7ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2248 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3036 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4260 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4444 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4660 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3192 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4740 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4784 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4228 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4728 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4920 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5112 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5232 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5316 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5244 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2fc 0x2ec

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4616 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5776 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5208 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6040 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2336 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6024 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5628 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5680 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4812 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5632 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5908 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4620 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5704 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5000 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6040 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6480 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6504 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6492 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6164 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6492 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6552 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe

"C:\Users\Admin\Downloads\Andy_47.260_1096_26_x64.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6968 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7056 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5572 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5632 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6328 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6696 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5616 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=5884 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1568 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=5580 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6996 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5940 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6272 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=6584 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=4844 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2340 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6048 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=5256 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=4568 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=1112 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6728 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5936 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=5480 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=5576 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=5904 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6856 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5732 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=7148 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=6904 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=4796 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7128 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1664 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=6864 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=5728 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=7152 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=5204 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=4888 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=5428 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6316 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7016 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5896 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4312 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Users\Admin\Downloads\installer_29374.exe

"C:\Users\Admin\Downloads\installer_29374.exe"

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe

"C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe" --silent --allusers=0

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=110.0.5130.23 --initial-client-data=0x2a0,0x2a4,0x2a8,0x29c,0x2ac,0x6cfcb288,0x6cfcb294,0x6cfcb2a0

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\OperaSetup.exe" --version

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe

"C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=1872 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20240515152014" --session-guid=4d1dcdd4-a964-43a4-ace7-6975c5d05bde --server-tracking-blob="MDA3Njg5NmVhNDc3MmJmMDg0MjAyMDlhODAxYjg4MDRmYWU4OTIwOTJiNjY0YjU2ZjZkNDhjMzk3Yzc1MGQ1ZTp7ImNvdW50cnkiOiJHQiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGU/dXRtX21lZGl1bT1hcGImdXRtX3NvdXJjZT1PRlQmdXRtX2NhbXBhaWduPTEwMDEmdXRtX2NvbnRlbnQ9MjkzNzQiLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MTU3ODY0MTEuNDUwNCIsInV0bSI6eyJjYW1wYWlnbiI6IjEwMDEiLCJjb250ZW50IjoiMjkzNzQiLCJtZWRpdW0iOiJhcGIiLCJzb3VyY2UiOiJPRlQifSwidXVpZCI6IjZhMzc0YjU0LWNiNmItNDlhMC1iZGQ1LTBkOTBlYzFlYWU4ZCJ9 " --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=6C05000000000000

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=110.0.5130.23 --initial-client-data=0x2ac,0x2b0,0x2b4,0x27c,0x2b8,0x6c43b288,0x6c43b294,0x6c43b2a0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=5888 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=6480 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=6768 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=1680 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\Assistant_110.0.5130.23_Setup.exe_sfx.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\Assistant_110.0.5130.23_Setup.exe_sfx.exe"

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe" --version

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=110.0.5130.23 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x1e30e8,0x1e30f4,0x1e3100

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=6472 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=6272 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5880 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Dupper (2).cmd

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=6608 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=5076 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1796 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3936 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=2492 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=1796 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=5732 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6940 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6760 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6528 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=2504 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=7432 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7444 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7476 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=7332 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Users\Admin\Downloads\Dupper (2).cmd

"C:\Users\Admin\Downloads\Dupper (2).cmd"

C:\Windows\SysWOW64\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Serverhost\dPTDnD85kThG8j3rW.vbe"

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Serverhost\54few99r3KxETtS7l.bat" "

C:\Serverhost\blockcom.exe

"C:\Serverhost\blockcom.exe"

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 14 /tr "'C:\Serverhost\winlogon.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "winlogon" /sc ONLOGON /tr "'C:\Serverhost\winlogon.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "winlogonw" /sc MINUTE /mo 5 /tr "'C:\Serverhost\winlogon.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 9 /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\chrome.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chrome" /sc ONLOGON /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 6 /tr "'C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\chrome.exe'" /rl HIGHEST /f

C:\Serverhost\blockcom.exe

"C:\Serverhost\blockcom.exe"

C:\Windows\SysWOW64\reg.exe

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 14 /tr "'C:\Recovery\WindowsRE\fontdrvhost.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "fontdrvhost" /sc ONLOGON /tr "'C:\Recovery\WindowsRE\fontdrvhost.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 6 /tr "'C:\Recovery\WindowsRE\fontdrvhost.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "unsecappu" /sc MINUTE /mo 9 /tr "'C:\Program Files\Common Files\Services\unsecapp.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "unsecapp" /sc ONLOGON /tr "'C:\Program Files\Common Files\Services\unsecapp.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "unsecappu" /sc MINUTE /mo 13 /tr "'C:\Program Files\Common Files\Services\unsecapp.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 6 /tr "'C:\Recovery\WindowsRE\chrome.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chrome" /sc ONLOGON /tr "'C:\Recovery\WindowsRE\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 5 /tr "'C:\Recovery\WindowsRE\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 8 /tr "'C:\Serverhost\chrome.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chrome" /sc ONLOGON /tr "'C:\Serverhost\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 6 /tr "'C:\Serverhost\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 9 /tr "'C:\Serverhost\chrome.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chrome" /sc ONLOGON /tr "'C:\Serverhost\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "chromec" /sc MINUTE /mo 11 /tr "'C:\Serverhost\chrome.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObjS" /sc MINUTE /mo 6 /tr "'C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\SppExtComObj.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObj" /sc ONLOGON /tr "'C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\SppExtComObj.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObjS" /sc MINUTE /mo 14 /tr "'C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\SppExtComObj.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 7 /tr "'C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "dllhost" /sc ONLOGON /tr "'C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "dllhostd" /sc MINUTE /mo 8 /tr "'C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "csrssc" /sc MINUTE /mo 12 /tr "'C:\Serverhost\csrss.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "csrss" /sc ONLOGON /tr "'C:\Serverhost\csrss.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "csrssc" /sc MINUTE /mo 8 /tr "'C:\Serverhost\csrss.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObjS" /sc MINUTE /mo 6 /tr "'C:\Windows\IME\uk-UA\SppExtComObj.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObj" /sc ONLOGON /tr "'C:\Windows\IME\uk-UA\SppExtComObj.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SppExtComObjS" /sc MINUTE /mo 13 /tr "'C:\Windows\IME\uk-UA\SppExtComObj.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "taskhostwt" /sc MINUTE /mo 9 /tr "'C:\Serverhost\taskhostw.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "taskhostw" /sc ONLOGON /tr "'C:\Serverhost\taskhostw.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "taskhostwt" /sc MINUTE /mo 14 /tr "'C:\Serverhost\taskhostw.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "servicess" /sc MINUTE /mo 8 /tr "'C:\Serverhost\services.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "services" /sc ONLOGON /tr "'C:\Serverhost\services.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "servicess" /sc MINUTE /mo 14 /tr "'C:\Serverhost\services.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "OperaSetupO" /sc MINUTE /mo 14 /tr "'C:\Users\Public\OperaSetup.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "OperaSetup" /sc ONLOGON /tr "'C:\Users\Public\OperaSetup.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "OperaSetupO" /sc MINUTE /mo 5 /tr "'C:\Users\Public\OperaSetup.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "wininitw" /sc MINUTE /mo 12 /tr "'C:\Program Files\dotnet\swidtag\wininit.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "wininit" /sc ONLOGON /tr "'C:\Program Files\dotnet\swidtag\wininit.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "wininitw" /sc MINUTE /mo 6 /tr "'C:\Program Files\dotnet\swidtag\wininit.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 10 /tr "'C:\Serverhost\System.exe'" /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "System" /sc ONLOGON /tr "'C:\Serverhost\System.exe'" /rl HIGHEST /f

C:\Windows\system32\schtasks.exe

schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 5 /tr "'C:\Serverhost\System.exe'" /rl HIGHEST /f

C:\Windows\System32\cmd.exe

"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\XkQwtlzQjM.bat"

C:\Windows\system32\w32tm.exe

w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2

C:\Serverhost\services.exe

"C:\Serverhost\services.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=8132 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=8036 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7904 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7868 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=8140 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=6776 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=3068 --field-trial-handle=1884,i,7545686929742689448,12742244536057796961,131072 /prefetch:1

C:\Serverhost\winlogon.exe

C:\Serverhost\winlogon.exe

C:\Users\Public\OperaSetup.exe

C:\Users\Public\OperaSetup.exe

C:\Serverhost\System.exe

C:\Serverhost\System.exe

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" C:\Windows\system32\gpedit.msc

C:\Program Files\dotnet\swidtag\wininit.exe

"C:\Program Files\dotnet\swidtag\wininit.exe"

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\26482e717dc84faf8048568b2a0c48f9 /t 224 /p 4388

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" C:\Windows\system32\gpedit.msc

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\32599001b910465f8e4d763b3438b88a /t 3832 /p 3728

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\system32\gpedit.msc"

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Serverhost\csrss.exe

C:\Serverhost\csrss.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff6dc7ab58,0x7fff6dc7ab68,0x7fff6dc7ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3224 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4484 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4272 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4628 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4948 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x238,0x23c,0x240,0x214,0x244,0x7ff610d3ae48,0x7ff610d3ae58,0x7ff610d3ae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4592 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4112 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3084 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4552 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5240 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5388 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5260 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5368 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2800 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3256 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5324 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5408 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Serverhost\winlogon.exe

C:\Serverhost\winlogon.exe

C:\Users\Public\OperaSetup.exe

C:\Users\Public\OperaSetup.exe

C:\Serverhost\System.exe

C:\Serverhost\System.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5792 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5872 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5880 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5608 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4692 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6072 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6240 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6584 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6560 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6776 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7080 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6796 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6712 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7596 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7732 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7740 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7600 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8168 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8360 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8560 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=8588 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8892 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8720 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9312 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9540 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9476 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9692 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=9876 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10016 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10032 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=10068 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=10616 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9832 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=10860 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=11020 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=11044 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=11280 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=11412 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=11436 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=11460 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=11828 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=11996 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2fc 0x2ec

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=12144 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=12596 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=12608 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=12588 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=12576 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=12572 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=12552 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=13124 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=6292 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=11992 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=13980 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=5836 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=5648 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=5672 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=14308 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=14328 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=13956 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=13692 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=12500 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=13648 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=13512 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=15100 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=15492 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=15108 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=15028 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=8860 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\reg.exe

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9972 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=10428 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Serverhost\chrome.exe

C:\Serverhost\chrome.exe

C:\Program Files\dotnet\swidtag\wininit.exe

"C:\Program Files\dotnet\swidtag\wininit.exe"

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\H2OCleanup.bat""

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "PID eq 2884" /fo csv

C:\Windows\SysWOW64\find.exe

find /I "2884"

C:\Windows\SysWOW64\timeout.exe

timeout 5

C:\Windows\IME\uk-UA\SppExtComObj.exe

C:\Windows\IME\uk-UA\SppExtComObj.exe

C:\Program Files\Common Files\Services\unsecapp.exe

"C:\Program Files\Common Files\Services\unsecapp.exe"

C:\Serverhost\taskhostw.exe

C:\Serverhost\taskhostw.exe

C:\Serverhost\services.exe

C:\Serverhost\services.exe

C:\Serverhost\winlogon.exe

C:\Serverhost\winlogon.exe

C:\Users\Public\OperaSetup.exe

C:\Users\Public\OperaSetup.exe

C:\Serverhost\System.exe

C:\Serverhost\System.exe

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Serverhost\csrss.exe

C:\Serverhost\csrss.exe

C:\Program Files\dotnet\swidtag\wininit.exe

"C:\Program Files\dotnet\swidtag\wininit.exe"

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Serverhost\winlogon.exe

C:\Serverhost\winlogon.exe

C:\Users\Public\OperaSetup.exe

C:\Users\Public\OperaSetup.exe

C:\Serverhost\System.exe

C:\Serverhost\System.exe

C:\Serverhost\chrome.exe

C:\Serverhost\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=3300 --field-trial-handle=1880,i,6925868927387207630,5623831634013031836,131072 /prefetch:1

C:\Program Files\dotnet\swidtag\wininit.exe

"C:\Program Files\dotnet\swidtag\wininit.exe"

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Recovery\WindowsRE\fontdrvhost.exe

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Windows\assembly\NativeImages_v4.0.30319_64\dllhost.exe

C:\Serverhost\csrss.exe

C:\Serverhost\csrss.exe

C:\Serverhost\winlogon.exe

C:\Serverhost\winlogon.exe

C:\Users\Public\OperaSetup.exe

C:\Users\Public\OperaSetup.exe

C:\Serverhost\System.exe

C:\Serverhost\System.exe

C:\Windows\IME\uk-UA\SppExtComObj.exe

C:\Windows\IME\uk-UA\SppExtComObj.exe

C:\Program Files\Common Files\Services\unsecapp.exe

"C:\Program Files\Common Files\Services\unsecapp.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.161:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 161.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
NL 23.62.61.161:443 www.bing.com tcp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com tcp
US 8.8.8.8:53 170.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 142.250.74.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 163.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
FR 142.250.178.142:443 clients2.google.com udp
FR 142.250.178.142:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
FR 142.250.178.142:443 consent.google.com tcp
US 8.8.8.8:53 apis.google.com udp
FR 142.250.75.238:443 apis.google.com udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
FR 142.250.179.110:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 110.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 216.58.214.182:443 i.ytimg.com tcp
FR 216.58.214.182:443 i.ytimg.com tcp
US 8.8.8.8:53 rr4---sn-5hne6nzd.googlevideo.com udp
NL 74.125.100.233:443 rr4---sn-5hne6nzd.googlevideo.com tcp
NL 74.125.100.233:443 rr4---sn-5hne6nzd.googlevideo.com tcp
US 8.8.8.8:53 182.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 233.100.125.74.in-addr.arpa udp
NL 74.125.100.233:443 rr4---sn-5hne6nzd.googlevideo.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
FR 142.250.74.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 rr4---sn-q4flrn7r.googlevideo.com udp
US 209.85.165.105:443 rr4---sn-q4flrn7r.googlevideo.com udp
FR 216.58.214.182:443 i.ytimg.com udp
US 8.8.8.8:53 105.165.85.209.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 172.217.20.170:443 jnn-pa.googleapis.com tcp
FR 172.217.20.170:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 170.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
FR 142.250.179.97:443 yt3.ggpht.com tcp
FR 142.250.179.97:443 yt3.ggpht.com tcp
FR 142.250.179.97:443 yt3.ggpht.com tcp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com tcp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
FR 216.58.214.174:443 youtube.com tcp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.youtube.com udp
FR 216.58.215.46:443 consent.youtube.com tcp
US 8.8.8.8:53 17.143.109.104.in-addr.arpa udp
US 8.8.8.8:53 46.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 rr5---sn-5hne6nzk.googlevideo.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com tcp
NL 172.217.132.138:443 rr5---sn-5hne6nzk.googlevideo.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 138.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 65.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr3---sn-t0a7ln7d.googlevideo.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.doubleclick.net udp
FR 172.217.20.198:443 static.doubleclick.net tcp
US 8.8.8.8:53 198.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
FR 142.250.74.225:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 225.74.250.142.in-addr.arpa udp
FR 216.58.214.174:443 youtube.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 yt3.googleusercontent.com udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
FR 142.250.178.132:443 www.google.com udp
FR 142.250.179.110:443 www.youtube.com udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
FR 172.217.20.198:443 static.doubleclick.net udp
FR 172.217.20.170:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 sdtfilm.pl udp
US 172.67.129.6:443 sdtfilm.pl tcp
US 172.67.129.6:443 sdtfilm.pl tcp
US 8.8.8.8:53 6.129.67.172.in-addr.arpa udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 172.67.129.6:443 sdtfilm.pl udp
US 8.8.8.8:53 google.com udp
FR 172.217.18.206:443 google.com tcp
US 8.8.8.8:53 e2c75.gcp.gvt2.com udp
QA 34.1.37.11:443 e2c75.gcp.gvt2.com tcp
US 8.8.8.8:53 11.37.1.34.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 45.19.74.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
FR 172.217.18.206:443 google.com udp
US 8.8.8.8:53 id.google.com udp
FR 142.250.179.67:443 id.google.com tcp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 67.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
FR 142.250.179.67:443 id.google.com udp
US 8.8.8.8:53 play.google.com udp
FR 172.217.20.170:443 jnn-pa.googleapis.com udp
FR 142.250.178.142:443 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 17.173.189.20.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.67:443 id.google.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 172.217.20.170:443 jnn-pa.googleapis.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.andyroid.net udp
US 54.237.101.61:443 www.andyroid.net tcp
US 54.237.101.61:443 www.andyroid.net tcp
US 8.8.8.8:53 c0.wp.com udp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 192.0.77.37:443 c0.wp.com tcp
US 8.8.8.8:53 61.101.237.54.in-addr.arpa udp
US 8.8.8.8:53 37.77.0.192.in-addr.arpa udp
US 192.0.77.37:443 c0.wp.com udp
US 8.8.8.8:53 i2.wp.com udp
US 8.8.8.8:53 i1.wp.com udp
US 8.8.8.8:53 i0.wp.com udp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 8.8.8.8:53 s.w.org udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 v0.wordpress.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 2.77.0.192.in-addr.arpa udp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.167.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.co.uk udp
BE 64.233.167.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 8.8.8.8:53 206.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 168.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 155.167.233.64.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 pixel.wp.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 192.0.77.2:443 i0.wp.com udp
US 192.0.77.2:443 i0.wp.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com tcp
FR 216.58.215.35:443 beacons3.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 35.215.58.216.in-addr.arpa udp
US 192.0.76.3:443 pixel.wp.com udp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.10:443 bit.ly tcp
US 67.199.248.10:443 bit.ly tcp
US 8.8.8.8:53 sdl.adaware.com udp
US 104.16.212.94:443 sdl.adaware.com tcp
US 8.8.8.8:53 10.248.199.67.in-addr.arpa udp
US 8.8.8.8:53 94.212.16.104.in-addr.arpa udp
FR 172.217.18.206:443 encrypted-tbn1.gstatic.com udp
US 54.237.101.61:80 www.andyroid.net tcp
US 8.8.8.8:53 cse.google.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 172.217.20.198:443 static.doubleclick.net udp
US 8.8.8.8:53 yt3.ggpht.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 192.18.21.2.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 flow.lavasoft.com udp
US 104.16.149.130:443 flow.lavasoft.com tcp
US 8.8.8.8:53 130.149.16.104.in-addr.arpa udp
US 8.8.8.8:53 sos.adaware.com udp
US 104.16.213.94:443 sos.adaware.com tcp
US 8.8.8.8:53 94.213.16.104.in-addr.arpa udp
US 104.16.213.94:443 sos.adaware.com tcp
US 104.16.213.94:443 sos.adaware.com tcp
US 8.8.8.8:53 sdl.adaware.com udp
US 104.16.213.94:443 sdl.adaware.com tcp
US 8.8.8.8:53 package.avira.com udp
SE 23.34.233.76:443 package.avira.com tcp
US 8.8.8.8:53 cdn.supernovaprizes.com udp
US 104.21.31.55:443 cdn.supernovaprizes.com tcp
US 8.8.8.8:53 webcf.quickdriverupdater.com udp
NL 18.239.18.28:443 webcf.quickdriverupdater.com tcp
US 104.16.213.94:443 sdl.adaware.com tcp
US 8.8.8.8:53 cdn-download.avgbrowser.com udp
NL 104.109.143.31:443 cdn-download.avgbrowser.com tcp
US 8.8.8.8:53 55.31.21.104.in-addr.arpa udp
US 8.8.8.8:53 28.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 31.143.109.104.in-addr.arpa udp
US 8.8.8.8:53 net.geo.opera.com udp
NL 185.26.182.112:443 net.geo.opera.com tcp
US 8.8.8.8:53 www.freevpn.win udp
US 172.67.141.75:443 www.freevpn.win tcp
US 8.8.8.8:53 bits.avcdn.net udp
DE 184.30.215.79:443 bits.avcdn.net tcp
US 8.8.8.8:53 walliant.com udp
US 104.21.57.77:443 walliant.com tcp
US 8.8.8.8:53 112.182.26.185.in-addr.arpa udp
US 8.8.8.8:53 75.141.67.172.in-addr.arpa udp
US 8.8.8.8:53 79.215.30.184.in-addr.arpa udp
NL 185.26.182.112:443 net.geo.opera.com tcp
US 8.8.8.8:53 download2021.pdf-suite.com udp
US 172.67.158.191:443 download2021.pdf-suite.com tcp
US 8.8.8.8:53 77.57.21.104.in-addr.arpa udp
US 8.8.8.8:53 download.enigmasoftware.com udp
NL 18.239.50.6:443 download.enigmasoftware.com tcp
US 8.8.8.8:53 spyhunter-download-v2.b-cdn.net udp
GB 143.244.38.136:443 spyhunter-download-v2.b-cdn.net tcp
US 8.8.8.8:53 191.158.67.172.in-addr.arpa udp
US 8.8.8.8:53 6.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 dl.andyroid.net udp
US 3.82.80.244:80 dl.andyroid.net tcp
US 8.8.8.8:53 244.80.82.3.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c37.gcp.gvt2.com udp
ID 35.219.111.231:443 e2c37.gcp.gvt2.com tcp
ID 35.219.111.231:443 e2c37.gcp.gvt2.com tcp
US 8.8.8.8:53 231.111.219.35.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 142.250.178.132:443 www.google.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 172.217.18.206:443 encrypted-tbn1.gstatic.com udp
FR 172.217.20.170:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 ww2.best-reviewed-datingsites.com udp
US 172.67.191.225:443 ww2.best-reviewed-datingsites.com tcp
US 8.8.8.8:53 225.191.67.172.in-addr.arpa udp
US 172.67.191.225:443 ww2.best-reviewed-datingsites.com udp
FR 216.58.215.35:443 beacons.gvt2.com udp
FR 172.217.18.206:443 encrypted-tbn1.gstatic.com udp
FR 142.250.179.110:443 www.youtube.com udp
FR 216.58.214.182:443 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
FR 142.250.74.238:443 suggestqueries-clients6.youtube.com tcp
FR 142.250.74.238:443 suggestqueries-clients6.youtube.com udp
FR 142.250.74.238:443 suggestqueries-clients6.youtube.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 238.74.250.142.in-addr.arpa udp
FR 216.58.214.174:443 www.youtube.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr5---sn-5hne6nzs.googlevideo.com udp
NL 74.125.8.106:443 rr5---sn-5hne6nzs.googlevideo.com udp
US 8.8.8.8:53 230.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hnednsz.googlevideo.com udp
NL 74.125.8.232:443 rr3---sn-5hnednsz.googlevideo.com udp
US 8.8.8.8:53 232.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hne6nsy.googlevideo.com udp
NL 172.217.132.106:443 rr5---sn-5hne6nsy.googlevideo.com udp
US 8.8.8.8:53 106.132.217.172.in-addr.arpa udp
FR 142.250.74.225:443 lh5.googleusercontent.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
FR 142.250.178.142:443 www.youtube.com udp
FR 142.250.178.142:443 www.youtube.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
FR 172.217.18.206:443 www.youtube.com udp
US 8.8.8.8:53 rr3---sn-5hne6nsz.googlevideo.com udp
NL 74.125.100.72:443 rr3---sn-5hne6nsz.googlevideo.com udp
US 8.8.8.8:53 72.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6ns6.googlevideo.com udp
NL 209.85.226.105:443 rr4---sn-5hne6ns6.googlevideo.com udp
US 8.8.8.8:53 105.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hnekn7l.googlevideo.com udp
NL 74.125.100.7:443 rr2---sn-5hnekn7l.googlevideo.com udp
US 8.8.8.8:53 7.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hnednsz.googlevideo.com udp
NL 74.125.8.231:443 rr2---sn-5hnednsz.googlevideo.com udp
US 8.8.8.8:53 231.8.125.74.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 rr5---sn-5hnednss.googlevideo.com udp
NL 172.217.132.202:443 rr5---sn-5hnednss.googlevideo.com udp
US 8.8.8.8:53 202.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 mega.nz udp
LU 31.216.145.5:443 mega.nz tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 eu.static.mega.co.nz udp
LU 31.216.145.5:443 mega.nz tcp
FR 172.217.18.202:443 content-autofill.googleapis.com udp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
US 8.8.8.8:53 5.145.216.31.in-addr.arpa udp
US 8.8.8.8:53 202.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 13.127.203.66.in-addr.arpa udp
US 8.8.8.8:53 g.api.mega.co.nz udp
LU 66.203.125.11:443 g.api.mega.co.nz tcp
US 8.8.8.8:53 11.125.203.66.in-addr.arpa udp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
LU 31.216.145.5:443 mega.nz tcp
LU 66.203.125.11:443 g.api.mega.co.nz tcp
US 8.8.8.8:53 rr1---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.166:443 rr1---sn-5hne6n6l.googlevideo.com udp
US 8.8.8.8:53 166.8.125.74.in-addr.arpa udp
NL 74.125.8.166:443 rr1---sn-5hne6n6l.googlevideo.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
NL 209.85.226.105:443 rr4---sn-5hne6ns6.googlevideo.com udp
US 8.8.8.8:53 google.com udp
FR 172.217.18.206:443 google.com udp
US 8.8.8.8:53 rr2---sn-5hne6nzd.googlevideo.com udp
NL 74.125.100.231:443 rr2---sn-5hne6nzd.googlevideo.com udp
US 8.8.8.8:53 231.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.201:443 rr4---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 201.100.125.74.in-addr.arpa udp
FR 216.58.214.182:443 i.ytimg.com udp
US 8.8.8.8:53 lh4.googleusercontent.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
FR 142.250.74.225:443 lh4.googleusercontent.com udp
US 8.8.8.8:53 rr5---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.170:443 rr5---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.170:443 rr5---sn-5hne6n6l.googlevideo.com tcp
US 8.8.8.8:53 170.8.125.74.in-addr.arpa udp
FR 172.217.18.206:443 google.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr3---sn-5hne6nzk.googlevideo.com udp
NL 172.217.132.136:443 rr3---sn-5hne6nzk.googlevideo.com udp
US 8.8.8.8:53 136.132.217.172.in-addr.arpa udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr3---sn-5hnekn7l.googlevideo.com udp
NL 74.125.100.8:443 rr3---sn-5hnekn7l.googlevideo.com udp
US 8.8.8.8:53 8.100.125.74.in-addr.arpa udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
NL 74.125.8.166:443 rr1---sn-5hne6n6l.googlevideo.com udp
NL 209.85.226.105:443 rr4---sn-5hne6ns6.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-5hne6n6e.googlevideo.com udp
NL 172.217.132.230:443 rr1---sn-5hne6n6e.googlevideo.com udp
US 8.8.8.8:53 230.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-5hnekn7s.googlevideo.com udp
NL 74.125.100.38:443 rr1---sn-5hnekn7s.googlevideo.com udp
US 8.8.8.8:53 rr4---sn-5hne6nsk.googlevideo.com udp
NL 172.217.132.41:443 rr4---sn-5hne6nsk.googlevideo.com udp
US 8.8.8.8:53 38.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 41.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
FR 172.217.18.206:443 google.com udp
NL 172.217.132.230:443 rr1---sn-5hne6n6e.googlevideo.com udp
NL 74.125.100.38:443 rr1---sn-5hnekn7s.googlevideo.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
US 8.8.8.8:53 www.google.co.uk udp
FR 172.217.18.206:443 google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 telegra.ph udp
NL 149.154.164.13:443 telegra.ph tcp
NL 149.154.164.13:443 telegra.ph tcp
US 8.8.8.8:53 13.164.154.149.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
NL 172.217.132.230:443 rr1---sn-5hne6n6e.googlevideo.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
FR 172.217.18.206:443 google.com udp
US 8.8.8.8:53 rr4---sn-5hne6nzk.googlevideo.com udp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com udp
US 8.8.8.8:53 137.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hne6nzk.googlevideo.com udp
NL 172.217.132.135:443 rr2---sn-5hne6nzk.googlevideo.com udp
US 8.8.8.8:53 135.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 216.58.214.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 162.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 e2c79.gcp.gvt2.com udp
IN 34.0.0.42:443 e2c79.gcp.gvt2.com tcp
IN 34.0.0.42:443 e2c79.gcp.gvt2.com tcp
US 8.8.8.8:53 42.0.0.34.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hne6nzd.googlevideo.com udp
NL 74.125.100.232:443 rr3---sn-5hne6nzd.googlevideo.com udp
US 8.8.8.8:53 rr4---sn-5hnednsz.googlevideo.com udp
NL 74.125.8.233:443 rr4---sn-5hnednsz.googlevideo.com udp
US 8.8.8.8:53 232.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 233.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 oxy.name udp
US 104.21.70.24:443 oxy.name tcp
US 104.21.70.24:443 oxy.name tcp
US 8.8.8.8:53 oxy.st udp
US 8.8.8.8:53 24.70.21.104.in-addr.arpa udp
RU 185.178.208.137:443 oxy.st tcp
US 8.8.8.8:53 contextual.media.net udp
BE 2.21.16.25:443 contextual.media.net tcp
US 8.8.8.8:53 ads.themoneytizer.com udp
US 8.8.8.8:53 smatr.net udp
US 8.8.8.8:53 cdn.adlook.me udp
US 172.67.43.178:443 ads.themoneytizer.com tcp
US 172.67.43.178:443 ads.themoneytizer.com tcp
NL 88.208.46.222:443 smatr.net tcp
US 8.8.8.8:53 lg3.media.net udp
US 8.8.8.8:53 yastatic.net udp
NL 104.123.44.23:443 lg3.media.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 193.17.93.93:443 cdn.adlook.me tcp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 ced.sascdn.com udp
US 8.8.8.8:53 tag.leadplace.fr udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 adtrack.adleadevent.com udp
US 8.8.8.8:53 p.cpx.to udp
US 2.18.190.81:443 ced.sascdn.com tcp
FR 145.239.193.51:443 tag.leadplace.fr tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
IE 52.30.88.167:443 adtrack.adleadevent.com tcp
DE 91.228.74.166:443 secure.quantserve.com tcp
IE 54.247.148.56:443 p.cpx.to tcp
US 8.8.8.8:53 ogffa.net udp
US 8.8.8.8:53 counter.yadro.ru udp
US 8.8.8.8:53 system-notify.app udp
NL 88.208.46.222:443 ogffa.net tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
DE 23.88.8.125:443 system-notify.app tcp
FR 172.217.18.202:443 content-autofill.googleapis.com udp
US 2.18.190.81:443 ced.sascdn.com tcp
US 8.8.8.8:53 rules.quantcount.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 match.adsrvr.org udp
NL 185.89.210.82:443 ib.adnxs.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 ads.adlook.me udp
NL 18.239.50.97:443 rules.quantcount.com tcp
RU 5.200.43.131:443 ads.adlook.me tcp
US 8.8.8.8:53 137.208.178.185.in-addr.arpa udp
US 8.8.8.8:53 25.16.21.2.in-addr.arpa udp
US 8.8.8.8:53 178.43.67.172.in-addr.arpa udp
US 8.8.8.8:53 222.46.208.88.in-addr.arpa udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 215.131.154.178.in-addr.arpa udp
US 8.8.8.8:53 23.44.123.104.in-addr.arpa udp
US 8.8.8.8:53 uidsync.net udp
US 8.8.8.8:53 93.93.17.193.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 51.193.239.145.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 167.88.30.52.in-addr.arpa udp
US 8.8.8.8:53 56.148.247.54.in-addr.arpa udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 s.cpx.to udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 204.201.212.88.in-addr.arpa udp
US 8.8.8.8:53 125.8.88.23.in-addr.arpa udp
US 8.8.8.8:53 81.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 97.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 82.210.89.185.in-addr.arpa udp
DE 162.19.138.116:443 id5-sync.com tcp
DE 157.90.33.72:443 uidsync.net tcp
IE 63.32.182.32:443 s.cpx.to tcp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 131.43.200.5.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 32.182.32.63.in-addr.arpa udp
DE 23.88.8.125:443 uidsync.net tcp
US 8.8.8.8:53 188.206.125.74.in-addr.arpa udp
DE 23.88.8.125:443 uidsync.net tcp
DE 23.88.8.125:443 uidsync.net tcp
NL 88.208.46.222:443 ogffa.net tcp
NL 88.208.46.222:443 ogffa.net tcp
US 8.8.8.8:53 tmzr.themoneytizer.fr udp
US 104.21.40.15:443 tmzr.themoneytizer.fr tcp
US 8.8.8.8:53 lexicon.33across.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 ww1097.smartadserver.com udp
US 35.244.193.51:443 lexicon.33across.com tcp
IE 52.49.90.166:443 id.crwdcntrl.net tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
US 8.8.8.8:53 15.40.21.104.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 166.90.49.52.in-addr.arpa udp
US 8.8.8.8:53 95.139.86.185.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 net.geo.opera.com udp
NL 185.26.182.111:443 net.geo.opera.com tcp
N/A 127.0.0.1:58627 tcp
US 8.8.8.8:53 111.182.26.185.in-addr.arpa udp
US 8.8.8.8:53 autoupdate.geo.opera.com udp
US 8.8.8.8:53 desktop-netinstaller-sub.osp.opera.software udp
NL 82.145.216.20:443 autoupdate.geo.opera.com tcp
NL 82.145.216.20:443 autoupdate.geo.opera.com tcp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 features.opera-api2.com udp
US 8.8.8.8:53 download.opera.com udp
NL 185.26.182.111:443 features.opera-api2.com tcp
NL 82.145.216.23:443 download.opera.com tcp
US 8.8.8.8:53 download5.operacdn.com udp
US 104.18.11.89:443 download5.operacdn.com tcp
US 8.8.8.8:53 20.216.145.82.in-addr.arpa udp
US 8.8.8.8:53 121.217.145.82.in-addr.arpa udp
US 8.8.8.8:53 23.216.145.82.in-addr.arpa udp
US 8.8.8.8:53 89.11.18.104.in-addr.arpa udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com tcp
US 8.8.8.8:53 download.oxy.st udp
RU 185.178.208.137:443 download.oxy.st tcp
RU 185.178.208.137:443 download.oxy.st tcp
RU 185.178.208.137:443 download.oxy.st tcp
NL 104.123.44.23:443 lg3.media.net udp
DE 51.89.9.251:443 onetag-sys.com udp
DE 23.88.8.125:443 uidsync.net tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
DE 162.19.138.116:443 id5-sync.com tcp
NL 185.89.210.82:443 ib.adnxs.com tcp
FR 145.239.193.51:443 tag.leadplace.fr tcp
DE 157.90.33.72:443 uidsync.net tcp
DE 157.90.33.72:443 uidsync.net tcp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 s1.oxy.st udp
US 104.21.234.182:443 s1.oxy.st tcp
US 8.8.8.8:53 182.234.21.104.in-addr.arpa udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
US 8.8.8.8:53 www.youtube.com udp
FR 172.217.18.206:443 www.youtube.com udp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
FR 142.250.178.142:443 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 66.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 sub.got-to-be.net udp
DE 23.88.8.125:443 sub.got-to-be.net tcp
DE 23.88.8.125:443 sub.got-to-be.net tcp
DE 157.90.1.66:443 cdn4image.com tcp
DE 157.90.33.71:443 go-g3t-msg.com tcp
US 8.8.8.8:53 71.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 66.1.90.157.in-addr.arpa udp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
FR 142.250.179.99:443 www.recaptcha.net tcp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
US 8.8.8.8:53 99.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 recaptcha.net udp
FR 216.58.214.163:443 recaptcha.net tcp
FR 216.58.214.163:443 recaptcha.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 216.58.214.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 170.214.58.216.in-addr.arpa udp
US 74.125.34.46:443 www.virustotal.com tcp
FR 216.58.215.35:443 beacons3.gvt2.com udp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 216.58.214.182:443 i.ytimg.com udp
US 8.8.8.8:53 rr4---sn-5hnednss.googlevideo.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
NL 172.217.132.201:443 rr4---sn-5hnednss.googlevideo.com udp
US 8.8.8.8:53 201.132.217.172.in-addr.arpa udp
FR 216.58.214.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 metrics.biddertmz.com udp
IE 34.248.22.168:443 metrics.biddertmz.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
IE 34.248.22.168:443 metrics.biddertmz.com tcp
US 8.8.8.8:53 168.22.248.34.in-addr.arpa udp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 185.86.139.95:443 ww1097.smartadserver.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
FR 216.58.214.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ww1097.smartadserver.com udp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 96.238.202.149.in-addr.arpa udp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 clients2.google.com udp
FR 142.250.178.142:443 clients2.google.com udp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
FR 149.202.238.96:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 ww1097.smartadserver.com udp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 96.209.135.5.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
FR 5.135.209.96:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 ww1097.smartadserver.com udp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 121.138.86.185.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c11.gcp.gvt2.com udp
AU 34.129.38.245:443 e2c11.gcp.gvt2.com tcp
AU 34.129.38.245:443 e2c11.gcp.gvt2.com tcp
US 8.8.8.8:53 245.38.129.34.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 216.58.215.35:443 beacons.gvt2.com udp
US 8.8.8.8:53 54321.cllt.nyashteam.ru udp
US 104.21.2.8:80 54321.cllt.nyashteam.ru tcp
US 104.21.2.8:80 54321.cllt.nyashteam.ru tcp
US 8.8.8.8:53 8.2.21.104.in-addr.arpa udp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
FR 185.86.138.121:443 ww1097.smartadserver.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c71.gcp.gvt2.com udp
ES 34.175.83.78:443 e2c71.gcp.gvt2.com tcp
US 8.8.8.8:53 78.83.175.34.in-addr.arpa udp
FR 216.58.215.35:443 beacons.gvt2.com udp
US 8.8.8.8:53 www.youtube.com udp
FR 172.217.18.206:443 www.youtube.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
FR 142.250.74.225:443 lh5.googleusercontent.com udp
FR 216.58.214.182:443 i.ytimg.com udp
NL 74.125.8.233:443 rr4---sn-5hnednsz.googlevideo.com udp
NL 74.125.100.232:443 rr3---sn-5hne6nzd.googlevideo.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 216.58.214.66:443 googleads.g.doubleclick.net udp
NL 172.217.132.135:443 rr2---sn-5hne6nzk.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-5hne6nsd.googlevideo.com udp
NL 172.217.132.10:443 rr5---sn-5hne6nsd.googlevideo.com udp
US 8.8.8.8:53 10.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hnekn7l.googlevideo.com udp
NL 74.125.100.10:443 rr5---sn-5hnekn7l.googlevideo.com udp
US 8.8.8.8:53 10.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nsy.googlevideo.com udp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com udp
US 8.8.8.8:53 105.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hneknee.googlevideo.com udp
NL 74.125.8.74:443 rr5---sn-5hneknee.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-5hne6nzy.googlevideo.com udp
NL 172.217.132.168:443 rr3---sn-5hne6nzy.googlevideo.com udp
US 8.8.8.8:53 74.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 168.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hnekn7d.googlevideo.com udp
NL 209.85.226.40:443 rr3---sn-5hnekn7d.googlevideo.com udp
US 8.8.8.8:53 40.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hnekn7s.googlevideo.com udp
NL 74.125.100.40:443 rr3---sn-5hnekn7s.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-5hne6nzy.googlevideo.com udp
NL 172.217.132.170:443 rr5---sn-5hne6nzy.googlevideo.com udp
US 8.8.8.8:53 40.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 170.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hne6nsr.googlevideo.com udp
NL 172.217.132.71:443 rr2---sn-5hne6nsr.googlevideo.com udp
US 8.8.8.8:53 71.132.217.172.in-addr.arpa udp
NL 172.217.132.138:443 rr5---sn-5hne6nzk.googlevideo.com udp
US 8.8.8.8:53 rr1---sn-5hne6nzy.googlevideo.com udp
NL 172.217.132.166:443 rr1---sn-5hne6nzy.googlevideo.com udp
US 8.8.8.8:53 166.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-5hnekn7d.googlevideo.com udp
NL 209.85.226.38:443 rr1---sn-5hnekn7d.googlevideo.com udp
US 8.8.8.8:53 38.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 ww1097.smartadserver.com udp
FR 51.178.195.208:443 ww1097.smartadserver.com tcp
FR 51.178.195.208:443 ww1097.smartadserver.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 208.195.178.51.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hnekn7z.googlevideo.com udp
NL 74.125.100.106:443 rr5---sn-5hnekn7z.googlevideo.com udp
US 8.8.8.8:53 106.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hne6n6e.googlevideo.com udp
NL 172.217.132.234:443 rr5---sn-5hne6n6e.googlevideo.com udp
US 8.8.8.8:53 234.132.217.172.in-addr.arpa udp
FR 216.58.214.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com udp
US 8.8.8.8:53 telegra.ph udp
US 8.8.8.8:53 t.me udp
NL 149.154.167.99:443 t.me tcp
US 8.8.8.8:53 edit.telegra.ph udp
FR 216.58.214.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 99.167.154.149.in-addr.arpa udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com tcp
US 104.16.113.74:443 www.mediafire.com tcp
US 104.16.113.74:443 www.mediafire.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 static.mediafire.com udp
FR 142.250.179.106:443 ajax.googleapis.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 translate.google.com udp
FR 142.250.201.174:443 translate.google.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
FR 172.217.20.202:443 translate.googleapis.com tcp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
FR 51.178.195.208:443 ww1097.smartadserver.com tcp
FR 51.178.195.208:443 ww1097.smartadserver.com tcp
FR 172.217.20.202:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
NL 172.217.132.166:443 rr1---sn-5hne6nzy.googlevideo.com udp
NL 209.85.226.105:443 rr4---sn-5hne6ns6.googlevideo.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr5---sn-5hnednsz.googlevideo.com udp
NL 74.125.8.234:443 rr5---sn-5hnednsz.googlevideo.com udp
US 8.8.8.8:53 234.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nzs.googlevideo.com udp
NL 74.125.8.105:443 rr4---sn-5hne6nzs.googlevideo.com udp
US 8.8.8.8:53 rr5---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.202:443 rr5---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 105.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 202.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hneknes.googlevideo.com udp
NL 74.125.8.201:443 rr4---sn-5hneknes.googlevideo.com udp
US 8.8.8.8:53 201.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-5hne6nsr.googlevideo.com udp
NL 172.217.132.74:443 rr5---sn-5hne6nsr.googlevideo.com udp
US 8.8.8.8:53 74.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
FR 216.58.214.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 play.google.com udp
NL 74.125.8.201:443 rr4---sn-5hneknes.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.200:443 rr3---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.200:443 rr3---sn-5hne6nz6.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.198:443 rr1---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.198:443 rr1---sn-5hne6nz6.googlevideo.com tcp
US 8.8.8.8:53 200.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 198.100.125.74.in-addr.arpa udp
NL 74.125.100.198:443 rr1---sn-5hne6nz6.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-5hneknee.googlevideo.com udp
NL 74.125.8.70:443 rr1---sn-5hneknee.googlevideo.com udp
US 8.8.8.8:53 70.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hne6ns6.googlevideo.com udp
NL 209.85.226.104:443 rr3---sn-5hne6ns6.googlevideo.com udp
US 8.8.8.8:53 104.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-5hne6nsy.googlevideo.com udp
NL 172.217.132.102:443 rr1---sn-5hne6nsy.googlevideo.com udp
US 8.8.8.8:53 102.132.217.172.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
NL 74.125.8.166:443 rr1---sn-5hne6n6l.googlevideo.com udp
NL 74.125.100.201:443 rr4---sn-5hne6nz6.googlevideo.com udp
US 8.8.8.8:53 rr2---sn-5hnekn7d.googlevideo.com udp
NL 209.85.226.39:443 rr2---sn-5hnekn7d.googlevideo.com udp
US 8.8.8.8:53 39.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-5hne6nsk.googlevideo.com udp
NL 172.217.132.39:443 rr2---sn-5hne6nsk.googlevideo.com udp
US 8.8.8.8:53 39.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.169:443 rr4---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.169:443 rr4---sn-5hne6n6l.googlevideo.com tcp
US 8.8.8.8:53 169.8.125.74.in-addr.arpa udp
NL 172.217.132.74:443 rr5---sn-5hne6nsr.googlevideo.com udp
FR 216.58.214.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 mega.nz udp
LU 31.216.145.5:443 mega.nz tcp
US 8.8.8.8:53 eu.static.mega.co.nz udp
LU 89.44.169.132:443 eu.static.mega.co.nz tcp
US 8.8.8.8:53 g.api.mega.co.nz udp
LU 66.203.125.13:443 g.api.mega.co.nz tcp
LU 66.203.125.13:443 g.api.mega.co.nz tcp
US 8.8.8.8:53 132.169.44.89.in-addr.arpa udp
LU 89.44.169.132:443 eu.static.mega.co.nz tcp
US 8.8.8.8:53 13.125.203.66.in-addr.arpa udp
US 8.8.8.8:53 flow.lavasoft.com udp
US 104.16.149.130:443 flow.lavasoft.com tcp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.132:443 www.google.com udp
FR 142.250.178.132:443 www.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
FR 142.250.178.142:443 clients2.google.com udp
FR 142.250.178.142:443 clients2.google.com tcp
US 8.8.8.8:53 www-digitalcitizen-life.webpkgcache.com udp
FR 216.58.213.65:443 www-digitalcitizen-life.webpkgcache.com tcp
US 8.8.8.8:53 i.ytimg.com udp
FR 216.58.213.65:443 www-digitalcitizen-life.webpkgcache.com udp
FR 216.58.214.182:443 i.ytimg.com udp
FR 216.58.214.182:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 172.217.20.198:443 static.doubleclick.net udp
FR 216.58.215.42:443 jnn-pa.googleapis.com udp
FR 172.217.20.198:443 static.doubleclick.net tcp
US 8.8.8.8:53 42.215.58.216.in-addr.arpa udp
FR 216.58.215.42:443 jnn-pa.googleapis.com udp
FR 142.250.178.132:443 www.google.com udp
FR 216.58.215.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com udp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 www.makeuseof.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 13.248.142.229:443 www.makeuseof.com tcp
US 13.248.142.229:443 www.makeuseof.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 static1.makeuseofimages.com udp
US 8.8.8.8:53 launchpad.privacymanager.io udp
US 8.8.8.8:53 cdn.adsninja.ca udp
US 8.8.8.8:53 cdn.viglink.com udp
GB 143.244.38.136:443 cdn.adsninja.ca tcp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 cdn.sentinelbi.com udp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
DE 13.32.27.115:443 launchpad.privacymanager.io tcp
GB 143.244.38.136:443 cdn.sentinelbi.com tcp
GB 143.244.38.136:443 cdn.sentinelbi.com tcp
DE 143.204.215.65:443 cdn.viglink.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 104.17.249.203:443 unpkg.com tcp
US 104.22.4.69:443 a.ad.gt tcp
FR 216.58.215.35:443 beacons.gvt2.com udp
GB 143.244.38.136:443 cdn.sentinelbi.com tcp
GB 143.244.38.136:443 cdn.sentinelbi.com tcp
US 3.160.150.105:443 launchpad-wrapper.privacymanager.io tcp
NL 173.194.69.84:443 accounts.google.com tcp
FR 216.58.215.35:443 beacons.gvt2.com tcp
US 8.8.8.8:53 c.aps.amazon-adsystem.com udp
US 8.8.8.8:53 229.142.248.13.in-addr.arpa udp
US 8.8.8.8:53 115.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 203.249.17.104.in-addr.arpa udp
US 8.8.8.8:53 65.215.204.143.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 105.150.160.3.in-addr.arpa udp
US 3.161.82.93:443 c.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 comparisons.sovrn.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
DE 18.66.147.85:443 comparisons.sovrn.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
FR 216.58.214.162:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 ampcid.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 216.58.215.46:443 ampcid.google.com tcp
FR 142.250.75.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 geo.privacymanager.io udp
BE 64.233.167.155:443 stats.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com tcp
DE 13.32.99.122:443 geo.privacymanager.io tcp
FR 142.250.75.234:443 content-autofill.googleapis.com tcp
BE 64.233.167.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
DE 108.138.6.136:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
FR 142.250.75.234:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 enchantingdiscovery.com udp
US 34.149.178.20:443 enchantingdiscovery.com tcp
FR 216.58.214.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.unblockia.com udp
US 8.8.8.8:53 static.adsafeprotected.com udp
DE 13.32.27.114:443 cdn.unblockia.com tcp
DE 18.66.112.19:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 sentinelbi.com udp
US 54.157.59.36:443 sentinelbi.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
DE 108.138.6.136:443 c.amazon-adsystem.com tcp
US 3.161.82.93:443 c.aps.amazon-adsystem.com udp
US 3.161.82.93:443 c.aps.amazon-adsystem.com udp
DE 18.245.31.92:443 config.aps.amazon-adsystem.com tcp
US 54.157.59.36:443 sentinelbi.com tcp
FR 142.250.75.234:443 imasdk.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 loader.unblockia.com udp
FR 172.217.20.198:443 s0.2mdn.net tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 85.147.66.18.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 122.99.32.13.in-addr.arpa udp
US 8.8.8.8:53 136.6.138.108.in-addr.arpa udp
US 8.8.8.8:53 114.27.32.13.in-addr.arpa udp
US 8.8.8.8:53 19.112.66.18.in-addr.arpa udp
US 8.8.8.8:53 92.31.245.18.in-addr.arpa udp
US 8.8.8.8:53 36.59.157.54.in-addr.arpa udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
DE 65.9.66.68:443 tags.crwdcntrl.net tcp
DE 23.67.137.210:443 secure.cdn.fastclick.net tcp
DE 23.67.137.210:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 t.unblockia.com udp
US 34.149.178.20:443 enchantingdiscovery.com udp
US 18.173.205.37:443 t.unblockia.com tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 18.244.15.236:443 aax.amazon-adsystem.com tcp
US 18.244.15.236:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 images.getadmiral.com udp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
US 104.18.19.49:443 images.getadmiral.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
NL 89.207.16.210:443 proc.ad.cpe.dotomi.com tcp
IE 54.77.42.245:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 68.66.9.65.in-addr.arpa udp
US 8.8.8.8:53 210.137.67.23.in-addr.arpa udp
US 8.8.8.8:53 37.205.173.18.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 236.15.244.18.in-addr.arpa udp
US 8.8.8.8:53 49.19.18.104.in-addr.arpa udp
US 8.8.8.8:53 210.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 245.42.77.54.in-addr.arpa udp
US 8.8.8.8:53 api.viglink.com udp
IE 54.216.254.135:443 api.viglink.com tcp
US 34.149.178.20:443 enchantingdiscovery.com udp
US 8.8.8.8:53 sub.got-to-be.net udp
DE 23.88.8.125:443 sub.got-to-be.net tcp
DE 23.88.8.125:443 sub.got-to-be.net tcp
US 8.8.8.8:53 cdn4image.com udp
US 8.8.8.8:53 go-g3t-msg.com udp
DE 157.90.32.219:443 cdn4image.com tcp
DE 178.63.248.53:443 go-g3t-msg.com tcp
US 8.8.8.8:53 135.254.216.54.in-addr.arpa udp
US 8.8.8.8:53 219.32.90.157.in-addr.arpa udp
US 8.8.8.8:53 53.248.63.178.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 secure.adnxs.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 104.22.4.69:443 ids.ad.gt tcp
NL 185.89.210.141:443 secure.adnxs.com tcp
IE 52.51.22.204:443 dpm.demdex.net tcp
FR 172.217.18.194:443 cm.g.doubleclick.net tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
US 104.22.5.69:443 ids.ad.gt tcp
US 104.22.5.69:443 ids.ad.gt tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 hb.minutemedia-prebid.com udp
US 8.8.8.8:53 exchange.kueezrtb.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 pbs.nextmillmedia.com udp
US 64.227.22.149:443 exchange.kueezrtb.com tcp
US 64.227.22.149:443 exchange.kueezrtb.com tcp
US 64.227.22.149:443 exchange.kueezrtb.com tcp
US 64.227.22.149:443 exchange.kueezrtb.com tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
IE 54.171.119.95:443 hb.minutemedia-prebid.com tcp
US 8.8.8.8:53 prebid.cootlogix.com udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 52.222.236.9:443 hb.yellowblue.io tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 8.8.8.8:53 exchange.cootlogix.com udp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 ad.360yield.com udp
NL 145.40.97.66:443 prebid.a-mo.net tcp
US 8.8.8.8:53 g2.gumgum.com udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 159.223.162.198:443 exchange.cootlogix.com tcp
US 159.223.162.198:443 exchange.cootlogix.com tcp
US 138.197.53.255:443 prebid.cootlogix.com tcp
US 138.197.53.255:443 prebid.cootlogix.com tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
US 8.8.8.8:53 krk2.kargo.com udp
IE 54.246.87.181:443 ad.360yield.com tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 report2.hb.brainlyads.com udp
IE 52.51.34.111:443 g2.gumgum.com tcp
IE 52.51.34.111:443 g2.gumgum.com tcp
IE 52.51.34.111:443 g2.gumgum.com tcp
IE 52.51.34.111:443 g2.gumgum.com tcp
IE 52.51.34.111:443 g2.gumgum.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 3.77.175.107:443 krk2.kargo.com tcp
US 8.8.8.8:53 4f6d69413c5ad376e6217b214705e429.safeframe.googlesyndication.com udp
FR 142.250.179.65:443 4f6d69413c5ad376e6217b214705e429.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 c.4dex.io udp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 185.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 194.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 204.22.51.52.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 95.119.171.54.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 9.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 104.22.4.69:443 ids.ad.gt tcp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 104.22.4.69:443 ids.ad.gt tcp
US 8.8.8.8:53 seg.ad.gt udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 178.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 181.87.246.54.in-addr.arpa udp
US 8.8.8.8:53 107.175.77.3.in-addr.arpa udp
US 8.8.8.8:53 111.34.51.52.in-addr.arpa udp
US 8.8.8.8:53 198.162.223.159.in-addr.arpa udp
FR 216.58.214.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 149.22.227.64.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 134.46.204.15.in-addr.arpa udp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
FR 172.217.18.194:443 cm.g.doubleclick.net udp
US 138.197.53.255:443 prebid.cootlogix.com tcp
US 104.22.4.69:443 seg.ad.gt tcp
FR 216.58.214.65:443 tpc.googlesyndication.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 15.204.46.134:443 pbs.nextmillmedia.com tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 104.22.5.69:443 pixels.ad.gt tcp
US 35.241.34.106:443 c.4dex.io tcp
US 104.22.4.69:443 pixels.ad.gt tcp
US 104.22.4.69:443 pixels.ad.gt tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
FR 142.250.178.129:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 cdn.ampproject.org tcp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 154.92.84.54.in-addr.arpa udp
US 8.8.8.8:53 58.139.4.46.in-addr.arpa udp
US 8.8.8.8:53 255.53.197.138.in-addr.arpa udp
US 8.8.8.8:53 167.223.94.52.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 35.241.34.106:443 c.4dex.io udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 csync.loopme.me udp
NL 35.214.223.249:443 csync.loopme.me tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 cs.media.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 trace-eu.mediago.io udp
US 8.8.8.8:53 b1sync.zemanta.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
SE 23.34.232.19:443 cs.media.net tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
DE 51.75.86.98:443 onetag-sys.com tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 35.244.159.8:443 u.openx.net tcp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 34.149.50.64:443 s.seedtag.com udp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 a.teads.tv udp
US 8.8.8.8:53 ssp.api.tappx.com udp
BE 2.21.17.83:443 a.teads.tv tcp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
US 8.8.8.8:53 amazon-tam-match.dotomi.com udp
NL 89.207.16.137:443 amazon-tam-match.dotomi.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
DE 18.184.177.15:443 match.sharethrough.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
SE 23.34.232.193:443 ads.pubmatic.com tcp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 sync-amz.ads.yieldmo.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
IE 52.19.175.6:443 sync-amz.ads.yieldmo.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 hb.undertone.com udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 34.120.63.153:443 prebid.media.net tcp
DE 18.66.102.3:443 hb.undertone.com tcp
US 8.8.8.8:53 bh.contextweb.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 249.223.214.35.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 80.168.214.35.in-addr.arpa udp
US 8.8.8.8:53 19.232.34.23.in-addr.arpa udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 63.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 83.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 227.131.90.34.in-addr.arpa udp
US 8.8.8.8:53 137.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 15.177.184.18.in-addr.arpa udp
US 8.8.8.8:53 193.232.34.23.in-addr.arpa udp
US 8.8.8.8:53 56.143.46.52.in-addr.arpa udp
US 8.8.8.8:53 6.175.19.52.in-addr.arpa udp
US 8.8.8.8:53 175.18.21.2.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 109.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 cs-tam.yellowblue.io udp
US 8.8.8.8:53 crt.sectigo.com udp
IE 54.77.78.113:443 ap.lijit.com tcp
IE 54.195.106.144:443 cs-tam.yellowblue.io tcp
US 104.18.38.233:80 crt.sectigo.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ce.lijit.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
IE 18.203.106.185:443 ce.lijit.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 bttrack.com udp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 ads.betweendigital.com udp
US 192.132.33.69:443 bttrack.com tcp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 us2.shb-sync.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
DE 157.90.211.246:443 sync.richaudience.com tcp
NL 188.42.191.196:443 ads.betweendigital.com tcp
JP 172.104.64.149:443 s.c.appier.net tcp
US 80.77.85.115:443 us2.shb-sync.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 cm.adform.net udp
DK 37.157.6.254:443 cm.adform.net tcp
US 8.8.8.8:53 static.criteo.net udp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 dis.criteo.com udp
NL 178.250.1.3:443 static.criteo.net tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
JP 172.104.64.149:443 s.c.appier.net tcp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 c1.adform.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
DK 37.157.2.230:443 c1.adform.net tcp
US 104.22.51.98:443 mwzeom.zeotap.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
NL 34.91.62.186:443 um.simpli.fi tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
HK 172.217.24.67:443 csi.gstatic.com tcp
US 8.8.8.8:53 3.102.66.18.in-addr.arpa udp
US 8.8.8.8:53 115.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 144.106.195.54.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 185.106.203.18.in-addr.arpa udp
US 8.8.8.8:53 196.191.42.188.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 115.85.77.80.in-addr.arpa udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 254.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 149.64.104.172.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 98.51.22.104.in-addr.arpa udp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 186.62.91.34.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
DE 143.204.98.32:443 check.analytics.rlcdn.com tcp
HK 172.217.24.67:443 csi.gstatic.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
US 8.8.8.8:53 cookies.nextmillmedia.com udp
US 8.8.8.8:53 vid.vidoomy.com udp
DE 91.228.74.159:443 cms.quantserve.com tcp
GB 89.187.167.9:443 vid.vidoomy.com tcp
US 3.230.237.36:443 cookies.nextmillmedia.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
HK 172.217.24.67:443 csi.gstatic.com tcp
US 8.8.8.8:53 ads.us.e-planning.net udp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
NL 34.90.131.227:443 ssp.api.tappx.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 ads.stickyadstv.com udp
NL 35.214.223.249:443 csync.loopme.me tcp
GB 185.64.190.79:443 image8.pubmatic.com tcp
BE 2.21.16.25:443 contextual.media.net udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
IE 52.210.242.228:443 match.prod.bidr.io tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
DE 51.75.86.98:443 onetag-sys.com udp
US 8.8.8.8:53 cs.yellowblue.io udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
IE 52.17.1.20:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 idsync.frontend.weborama.fr udp
US 8.8.8.8:53 a.audrte.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
IE 63.34.53.128:443 a.audrte.com tcp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
US 34.96.71.22:443 s.company-target.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
IE 52.18.69.148:443 ads.yieldmo.com tcp
FR 142.250.75.226:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 32.98.204.143.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 9.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 100.151.173.69.in-addr.arpa udp
US 8.8.8.8:53 67.24.217.172.in-addr.arpa udp
US 8.8.8.8:53 36.237.230.3.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 79.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 80.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 228.242.210.52.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 20.1.17.52.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 239.131.111.34.in-addr.arpa udp
US 8.8.8.8:53 128.53.34.63.in-addr.arpa udp
US 8.8.8.8:53 22.71.96.34.in-addr.arpa udp
US 8.8.8.8:53 137.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 148.69.18.52.in-addr.arpa udp
US 8.8.8.8:53 vfw.amazon-adsystem.com udp
IE 52.215.1.228:443 vfw.amazon-adsystem.com tcp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 ads.avads.net udp
GB 185.64.190.81:443 image4.pubmatic.com tcp
US 34.128.133.112:443 ads.avads.net tcp
US 8.8.8.8:53 s.e-planning.net udp
NL 193.3.178.2:443 s.e-planning.net tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 74.121.140.211:443 sync.mathtag.com tcp
US 8.8.8.8:53 u-ams03.e-planning.net udp
FR 91.134.110.133:443 ssbsync-global.smartadserver.com tcp
NL 193.3.178.3:443 u-ams03.e-planning.net tcp
DE 18.158.134.185:443 rtb.mfadsrvr.com tcp
NL 193.3.178.3:443 u-ams03.e-planning.net tcp
IE 52.215.1.228:443 vfw.amazon-adsystem.com tcp
US 34.128.133.112:443 ads.avads.net udp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 live.primis.tech udp
US 172.64.146.152:443 capi.connatix.com tcp
US 8.8.8.8:53 sync.ipredictive.com udp
DE 13.32.99.104:443 live.primis.tech tcp
US 52.72.151.87:443 sync.ipredictive.com tcp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 8.8.8.8:53 sc.iasds01.com udp
US 8.8.8.8:53 ts.amazon-adsystem.com udp
US 52.39.108.9:443 dt.adsafeprotected.com tcp
US 172.64.146.152:443 capi.connatix.com udp
IE 52.18.18.165:443 pixel.adsafeprotected.com tcp
DE 18.66.122.76:443 ts.amazon-adsystem.com tcp
IE 52.211.204.56:443 sc.iasds01.com tcp
US 8.8.8.8:53 eu-u.openx.net udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 67.202.105.22:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 pixel.tapad.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 simage4.pubmatic.com udp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
FR 172.217.20.198:443 s0.2mdn.net udp
US 8.8.8.8:53 228.1.215.52.in-addr.arpa udp
US 8.8.8.8:53 81.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 112.133.128.34.in-addr.arpa udp
US 8.8.8.8:53 2.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 133.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 185.134.158.18.in-addr.arpa udp
US 8.8.8.8:53 152.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 104.99.32.13.in-addr.arpa udp
US 8.8.8.8:53 87.151.72.52.in-addr.arpa udp
US 8.8.8.8:53 165.18.18.52.in-addr.arpa udp
US 8.8.8.8:53 76.122.66.18.in-addr.arpa udp
US 8.8.8.8:53 56.204.211.52.in-addr.arpa udp
US 8.8.8.8:53 9.108.39.52.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
HK 172.217.24.67:443 csi.gstatic.com udp
US 8.8.8.8:53 images-na.ssl-images-amazon.com udp
US 8.8.8.8:53 i.liadm.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
DE 108.138.22.14:443 images-na.ssl-images-amazon.com tcp
US 8.8.8.8:53 tagan.adlightning.com udp
US 34.197.121.227:443 i.liadm.com tcp
US 8.8.8.8:53 r.casalemedia.com udp
US 8.8.8.8:53 gcdn.2mdn.net udp
US 52.71.153.127:443 sync.srv.stackadapt.com tcp
DE 18.66.147.50:443 tagan.adlightning.com tcp
DE 18.66.147.50:443 tagan.adlightning.com tcp
FR 216.58.214.78:443 gcdn.2mdn.net tcp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 rtb.openx.net udp
US 35.186.253.211:443 rtb.openx.net tcp
US 8.8.8.8:53 r5---sn-aigl6nsr.c.2mdn.net udp
GB 74.125.105.138:443 r5---sn-aigl6nsr.c.2mdn.net tcp
US 8.8.8.8:53 m.media-amazon.com udp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 151.101.1.16:443 m.media-amazon.com tcp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 pixel.onaudience.com udp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
FR 141.94.171.216:443 pixel.onaudience.com tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
NL 63.215.202.172:443 pubmatic-match.dotomi.com tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 14.22.138.108.in-addr.arpa udp
US 8.8.8.8:53 pool.admedo.com udp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 227.121.197.34.in-addr.arpa udp
US 8.8.8.8:53 50.147.66.18.in-addr.arpa udp
US 8.8.8.8:53 78.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
DK 77.243.51.121:443 uipglob.semasio.net tcp
US 8.8.8.8:53 127.153.71.52.in-addr.arpa udp
US 8.8.8.8:53 138.105.125.74.in-addr.arpa udp
US 8.8.8.8:53 16.1.101.151.in-addr.arpa udp
NL 63.215.202.172:443 pubmatic-match.dotomi.com tcp
NL 145.40.97.67:443 sync.a-mo.net tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 assets.a-mo.net udp
US 8.8.8.8:53 cdn.undertone.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 cs.seedtag.com udp
US 8.8.8.8:53 sync.kueezrtb.com udp
US 8.8.8.8:53 sync.cootlogix.com udp
BE 35.210.53.219:443 pool.admedo.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 35.186.253.211:443 rtb.openx.net udp
BE 35.210.53.219:443 pool.admedo.com tcp
US 104.19.159.19:443 assets.a-mo.net tcp
US 104.16.187.87:443 cs.seedtag.com tcp
US 134.122.117.207:443 sync.cootlogix.com tcp
US 134.122.125.115:443 sync.kueezrtb.com tcp
DE 18.66.102.39:443 cdn.undertone.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 34.120.63.153:443 prebid.media.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
FR 142.250.75.226:443 ade.googlesyndication.com udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
DE 108.138.22.14:443 images-na.ssl-images-amazon.com udp
US 8.8.8.8:53 216.171.94.141.in-addr.arpa udp
US 8.8.8.8:53 172.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 121.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 219.53.210.35.in-addr.arpa udp
US 8.8.8.8:53 67.97.40.145.in-addr.arpa udp
US 52.71.153.127:443 sync.srv.stackadapt.com tcp
US 52.71.153.127:443 sync.srv.stackadapt.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
US 151.101.1.16:443 m.media-amazon.com udp
US 8.8.8.8:53 ps.eyeota.net udp
US 8.8.8.8:53 images-eu.ssl-images-amazon.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 3.161.81.160:443 images-eu.ssl-images-amazon.com tcp
DE 3.122.214.165:443 ps.eyeota.net tcp
US 8.8.8.8:53 yieldmo-match.dotomi.com udp
US 151.101.1.16:443 m.media-amazon.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
BE 35.210.53.219:443 pool.admedo.com udp
US 8.8.8.8:53 sync-openx.ads.yieldmo.com udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 dsp.adfarm1.adition.com udp
US 8.8.8.8:53 d5p.de17a.com udp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
SE 213.155.156.180:443 d5p.de17a.com tcp
DE 85.114.159.93:443 dsp.adfarm1.adition.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 19.159.19.104.in-addr.arpa udp
US 8.8.8.8:53 87.187.16.104.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 39.102.66.18.in-addr.arpa udp
US 8.8.8.8:53 115.125.122.134.in-addr.arpa udp
US 8.8.8.8:53 207.117.122.134.in-addr.arpa udp
US 8.8.8.8:53 165.214.122.3.in-addr.arpa udp
US 8.8.8.8:53 246.211.90.157.in-addr.arpa udp
US 8.8.8.8:53 62.64.227.64.in-addr.arpa udp
US 8.8.8.8:53 sq-tungsten-ts-eu.amazon-adsystem.com udp
IE 3.253.169.168:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 3.161.81.160:443 images-eu.ssl-images-amazon.com udp
US 8.8.8.8:53 aes.eu-west.3px.axp.amazon-adsystem.com udp
US 8.8.8.8:53 tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev udp
IE 52.214.237.19:443 aes.eu-west.3px.axp.amazon-adsystem.com tcp
DE 52.222.236.113:443 tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev tcp
IE 3.253.169.168:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 track.adform.net udp
IE 52.210.242.228:443 match.prod.bidr.io tcp
FR 172.217.20.198:443 s0.2mdn.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
FR 216.58.213.66:443 googleads4.g.doubleclick.net tcp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 131.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 93.159.114.85.in-addr.arpa udp
US 8.8.8.8:53 180.156.155.213.in-addr.arpa udp
US 8.8.8.8:53 19.237.214.52.in-addr.arpa udp
US 8.8.8.8:53 113.236.222.52.in-addr.arpa udp
US 8.8.8.8:53 66.213.58.216.in-addr.arpa udp
FR 216.58.213.66:443 googleads4.g.doubleclick.net udp
IE 3.253.169.168:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 34.96.71.22:443 s.company-target.com udp
US 8.8.8.8:53 casale-match.dotomi.com udp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 usr.undertone.com udp
US 8.8.8.8:53 pixel.advertising.com udp
FR 45.137.176.88:443 sync.adotmob.com tcp
US 8.8.8.8:53 csync.smartadserver.com udp
NL 89.207.16.201:443 casale-match.dotomi.com tcp
US 13.33.187.80:443 usr.undertone.com tcp
US 2.18.190.75:443 csync.smartadserver.com tcp
US 8.8.8.8:53 cw.addthis.com udp
US 8.8.8.8:53 tags.bluekai.com udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 35.244.174.68:443 idsync.rlcdn.com tcp
BE 23.55.96.210:443 tags.bluekai.com tcp
US 8.8.8.8:53 beacon.krxd.net udp
US 34.111.113.62:443 pixel.tapad.com udp
BE 104.68.81.91:443 cw.addthis.com tcp
US 8.8.8.8:53 ced-ns.sascdn.com udp
US 2.18.190.75:443 csync.smartadserver.com tcp
US 2.18.190.78:443 ced-ns.sascdn.com tcp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 201.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 80.187.33.13.in-addr.arpa udp
US 8.8.8.8:53 75.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 210.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 d.turn.com udp
NL 46.228.164.13:443 d.turn.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 gw-iad-bid.ymmobi.com udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 core.iprom.net udp
US 47.253.61.56:443 gw-iad-bid.ymmobi.com tcp
US 8.8.8.8:53 cm.adgrx.com udp
US 8.8.8.8:53 green.erne.co udp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 ad.mrtnsvr.com udp
US 8.8.8.8:53 matching.truffle.bid udp
SI 195.5.165.20:443 core.iprom.net tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 104.18.25.173:443 a.tribalfusion.com tcp
DE 23.88.86.2:443 matching.truffle.bid tcp
FR 141.94.240.143:443 green.erne.co tcp
IE 54.217.19.5:443 cm.adgrx.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
FR 141.94.171.213:443 pixel-eu.onaudience.com tcp
US 8.8.8.8:53 s.tribalfusion.com udp
US 8.8.8.8:53 56.61.253.47.in-addr.arpa udp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 173.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 143.240.94.141.in-addr.arpa udp
US 8.8.8.8:53 5.19.217.54.in-addr.arpa udp
US 8.8.8.8:53 2.86.88.23.in-addr.arpa udp
US 8.8.8.8:53 213.171.94.141.in-addr.arpa udp
IE 63.34.53.128:443 a.audrte.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 id5-sync.com udp
DE 162.19.138.116:443 id5-sync.com tcp
NL 35.214.223.249:443 csync.loopme.me tcp
US 8.8.8.8:53 s.ad.smaato.net udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
DE 13.32.27.108:443 s.ad.smaato.net tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 wt.rqtrk.eu udp
DE 57.129.18.113:443 wt.rqtrk.eu tcp
US 8.8.8.8:53 hbx.media.net udp
NL 178.250.1.11:443 gum.criteo.com tcp
SE 23.34.232.19:443 hbx.media.net tcp
US 8.8.8.8:53 c21lg-d.media.net udp
US 8.8.8.8:53 medianet-match.dotomi.com udp
SE 23.34.232.19:443 c21lg-d.media.net tcp
US 8.8.8.8:53 usersync.gumgum.com udp
NL 89.207.16.140:443 medianet-match.dotomi.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 pm.w55c.net udp
US 8.8.8.8:53 d.adroll.com udp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 rtb.adentifi.com udp
US 8.8.8.8:53 108.27.32.13.in-addr.arpa udp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 113.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 140.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
IE 63.32.172.113:443 d.adroll.com tcp
US 44.213.202.250:443 rtb.adentifi.com tcp
US 8.8.8.8:53 a.sportradarserving.com udp
IE 34.247.185.247:443 pm.w55c.net tcp
NL 35.214.174.141:443 a.sportradarserving.com tcp
US 8.8.8.8:53 cookie-matching.mediarithmics.com udp
FR 54.36.150.185:443 cookie-matching.mediarithmics.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
DE 18.245.31.16:443 api-2-0.spot.im tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
FR 216.58.214.78:443 gcdn.2mdn.net udp
GB 74.125.105.138:443 r5---sn-aigl6nsr.c.2mdn.net udp
US 8.8.8.8:53 dmp.adform.net udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 dmp.v.fwmrm.net udp
US 8.8.8.8:53 aa.agkn.com udp
US 8.8.8.8:53 usermatch.krxd.net udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com udp
US 151.101.1.44:443 trc.taboola.com tcp
US 3.144.50.144:443 dmp.v.fwmrm.net tcp
DE 3.125.44.19:443 aa.agkn.com tcp
US 8.8.8.8:53 113.172.32.63.in-addr.arpa udp
US 8.8.8.8:53 247.185.247.34.in-addr.arpa udp
US 8.8.8.8:53 250.202.213.44.in-addr.arpa udp
US 8.8.8.8:53 141.174.214.35.in-addr.arpa udp
IE 52.212.221.115:443 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com tcp
US 8.8.8.8:53 185.150.36.54.in-addr.arpa udp
US 8.8.8.8:53 16.31.245.18.in-addr.arpa udp
US 8.8.8.8:53 44.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ow.pubmatic.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 79.127.216.47:443 id.a-mx.com tcp
DE 79.127.216.47:443 id.a-mx.com tcp
DE 79.127.216.47:443 id.a-mx.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
GB 185.64.190.84:443 ow.pubmatic.com tcp
GB 185.64.190.84:443 ow.pubmatic.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 104.18.25.173:443 s.tribalfusion.com udp
NL 35.214.174.141:443 a.sportradarserving.com udp
US 8.8.8.8:53 cm.ctnsnet.com udp
US 8.8.8.8:53 ad4m.at udp
US 8.8.8.8:53 dmp.brand-display.com udp
US 8.8.8.8:53 cdn.indexww.com udp
US 34.160.19.107:443 dmp.brand-display.com tcp
US 104.26.11.209:443 ad4m.at tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
US 18.213.199.61:443 cs-server-s2s.yellowblue.io tcp
IE 52.50.53.225:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 19.44.125.3.in-addr.arpa udp
US 8.8.8.8:53 115.221.212.52.in-addr.arpa udp
US 8.8.8.8:53 144.50.144.3.in-addr.arpa udp
US 8.8.8.8:53 84.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 107.19.160.34.in-addr.arpa udp
US 8.8.8.8:53 209.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 225.53.50.52.in-addr.arpa udp
US 8.8.8.8:53 61.199.213.18.in-addr.arpa udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 vpaid.vidoomy.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
GB 89.187.167.6:443 vpaid.vidoomy.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 52.39.108.9:443 dt.adsafeprotected.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 54.216.254.135:443 api.viglink.com tcp
US 8.8.8.8:53 a.vidoomy.com udp
ES 212.36.83.246:443 a.vidoomy.com tcp
ES 212.36.83.246:443 a.vidoomy.com tcp
ES 212.36.83.246:443 a.vidoomy.com tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 pb-am.a-mo.net udp
NL 147.75.84.158:443 pb-am.a-mo.net tcp
US 8.8.8.8:53 6.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 246.83.36.212.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 c3.a-mo.net udp
DE 79.127.216.47:443 c3.a-mo.net tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
US 3.229.202.201:443 pxl.iqm.com tcp
DE 65.9.66.68:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 id.rtb.mx udp
NL 79.127.227.46:443 id.rtb.mx tcp
BE 2.21.18.175:443 eus.rubiconproject.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 cs-rtb.minutemedia-prebid.com udp
DE 18.66.112.99:443 cs-rtb.minutemedia-prebid.com tcp
US 8.8.8.8:53 cs.minutemedia-prebid.com udp
IE 54.195.106.144:443 cs.minutemedia-prebid.com tcp
IE 54.195.106.144:443 cs.minutemedia-prebid.com tcp
US 8.8.8.8:53 99.112.66.18.in-addr.arpa udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 52.39.108.9:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 r4---sn-aigl6nz7.c.2mdn.net udp
GB 74.125.168.105:443 r4---sn-aigl6nz7.c.2mdn.net tcp
US 8.8.8.8:53 105.168.125.74.in-addr.arpa udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 prebid.adnxs.com udp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
IE 52.94.223.167:443 aax-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
GB 74.125.168.105:443 r4---sn-aigl6nz7.c.2mdn.net udp
US 8.8.8.8:53 ad.sxp.smartclip.net udp
US 8.8.8.8:53 ad.yieldlab.net udp
US 35.186.194.101:443 ad.sxp.smartclip.net tcp
SE 23.34.233.189:443 ad.yieldlab.net tcp
US 52.72.151.87:443 sync.ipredictive.com tcp
US 8.8.8.8:53 dsp-ap.eskimi.com udp
NL 193.0.160.131:443 p.rfihub.com tcp
IE 52.210.242.228:443 match.prod.bidr.io tcp
US 8.8.8.8:53 tr.blismedia.com udp
US 8.8.8.8:53 openx2-match.dotomi.com udp
US 34.96.105.8:443 tr.blismedia.com tcp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
US 8.8.8.8:53 101.194.186.35.in-addr.arpa udp
US 8.8.8.8:53 189.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 8.105.96.34.in-addr.arpa udp
US 8.8.8.8:53 48.63.42.188.in-addr.arpa udp
US 35.186.194.101:443 ad.sxp.smartclip.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 fw.adsafeprotected.com udp
IE 52.18.18.165:443 fw.adsafeprotected.com tcp
IE 3.253.169.168:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 80.77.87.166:443 cs.admanmedia.com tcp
US 8.8.8.8:53 google.com udp
FR 172.217.18.206:443 google.com udp
FR 172.217.18.206:443 google.com tcp
BE 2.21.16.25:443 contextual.media.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
GB 74.125.105.138:443 r5---sn-aigl6nsr.c.2mdn.net udp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 34.149.50.64:443 s.seedtag.com udp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 ssp-sync.criteo.com udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
NL 185.89.210.141:443 secure.adnxs.com tcp
US 8.8.8.8:53 7.1.250.178.in-addr.arpa udp
FR 142.250.178.142:443 www.youtube.com udp
FR 142.250.178.142:443 www.youtube.com tcp
FR 172.217.18.206:443 google.com udp
FR 172.217.18.206:443 google.com udp
US 8.8.8.8:53 flow.lavasoft.com udp
US 104.16.148.130:443 flow.lavasoft.com tcp
FR 142.250.75.226:443 ade.googlesyndication.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
FR 142.250.178.142:443 www.youtube.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
US 8.8.8.8:53 e2c33.gcp.gvt2.com udp
JP 35.213.86.143:443 e2c33.gcp.gvt2.com tcp
JP 35.213.86.143:443 e2c33.gcp.gvt2.com tcp
US 8.8.8.8:53 143.86.213.35.in-addr.arpa udp
FR 142.250.75.226:443 ade.googlesyndication.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 216.58.215.35:443 beacons.gvt2.com udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 sub.got-to-be.net udp
DE 157.90.33.68:443 sub.got-to-be.net tcp
DE 157.90.33.68:443 sub.got-to-be.net tcp
US 8.8.8.8:53 go-g3t-msg.com udp
DE 178.63.248.53:443 go-g3t-msg.com tcp
US 8.8.8.8:53 68.33.90.157.in-addr.arpa udp
FR 142.250.201.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c9.gcp.gvt2.com udp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
US 8.8.8.8:53 154.114.101.34.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 216.58.215.35:443 beacons.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Temp\gentee00\gentee.dll

MD5 30439e079a3d603c461d2c2f4f8cb064
SHA1 aaf470f6bd8deadedbc31adf17035041176c6134
SHA256 d6d0535175fb2302e5b5a498119823c37f6bddff4ab24f551aa7e038c343077a
SHA512 607a81be02bde679aff45770e2fd5c2471d64439fdb23c3e494aed98970131e5d677e1eba3b7b36fca5b8d5b99580856bb8cf1806139c9f73693afb512126b9e

C:\Users\Admin\AppData\Local\Temp\gentee00\guig.dll

MD5 f78ee6369ada1fb02b776498146cc903
SHA1 d5ba66acdab6a48327c76796d28be1e02643a129
SHA256 f1073319d4868d38e0ae983ad42a00cdc53be93b31275b4b55af676976c1aa3f
SHA512 88cff3e58cf66c3f2b5b3a65b8b9f9e8ac011e1bd6025cadadb0f765f062cb3d608c23c2d3832f89ada0b7681170dce1ee4a0b8b873e84135756d14ba8c69fa9

\??\pipe\crashpad_3172_FAHKDJGNGYVZUXYG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 add520996e437bff5d081315da187fbf
SHA1 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
SHA256 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
SHA512 2220fa232537d339784d7cd999b1f617100acdea7184073e6a64ea4e55db629f85bfa70ffda1dc2fd32bdc254f5856eeeb87d969476a2e36b5973d2f0eb86497

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e04b5ac8a0076f31dcb83140658cbecf
SHA1 fb3bcb82e3fd2c506b6b8fce508c317447eca2dd
SHA256 6c20de2ea22706e08da00dd2c29b482b360c78ac1a05ddcd92636e105925e938
SHA512 03195307939939a976d1c177199b020d0e71264d8ec0f62a1d2d957e2cb195606218de812acea7ddea58f25d1d8382086b8a4ccb292e6af66fb8517858989a4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07c0109700400be024ae09f57b33eabd
SHA1 a566596748f1ef4b93ed52c253e86e4ade650578
SHA256 3fc6243fbcbc497b51015f90c34c2c91e6ff8d23449d25274cd641d63ddae83d
SHA512 1c9a2701cf7558fc620ce3e8f4c18424c45d9b76e6222903775a9986a4452760987af0a84fdf41f5c150d9e0965d17d21a85e8853e5e264788421847baac9311

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 30b7a99effd9496ab54921c4eaed336a
SHA1 4efe3b2ac9e93f5121a8f9d8edd6f9e29cb99f42
SHA256 ccfdf3822f7c06a6c164de01754ca5d0f7685f31c0c8b3cbffb476f2abc552ed
SHA512 7582b23fd2cd398cfb7bb8c0a33219d9fc08b42bc34a85af0d63b2bb3314af11913dc4f6a6a4e743f28d518bd57cf7670382a5f83ac5bd5368b92879d523df27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 b6ea7b6e34d64fb8b57c16ea1de29115
SHA1 ed655ee653887341a83273ca42995dfca7ce9fd1
SHA256 37aac6109e4c0f711bd6fbe1bbce2099761fa7d7e76de9ccc4ee6f5bd98ccb13
SHA512 d6acb8f8814a7ded95764c187f93fa72fc8363b93ed625487400025a5b511c3e708b311a0baa904236e689fa412d6d2ce0f847767561b28b6d2dae6ce036fdfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3172_1516988267\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3172_109624275\Shortcuts Menu Icons\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3172_109624275\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ad809886b5908ee5a4538885dfbf3bfc
SHA1 60c8c96aa4207e09bf331f92f1a1d9c72f3517ef
SHA256 646ecced6af77b16fdc53d15ba21389d83f2f943b4ac3bf1575292be52b61188
SHA512 9c5c32984fbdd7265a3176aa67cfd92df33c19e90d6c6c7530b173ffd2ccdf464e3abc5fc5045362bd028e144c2fa5871e18d9c61c8075b270b5ab59943f77e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c5a050d9ebd6bc904591843f7a5bf56
SHA1 6ecdf8e1eb93afbb7aecb9fabd3ab9765381d35e
SHA256 8cbaf118e6dd035ad89c2a9b1ac839aaac339cbffda07aabc068bddc73462bdb
SHA512 2ddcece2e1fdf4912f80770404600ac2ca65a6bb54721dba2de77ec524ca59fece7886ee2952421bd2293d24bf5dd3fcd50dd06b57bcb61b2e637cc267557551

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0b9ad6b4ac37b7b85a6672df3bafecc5
SHA1 232ae8f3a4748b3458a534d26145cabb87725d76
SHA256 a47939175e55e249ff985112d18e29e04a65325d7390af8dd03995b4aa718add
SHA512 c0574167ba2d40fe7febc7e0f8c1001e516d076640beaaf2810b8abac8bef806abc5fbd7457333a35ac712f8ecb880aff9923fe5413e00964dc18565c9d1d077

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c17b.TMP

MD5 592b100d68ec0df0d5475b0241a96a6f
SHA1 f5d9463a9671d188a482fa0f600b0c19b3515b19
SHA256 0c5b614a23fafcf9a82f49961c62bc9c557bacf5e864823e283e90e702c9cb0e
SHA512 348a9bc0670dd88d6455ed4d5105015e5aa1c9021d3267b250d979b93097b635928b463b111642707b3f8a81d6b820c8806757123aad0429a9f29349c588644e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dfffadd4cb9efde20e14ce7785fc4b61
SHA1 8e80d3ca0fa2b4dbccab40345ba06752f307692b
SHA256 4ae7165518b4a527f1b64ae7ce2eaf3fe5dd2287ae89e57b580edab1a2fa8fae
SHA512 65709379e2d2020b9f99f4ac26a4babe448e5e6e048e7b706530f9b3412154171f4865727d384012faba821e7e29a269fb18e680cdfa8fa5eeeb21e8db366d37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 60e4b21e01cc8dc966a03f73ce67f3b1
SHA1 f677476b728b62c51a33420430faf765fc2fdb04
SHA256 b189ec6b80322d5167a45020e31d458bc3e94c5415d0261a1dabfd61bbd50695
SHA512 dc06208aa3149289eb43d37e40dc095654015c70eb0841712973e7fe05a5251ea7abffaf86f63dd6ad4652d20cf0d31e65b9f95def823c56cdcbdf7d33fde8d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index~RFe57d736.TMP

MD5 0f66bdc7fceed516a8f07336976459ad
SHA1 a48f767ab6570c27eb643287f004ad27c689c048
SHA256 4d219d171a9acdd325d1f1d359fa3c9873d04a4f2e6eda3d8746eb2c03f5bf01
SHA512 43f7bdcc282bb111b59ecc2a081a01aa9326aa4b8a3af83f62dcb26ebc6c1c2bf1ed55acf7116a0d5888774606f62b8b619024b2e7b35dfdadaf762d3088dea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 f0d81b309d4441d6dc22bdcb9e9e7d01
SHA1 77e7510fd01735991f8eb242a8a20acf5c7326d6
SHA256 90b890766ed0dfc173b119f625e4bde7785d509a76d27354148bf0a80a09889c
SHA512 79d3758017eb11ff478e0c258405aeb66eeef77b6041689708667948c85c1ff27688491eb8fd7efba3e5d392e299c055b3ae54fd212a0f5caaca3d91c425829e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6e2814a85ccc156afed791dfc1a3c74a
SHA1 d290fbccb61f59688bf73e1153fbecc92517088a
SHA256 d96f8068acc392142f75fe75478f84238895ad3fbad6c537fbd965937e71a43e
SHA512 7bc0fa88837beec4a35d19c88173d5ef664075f11671b5d119dd0cae2429ae8f8f1f71861f7dcfef9e54935061b2582c60c4182be6c6262d569af71570569a69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0ae3c8a-d5c2-4f8c-9071-0fa4422d2a02\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c3cf146f77663dbbb00f636038190918
SHA1 9170b505ec6c5577e9b0236bc3760d3e616e45b5
SHA256 973def26e188a45f7b5b00f983e9bbe4144580202267a5fe991b49800318d3de
SHA512 831e48e31e6943dc91a7e446666887a90a74895bba2915134f7312b30c168e26f737a7a191f28eacf5ae1f325db7a6503c63593e612cb241133377a8026d4c15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 02690731fd41de229aa463e36ba8669a
SHA1 ded7048e07e5b1d80c8f46e6431a4541aabdadab
SHA256 3ee4906ee030eab29913c3d7fb27035f353e2d787f9bb85fddc7fc1741a13549
SHA512 96bc8120983ed149d1a091aae55d75dc1654164fb22e0d9d43a38ccf62012a217eee3475792eebf44fbe2fc5054d87b0f74dea217104b923278ab88554d5e1fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 c758a89dcfa620f9bc138930fe891ca9
SHA1 f68be6d49724806db8f0fe1305e6d573d21b47ef
SHA256 c7807a5a766842371b12966dda2640923bfce3e17b06e553c4057dd5ac7364b4
SHA512 1d0f2b06adaeedc53d8519a88d354af6f3918119ce03edc9133eb037a03beaac2f3970dae333b64abe46936a89bc66bec0ec3fe764029982f43698fdca311490

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51681a8d9c742d533ef78e2f28bf6325
SHA1 0472788949ad3311b27752cf67914479a54d66c7
SHA256 9b3054904e28929eb3383c40b62de05d4b4d1981db0c5528529dc4c4e2d2c3ed
SHA512 6818681cdafca0de357e88d5db9fd4f919e4f2f69d853ff2a073535ec592845623ea760fd3f3de4ec2f5f5823a5cebbca8f8cd3c2e356824d968a9fa2b5577e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 b5b483d38f560264bde7c9bad48e6463
SHA1 29d83f6105125b84ec9fbefcfc3fee2bea63ad7c
SHA256 35d47d81c0c908c38beec80690b9a405dd4803c2c50b686a243a70faac4ebef5
SHA512 cbabdaaadc46a472d5bfe83da7d0c2c7a9a77d4bf3fa57e91314434b59a84d587a26fb44d1d2d57944bd39619c099af7ebd77d42e0899d282780d3d951b13f63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 f69ec88aaf8e4e6c8757a523eca2a6bd
SHA1 23c42b75e088886466fca7dc0295d0e3ff20568c
SHA256 a8ac8c6c9cae5af31953ff6be9933f5317856ed2305a921928ce21f87958f43e
SHA512 2b08955a87cd41a5cb97673eb086bad6049d388131813494f551d97ee95d5899a4dc4f9f3820f9a56c759cccf442ceda2c14eb10be440015aebb59cde48d5aa2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f23f.TMP

MD5 c7512be030a6d3b885717ccd227e9970
SHA1 3eff6d88c2618a8ab5d2dffb64715f7ca8c8d369
SHA256 cb272889549c9d5dd677901572a292783ceb7a7a5fc40c1daa2bddf2af9da67e
SHA512 a603eaed5de1102fbd344d9a112758f422bc07cd86e2c7abd6b47d88d0e0b4cea26de34986dfc040287b16faa08b559f9cacaf53a3d287042d9b22251c8c15b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 0e31e86072dbaf030d9c7b81444baed6
SHA1 87f978ed3eda4ed66b8ed60bd26386e5a9fe1a10
SHA256 55bb3c8e9e633b2c4848b3e5d59180b3a8ff10eae960a793bc342d7da0c2a1b6
SHA512 dec6eb5d1d9efe178c1f1134c28e39fe0b374a6819a706d86d8e3dbef774573795862a2a4b7a85a8f7a602fbc35ff4b4114584537bad63bc1f21c70fd761f6c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ab59f92c0322224d7bd8ec35c88c222
SHA1 ca899f97acd9ca91d0ba2572e8d18995c66f6dc7
SHA256 3407530399f73628652d8ee347a4eb597a01c0e1316904ecde069616e98091e0
SHA512 5fd7550b9464b16d4290f0bfe306b36c8e5d95bb6baea56dfde71df2216e536f2eb6ae59f70b64fd6e5c2332070ea1c5cbe337dfa299206a492741fd81e3d155

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb0c90f9676b5f3aff364be833deb573
SHA1 3e6260766aa6a90f29be61f30a4d7965f78442bd
SHA256 05807c3a3c9acaf6fa2853c22f8669a0603da5e86d9c2a5afcb0aebc039317a9
SHA512 c393a2abd840d5940ec628328fa9b92541e70ec418ba3b1fb2c39d1201c3e7f9e020ff3851c9ff51dd4fb8893933561204d97dd023a26d86a22678817fbdb606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 571a24ddfb2e0f917ec3c713081c78c8
SHA1 26c741c01dad384bacf436c1760374a08f866067
SHA256 7689abd9bb8254222ca7077d97d7b4f898bac73eeaed5aa64ee514b58e5494e9
SHA512 31be35521cd2737df9c104d7ae7f37716a282a652f041784011f455f15a37fdebdc5204370169b6e27e1a4bf9510dc3b12e53096e4f5cc227261ec3cd83843c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 bb1a604a6ef4c5c0e30a01cf7884cc2e
SHA1 0d90f31be9892500f8fb3133ce2ff351e1f1194c
SHA256 ec2d9a163f7b16696548af6e3ddc62128bf5831716eead2b822465fd24d82fb8
SHA512 d8f1f338487c13801577d693f33b8fcad97d1ec19635630929af3f1f4c359aa90a401a71e457acf794a996eaf0ff4fa71c1fd0bb522cef60e836f04527687834

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58341b.TMP

MD5 a92b075f92e9e4de08d497d7d8cf9132
SHA1 c8f3898587ac09836fc9a890635813d7495d0877
SHA256 23908717c1296d9d0bb09c6178065d9457a20ee2994038a0e93f086b69e0e4d7
SHA512 b87ca8d058bf7aa243fb83ee7c3ce18b67a9f6ae3862887331b678c1cd0a2ad56274a316abade23a9ae2d1f2eb257219b07eca742208886b609b3efd6f815e85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\index-dir\the-real-index

MD5 809715623d1891a018db497f07ee9844
SHA1 d84fe941e806c57fb5a6828d1da0415a07fdc591
SHA256 97c7ffdf1f4508dae8de35a1337094cb08971d7e6efe31a3aaa61f0381e488b3
SHA512 e965c9cec450aca8673f9998c271b71a470a868dc5fa0f8e580617d8d0de707a56a5fc0efddb0c1fe0c3deb5e313d5772b484d5e20e3609923ecf53ea02b399b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\index-dir\the-real-index~RFe584050.TMP

MD5 2fe02c1b85174be28c3a8e08b3b2c2a3
SHA1 0643c237b03090d88055fca5028b16de9a61a250
SHA256 5e22a6940bd3fb6e1cb47ce3422c9163a28d95d8dcc25560190310874a8fc32d
SHA512 9ab5338f11b2fd78558b1157679937f8ac42d2f4109ab811efef58a696106435fd1674e8c77da672cff7eb1cb43f4a13869a6dd7cb457da1d518ebea02f0ab15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bdea5aa24c7ab79cbf25fe920e11b1af
SHA1 32993a6c1f715ae1f09663a9eb563ca1cdd5d512
SHA256 e5c356bbc561c4b7860abc98287162434f6e7d77a7859566c9640484894afe19
SHA512 b106dc7a2d5e891dcd80828c998e4c2aaca85cae3631490968e355efccdd6454cd42bdc4b5afb85a00221b92046000959af0618e197a153f8d2036c6b5847887

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a4753191b9fa1e6bed5c8365adeef809
SHA1 c291e43c56f0d1bee15a2d462768d3b0b08df4ec
SHA256 b686b57015f6420717f955065336d5975cf8a98a32d16351b1594eee410833ea
SHA512 8b4efdb1ee271198814810dd176b1813464316194e6a330f9d1f0485d8253890fbee5b4bdf6df23970ca65cca0502a9e3ad9ecdd750e3cf9447a6ee936d6eacc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 988f6b3295f22bc92a91854ab513eef6
SHA1 be1638133e2a8fe08124c4400740ca68d30a0f98
SHA256 f382bebc971e8d0551f350d88ab0b85c779fed13441bac086b076ab92cc16647
SHA512 462e3e25c3063ccc2a9271dd3a012ff6380b7b403b0c3e80619613b61ccf5755531728c5b29df2af2e58e7987c91520379b86565eb31dfb22425464a50d7030a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3917726f37e0d7199af1c5beed6c4ad1
SHA1 3913a7be295e8be81feb309fee9470d8449835cb
SHA256 40d895d35c67629d081885a190cf28d4489823958200ab790e80ef3aa55baad5
SHA512 cd1aa6f0d24c28d4e003ddfa9cfc1f7979280c3ae62bbb01a4e256d7f4524edae0c332af2058e3d9f15f7e7f439d0b1740b5bb60dc258c210726a0a2826a1ed4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 bddefc97e6c4205a83793c5948c7560f
SHA1 846e5cf21d8643e57f2b007b25821b01d61c5e46
SHA256 6e88b3adb99bd5cf093547e867cfd8d0975b986b329450704c56fc4bac30fec5
SHA512 c192a3887217833f43c107cb5eed1926a389d57383cf96f19c4ccef081c5c0f6ac669b5bf2eac829e6a973c6d2803ed941f6c3eb4e6d4154b2b099d56091e4f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8866946980925c3d754d069cc4e2ea03
SHA1 2fba667b643c1dedc5016d37592f8ddabf3f6cac
SHA256 42d3771f52268a847e32e33b4210f8fa1d3e2a646aacedfa2a9561796b184c53
SHA512 4d9c155b8da55cb065c98f167db241992974b23d4ea48e8e84272f4235f1a1442d09b105a393d2a40232c1e73a161a3119e163d3606fee9f698ea6e30f9b3487

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4617a97fcb02f74cf8157b09a63cae64
SHA1 cee4c3e5be59a14d2c065031b3c483e43066a311
SHA256 a37f2935a29dd0789418e1c695b5eeedb147ea42cb6735578646e311e6b18da7
SHA512 734bdd882769f45475767a82e07c74354f7610f5a99653846c555a97b6097284d9e1bc4339d08d5345906aeb215aa77ab9c2930772331457cdb7d52ff2628e77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ead5e770bd606ef6ece0e1174287019f
SHA1 e4033d485034bcfc8fb554a902095583eb1b87c3
SHA256 c1a71aa322393ba7251679c9a69cfc7dc869b18166acc42156f981fdf7438afb
SHA512 1bfa422f1fffbdc45cdd7e89d682c43e260543e2d959846c44ce47809bbc0bf0c94bfa0e9c29876442a5051421abce96eba1bb17318a7a2f42c789bde2143c23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 92817c7dffc3d1c2fb5476f433479762
SHA1 d70ba8d60d4e757a37eac1bad1728d7e0f49edf8
SHA256 33cbf025c82c6d9baee8c580f51d3a3c35cab1ef5b331018c9b69e98deefbb83
SHA512 56563b64d950517915e061f46136e25d6c4de6188e388d9a56556bf8ee7776cf1c30fd6a6110e87ce0d668a3c12ef28e25c7a7107913042839f8a4b15bcf9da2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32cc6932e1261b7b3694955507a6e6e6
SHA1 ec3a0bd53eb19a9bae694970b97fd240b79c8a7a
SHA256 64a52f4c69b8d3aacbbbc7125e5fe1526de737254302ff79577fe9d98d05c7db
SHA512 a25c186bf6ff3121d6926e6974a46840245fbb09e77179e0a12baf6f533abedb93bdd33a76c1c3b4e6c7f5177672df7091b2ee2a921495f735fdbe53e443957c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a943550ad86b8adde82367a35436981
SHA1 b39d83a98af70776fe213e2ed391920e91daa40b
SHA256 55cab6d97ceb7b2e50888fdb7a666e40aacd90587ffcb72da8ce7417871bd532
SHA512 165cca508d985fe53c45c42cc42cad291004f4ccf0418e9124cb8e41be101a64588089e19b1039ee9dd7b2b3a3992865f97ac027ea46d71d182126a7aa4079fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 beaf5b5b2391b4e32aa230edbb77f9c3
SHA1 b2d6ed1f1c743d90f020ac29f7519d6f6e395028
SHA256 034a9fae06ad9decd9824683657f3c88a31b3d8add0b4842dfa22b50f34cea42
SHA512 5f535aac1e68d046ff25112f41b2fced0cd1dd0e8812f2f5e24a9e3e6bcfe8cba6152ac11d7d8ead6934b4e785cc7d9b6b81c3d20b252eb56cdf2aee75203b34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd7b2bf19c21762d9208ac7110074a13
SHA1 ba88839910aad34656a5fb619683a2762b4a7a0d
SHA256 21e3bba9475b86aea32b7f18e09823f916167566c0785f536f2249de628203cf
SHA512 19791f3c7c65a7a2330bcb65dc00302066749dd4d111ac857273fdca58dd9385f5b3aad660fd852ded3beaf390b396f4a5f3cee668acc0b2b3f3ad144faa8ee3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 2b93b22ef8b191766cdb024b696c000e
SHA1 99daea16caa676703fe187f94ecced3a0ea5c69e
SHA256 1158985d2b023e18b4bb63db449aacde7fd6bc112d237206ba0a4254b3b41084
SHA512 7f414b802c388736e8f9e613cf80a32468697302e50af7f432a2275f53d988fa24c4158a9d1d69b2f96d424e94206fda45c02d092aba42fc8158c2a795ff1026

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

MD5 be82c216990b823f73124418225b4a80
SHA1 eea0b147228f53b75877e32a51acec674c50c813
SHA256 d0b0236c0e1e660be14d50b0d056d976d38f8f573ba79b145fd24516bcc65851
SHA512 00016aa870ac171e0d6bbbc8978c8a6ad94299d31571450fa84e1728aa17eb3babbd852624966c0ec482346b50a64ba802b543cbe4f9eaf142929f3a0f1bdc61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 5ce7bdeeea547dc5e395554f1de0b179
SHA1 3dba53fa4da7c828a468d17abc09b265b664078a
SHA256 675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9
SHA512 0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b3209b6eb3b56bed38f7468cc18310a
SHA1 9b2b582976c8f98ef4f681a3e4ccbeb8e909a651
SHA256 01f47ab1870ba3b5f97f070da91adbc24322112dda44db6c027f18b526b25725
SHA512 05a02731b0bbb3cc2441bc12322e8205d2210bc53fc66ba32e13226570606fb7808f7f75c793e172699615f62d20453a5883ee3eb0f40e24358c22d65517fdfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5249f4e242446189820cdb9f54625b3a
SHA1 3a66a865961b8bb35539e71581193851042aee01
SHA256 9dd840445c0ef80f309db5ff310c06f28750f421cb67e0eef00d67283e20c22c
SHA512 9674a15b19916feee811cda2de6001a7084f825eff4c3d25dbcc1cfb4bf78951e209986d12b15fcc2b3f1d0984aa970d8b18c9f5bd5d51d1014083bedff6764c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d1e54309e0200ccab5b9047b05d5c7d
SHA1 4affc2edd41bbfbeaea733c22c8527221060e9d9
SHA256 922fa73000200a62b1d84993cb037163757fd9f13b9630c3c0178a40a86c20da
SHA512 2cc69288a79dc6f80c3bc5c83f3f1a637a444eab392d443a46a7bb313577df6390faee156c5de0d20b586dd0dfb27dcb8301a00ef75281f128d8d6a9c89975a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

MD5 80b654ce97922793f0ba65eef9460504
SHA1 4d9c8ee0f4046505655513161e006e9b1564f178
SHA256 1fffece56e8c86c14a99d17897e0fd2173d673b954dd3727e2f26de542ac3289
SHA512 a7417350d58d0984b266d850216b50c6c8a22bf77249112a9e1fc15e9d0c5e8f0b72aa9659c59a9620aed4568fbfbf9ec0db7d7f7ea8aa29d59880520c684dd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\4bd9781ff901ac21_0

MD5 e8da5a2db834f875b508e0c0f5908bcf
SHA1 8b5d843539d2fdabd1517bf1de12de868c6b3f1e
SHA256 894a3780c54256e18dd2dfa5614151bea4171b0c847e42547ca6c1cccfbd4375
SHA512 ecc6e92399378e4cfc7f08215241a5a003375ccee0fe345fb8f473be39c63ede0a11159dba7b7d8a84eb8158bba84d485c5fbbff8366d7fad9b1a8df7f21407f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b5c0409f8ad4ce7c32407cc1ed7bb05f
SHA1 fa4e30d0702707f1cd754ed18df665666be95e04
SHA256 30b3876076ede1e30e7aad80059a048140fe4b3856586a9bcb9486b03fe11cd5
SHA512 2bcf0da80410d3676b8cb0c19824c33f82846bb4c30b53d2c888c9c55f8551ff1ef5b6f184db59627eded7579649fbd9a6f3e030786999ed92d8e1f415de0ca8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\c9954172506005af_1

MD5 d14bbc8c9a22f7627ab7423a10b91b47
SHA1 32b2cf48106016d1338321441fdfe9e92d280d81
SHA256 59e81ea58be83368aff89e9fdf651cfc93d6c3df861394b8718efb3e4ef194c0
SHA512 09e7a9260f79860f79cf0e6a12ded2a9d2d5c68c6d34ed48c2ca8d405d591a2ed20002e3715053750c9bc59c7a670d4651e0f548310b4056e37efb543d24ac12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\c9954172506005af_0

MD5 2094ae1e4332a7b26d0a2b7ae0f75a0c
SHA1 1d9d956d1a2166d5e268d1436f90af81fed9797b
SHA256 b164f9d05c49daec311b0d7bab87914e86cf39f15fd99b3237d65ff7f59466e6
SHA512 19dc886817c895d0a47a26dad7ab8cdde0d7861fb9c5d08c18939de29326011f64163220fb8b972c1f2b1fa1b1b6c6d5d1a6591d90d903cb4f30cca2803a5804

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 f7c5b8b5036e3fec8c524b319e11a830
SHA1 3746e6f2792219b8e2b90e0fa1b190cb2965203c
SHA256 e7a975268db55a370686b913e25044b1f288427ef28625b0e01bd92a25978c04
SHA512 a64a0e89afe14164ad3d2ee85e86cb4cf25a42139e0bffd82243ec903814728a30b577178a695e4bd66a73f3574f308071a0eb81c72b428ee1e5a5606a37eeba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 d83e5432ddc0818a384eb625d876075c
SHA1 62557065c53bd5ff3dd64f94e174950787b91714
SHA256 d7b3cfddaa4944113949cf2d5206248f399f8e0e3a53d426accedb5b1c8bc992
SHA512 a098108bb7b041cffe8ef6fbd5f60bf932fe334002e031475ac18f0afbbd4916a9d840cf729d74803b9a9a2804f8be8dd994d46d2f5c5ee435f915ed98fedae5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6df49f091bbe9d8be2bcdde021d0d455
SHA1 92811f4d2ff4b7df88503ee16fd16d5d96837dd4
SHA256 5c51e379eb2b3f12ff0e7b0d1e25fd36f8ac87e8638b40d27e18a8caeb7c900e
SHA512 4fbb47f72cd54e28c392fe65893db394a5bb2d8677f09d388ae0f9485b5ac8e55783f0450a7967d2835b4126221f5b0d2a7b14f07b7e80d17d5a15f25e4c761f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fb8d2c4e-10ac-4c08-a465-5db25518f7a4.tmp

MD5 8334921362159e904ed743e9c6f625b4
SHA1 c03a2ec0a9da0cb22514b55cec6d83857aacf11d
SHA256 311d44e3663f35d8aac8518c7a8c12b17e536abd74926005e4ea9987a24266e2
SHA512 56e3f4f490975bffdbfe9909afaf91f1820aa671285b0f0482c6fe9ce5572f43423a166e6c7eaafa731f7dd5dfd721f3b28aa9bfef331e6bc53e12282df40a21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 55f22dcb0e03bab7526a3d21c93d7a17
SHA1 a9f09787408c68be9b57bc12eb9aa93baef24b56
SHA256 4e4ce5ef837512e047cbdd318ccb03c33904abc94d44a2570775878b40c27564
SHA512 530b1bef270c85c3a07fb212fab003a33c31b1d596fe9b7df191bcf27135715712c09eff21090037cb42e48bd4cd236a5112dcb7f3371d4ffcd354a024b733fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53dee0bc54470c08cb9484769466c574
SHA1 24e906e818c51c9d5aadd6df551dff4320f9cf61
SHA256 72f575c539eb5b792233620d1fa276856b6f5c2e4f67b379a294d1e215248ad8
SHA512 8b375d4c088e06f06a029ab4d6bb9f7f5700cb113a0752c479cab463b17b2f2fa698665194eafb6ba70ab3a3220ad6c44f558d7beb948c1248a347992a36fdb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5dc77d043979bbe7ea70330798630862
SHA1 4db3bf62e7d2d2c1354166df520b0cd62d84836b
SHA256 8fbb234657b0770daadb8a83d6e1232aef1343d03844da259e0c710d0df741c3
SHA512 f70a5f7490d0cbd72c3f8b97c04f53cd5c7c9db6c321fbc4d68bd9353008abe79a51620dc69e4bafae6977e63500e4732b79fc3d5807cf814520cb95afff2c45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\e4a421533e7afee0_0

MD5 81c145f89cd06fd92f6b5d1efd56263b
SHA1 5ef73995b825ea77b94c623235f264f10c37be78
SHA256 8019bf54fc8ef78f3d0faddd40542606481a4c73d005f6db45e0677a667403f3
SHA512 bf5ec92617ba73e06b74d6cb49f3f32832ded85554b2dba23c5334598fbafe277d7f84b94dba1dae492b0466dc22d0d0d7dfca8a9fa3893b9c70a52f1d56c4aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c5ddef0d4ea107f8a91ac927700b8ad0
SHA1 ca90d7fa25c97370c06deaa60e59f75995115fd7
SHA256 b6ba8d61241edf7c11801162eaefdb60e77dae84745444a3d27b9f20815c1554
SHA512 b5d3476fdae19436483aa91f8690830ca2db2c0f1bf43aec69229f5253047672c3c3500f524e8e4dc02f028f6e859a44a840a240ed345863e2d2cb5c1fb61e97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 856280a561c1b2221e886ee785b17042
SHA1 f5a755d993d2b32e6212dcf3e994dab67035dfb6
SHA256 fe304a5c17b73e538bab6656f640c8237af1fec9eb39bda7112438535868d0c9
SHA512 1697422d9d3676c235d7ace868c308fad7e2d69043df7537b4d04bc51465009fc22e17f5939c860d359148bb7b95d7b31326d6f10a128ff9962a6175b5fb64b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 fa769f03b66251030e93e3a81de55992
SHA1 5b456356ca1fd253b196cbae614afbc5d153b16f
SHA256 cf943bc7d56a459c2ba826cbc7d62a894b98de5e6883329278eb1663f3e8da6c
SHA512 6d0fc92858155445b4e8e1869a0180cf7f89b8e35e7b8ab1a5859bee2dc3a098c63e584024c090fece98fb58a9e88bf51c46bd2842388874c41f6613de43a470

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 f0120beca98d53a0a242a6aa076391eb
SHA1 7a940c44a9476cc49fbc738dd969b711bd368d91
SHA256 be7c02830901f4f8b5ee9a0bf7cb6f5b213220f6bce92652e26bed72691ff4d6
SHA512 454983b426037f134f719eb566b0c5f4dc768698b89f79ac7d751c3718bbeca906bab6c09cd945f5b78ebfe1a02edbef917566d9e5a58f7faf89a65e570e5852

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 29573bb8f91448aca28673d17e16d43e
SHA1 f7ed40abc6efb0128d01408ac35d831f837b0982
SHA256 e320f475214283989aaae503e2e07cd9527514f78ce7a7dff00ae7e75951800b
SHA512 ed6e2f9f25ec82d8e59cb5e5215780cf6511159e68416452aca1b97e9583dc6d17903d4dba7539159d80c6aa8d88693c87b011b1922a1784f184502043dc853e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2398997b8abe6fc47e46c7c66285aa4
SHA1 71fbbd2b14740c96254151263e11b9a4a5813aee
SHA256 7cd619a846d6ea8569ab43feb70e6c05feffc644b9a8db9e2572b605bc001430
SHA512 5542307a9d7c20ed551acbadbd9a044a36f91f8b582299755618eac692bb37ddf96d138199d2d01f919cc36ba23dccc8e96938b2b08d501ab7e49792023cecd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6199191e91426af0bb5b8a13943e3e0f
SHA1 5ddfde4aa34edce2280ecfee12027e4394bd2132
SHA256 6a16fcf2d7b826e7c90d46e9b57e0a983e9816ae1824bfc2678bb644aff6d0e5
SHA512 aa2526b0c03ec5f85a6fdfe4e3175e69770b0d799174e6ecc3dacf72ea59f914aa0cc1f304e498ea1acc7829672ea9b3937bff6b2f4894334f989d7913aa9b66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\index-dir\the-real-index

MD5 64059af18241d3de6b166fa41ca5e962
SHA1 d4b61926177f1a439fb6c7d4e29f4bbc8befbc5d
SHA256 106b4d7c07fcc78520418aae81401b733b9b221fdb624ea0b60a19efe1c4faba
SHA512 5824c98d0543c6a7271de7c193a274e018a35d90436ca7bb3e25163a0de61c2fc21c1ae8a10213222dcf6d7830c21e0d83ae3899c97a98904ea1b8ace07063cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d4a85554b807af773c2e4b183d352e5a
SHA1 d345e390c08d2bc5ec62bed7cf35006b15968e8a
SHA256 1aa7c32d484fabe589ceb4e9cde47ed8f542960eb4def8b4c050e78d0ff666a5
SHA512 e10f2714c289c044d6c43978880d5beb18c8703204bd479a7fcbd58c61b7d1e6f037a068c7b2b69c4c40b7cdaf181ec2dc0b1326cd18cf967b4f5aa94e9829b3

C:\Users\Admin\Downloads\Unconfirmed 409034.crdownload

MD5 00f93a78b4e447c8d80e588878b8d99e
SHA1 ac1508d0de07079acc7a12fc45885456305766b2
SHA256 270453aada7a064e133890794e84270599723b3bfa0121104abdad1a79a13b7b
SHA512 ee56a5964bd07eb5650c840e9300ea1034061ed8dca16d8ec50c1a76f3d7ac34b8a98264143c847b52bf9f129927098cf4fe6439e846c3dacc4fd05c19b52b28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df3e640997ea0e87_0

MD5 9a9a554b83dd1719357be4f8cf5e59c4
SHA1 71cbb1daf4a0911d750d7b12c727c504311d9e7e
SHA256 1db336e13ab01394c92ed86a67768e94aaed5ad24e26ef2c8db164dc04e86380
SHA512 2e7259ad236750b142ac6bd1c19d14cedab936a4000b44db8e198ccfe15e09d82ac8a746babed440d19e764f070e2a26d7e2c456634d711f806f5872d0dd41e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c723e7510eb723e_0

MD5 10b741a12ac7647b19ecb1e91de20aa0
SHA1 fdb60324e237a2e70754e9d2c2454ee384c73099
SHA256 466627e6a631a5afdbb810575c31e41196ed54f0b0a4e38d1ce03cf5d9ede08a
SHA512 21a9b827bc8ae92a54abd869923d1363e569136972a13e7018ea25bbcfc7e60210ce50cfc087ed93a4dca1c49b1d413cfa2d79b61c195f119cad80568fac9b0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071

MD5 97f199034162b1283dbbbfb994def15a
SHA1 539f1d9814baa54fd3425ec0139f3cfa932301ab
SHA256 3cc79470f85abf02f16c22e1ab349ea126a5d6d1a2da8d302155e0dbc26f0d7e
SHA512 ba709e9f101f44349e356d0d2c126a7eb07b6400d4c2ed5710caa4dbeb5fb33788b162f3b96d6ec2e1957d14229ff17af3be8606740998bc4ab82f153bfadf2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3d87a7b189e0088e313f0573b5ccb43f
SHA1 3ab28a5302de4b97b576568662e44e34ef38f2c8
SHA256 c31e4a649d97fa19f7fb0eb205f3986ddbb2a765602d413587fb38bc1888b23b
SHA512 9472c17586c2ce90436e27824b83e66c694eb932381ca9ca32e926ab6370b4de7551123adca6d697436bd4c3205063dc8aaf476fe5eab13832a3ebb279f0ed9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

MD5 2bbac603970ccf8982974008c2c63064
SHA1 59a6fe49897156ee7f6fccca4d1ae84a60978cab
SHA256 55ac51b49b1c479edde63ee72deed7e8e9540126167157ceea94b7e56508a825
SHA512 139d0d184a4b2d31e52a40f544c1bbcf0387d716797ba8fc1580184d494e443a8e8ab2b1fad5d47c3887e3ed2e5f20052b7b973f5b180694335cb73f36477aad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

MD5 ed3006e295545702dbb5fd6bab080857
SHA1 42948583f6a1e5176e08a7eaa9696d4016db171b
SHA256 c6e1844fc5c7d10b50605b31dd0542c07bb0eed5b778a5d2dfe96a12977aa99d
SHA512 a104d3b9cee9cb8d69ad1664d4c68d7b2482f6915063138c2592b5b89fadcf12ef5b2c66bd01003902cdb379d14fee09a071fcfd8a98c2a33a901866dd4010a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0b8192028fd40533fa5dd306ca884e08
SHA1 87dbdde1b34a72304e574709f0f4efcaaba9b792
SHA256 ca9a24fa6ff610ebe35ecdc266e08981a3719672c1c23afdd2431d744061f3c5
SHA512 cd42b2d168604da89584a897285f0e4262829b040b066d1f99363d3cc7646a0f18d581b84019f76e4de3640e1dc548b4c9cdd379d706d960a2bbf6e6934d262c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\597cf36c61aa363b_0

MD5 0029b4255375cf457746e3e7028e3702
SHA1 81c33123916dd51cfbc1624679557624486a5a5e
SHA256 38c8bfd83a4d140ea03dedf684a13f96e08a8c9fadf2c6d96e6d7dac7b6fb23e
SHA512 f916af948dcfc3a8a9da0e69cb276dd43fe614188766eef64add2a7d301e000d3cd006ea3d35a193c7fb3962f0a5cb3b904c4f882462fd72f4a0901f1cfe8352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a6cb1c734c9c92c0_0

MD5 15d39929324b8408f50d326c5df33767
SHA1 ef8aa9f29bd667c317e76f71066bd4020443e6df
SHA256 cabf9ccb2e79e3815c166b513066211a822d9fb647b2347e27d754357a3da085
SHA512 293e2d9f6e7873cc52bb372d928ac111eb9f15f938cbd132f53e6332a4929a60eb02c7b9755e7393a340ca6d18f540eebbc4b5f38f89f9025f725bb1f86626e9

memory/2884-2055-0x0000000074D3E000-0x0000000074D3F000-memory.dmp

memory/2884-2056-0x0000000000890000-0x0000000000CEE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\335e69ddec2b9ac6_0

MD5 83e482c19862ae5ac9a30f9957138199
SHA1 d7c23973a5e2c38527e4ae3d2d4803ad7a55ca61
SHA256 e5adb3af16acde863454e6621d9b1c98c10abd06d743d27eeebc94a13dde94ee
SHA512 fbae4f5d748e8e7f1d6886927407a0e29b492958d90980eb51453bd20405d537db2fea92a12f890dfd746196204b9f712b5c3ff6d54f013e6f6539bd04bf3a86

memory/2884-2065-0x0000000005680000-0x0000000005A64000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\msvcp140.dll

MD5 8ff1898897f3f4391803c7253366a87b
SHA1 9bdbeed8f75a892b6b630ef9e634667f4c620fa0
SHA256 51398691feef7ae0a876b523aec47c4a06d9a1ee62f1a0aee27de6d6191c68ad
SHA512 cb071ad55beaa541b5baf1f7d5e145f2c26fbee53e535e8c31b8f2b8df4bf7723f7bef214b670b2c3de57a4a75711dd204a940a2158939ad72f551e32da7ab03

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\vcruntime140.dll

MD5 1a84957b6e681fca057160cd04e26b27
SHA1 8d7e4c98d1ec858db26a3540baaaa9bbf96b5bfe
SHA256 9faeaa45e8cc986af56f28350b38238b03c01c355e9564b849604b8d690919c5
SHA512 5f54c9e87f2510c56f3cf2ceeb5b5ad7711abd9f85a1ff84e74dd82d15181505e7e5428eae6ff823f1190964eb0a82a569273a4562ec4131cecfa00a9d0d02aa

memory/2884-2085-0x0000000005A60000-0x0000000005A88000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Ninject.dll

MD5 8db691813a26e7d0f1db5e2f4d0d05e3
SHA1 7c7a33553dd0b50b78bf0ca6974c77088da253eb
SHA256 3043a65f11ac204e65bca142ff4166d85f1b22078b126b806f1fecb2a315c701
SHA512 d02458180ec6e6eda89b5b0e387510ab2fad80f9ce57b8da548aaf85c34a59c39afaeacd1947bd5eb81bee1f6d612ca57d0b2b756d64098dfc96ca0bf2d9f62f

memory/2884-2079-0x0000000074D30000-0x00000000754E0000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OServices.dll

MD5 046edd0ee8296e611920786c4f25cd7a
SHA1 597eb52d27c61dcbb076e03f6a2fa71d6733a61b
SHA256 eed0eabb8ecbf5d30abc0ed992f2ec2f28fa2e7d5588a090d357af424a4ddd84
SHA512 f7a3877aa7d452dc4d7c0b37c1da088d5f211342c934c4419873a0fca267cfd5911e217fb45c0cb10eaa78526733a996b0e2ea2de1c35abe2fc4305a355ed79a

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2ODAL.dll

MD5 d7134e64bdce2ea5fa7504781a57adaa
SHA1 5a72a075736b8ce2c3375a745c8e7cdc4320ed15
SHA256 f28041ab9edb612da9e7c42bb4d940e69fb440d4cb786f969512e0b61e54e637
SHA512 9a108406857af08238d73c56dfa1ea3f42eba40bdd65915aea74c871ba3aa0f75cbf2ad7f5bce2ac40d5efeffd16f3bfeb70f88e88798419a8fdef77ef2fef54

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\SciterWrapper.dll

MD5 6cbc4475b6af8a6f68ed8696df09ff2d
SHA1 906e0caab3feac88b372c2c25a083c9149e31dc0
SHA256 51e42ff1d66f3042e512be1dd60ac1c7b1a2a5307acd191dffcf24ef106c8970
SHA512 7d5d0fcbfaa218ad95918c421f4cc97e5f98090945c8b4f786ee2d92d0fe44698b580838777cddda34fe1e556eac549168df6eb01a9f9041ad915203e52aa023

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\HtmlAgilityPack.dll

MD5 17220f65bd242b6a491423d5bb7940c1
SHA1 a33fabf2b788e80f0f7f84524fe3ed9b797be7ad
SHA256 23056f14edb6e0afc70224d65de272a710b5d26e6c3b9fe2dfd022073050c59f
SHA512 bfbe284a2ee7361ada9a9cb192580fd64476e70bc78d14e80ad1266f7722a244d890600cf24bfb83d4914e2434272679ba177ee5f98c709950e43192f05e215e

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\ServiceHide.Net.dll

MD5 fc3be382cc3a7b4fafee4fdd465cab2e
SHA1 334da714147aac5d32116ba1753c88e2d6956705
SHA256 42c2156b7eee3bf8bee8d0c1d3d3f138e059ddda342cf8ee0d723130fb865304
SHA512 2e2d99c93d9f89fca51ae744b9ad0ad6d86dd97cb4a81913e0783984e1d16173eeaf6b3123a4db6241ee0b71b461fb47d297eb20ea501c37c608e15294cf39f4

memory/2884-2152-0x0000000005FF0000-0x000000000600D000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\MyDownloader.Core.dll

MD5 f931e960cc4ed0d2f392376525ff44db
SHA1 1895aaa8f5b8314d8a4c5938d1405775d3837109
SHA256 1c1c5330ea35f518bf85fad69dc2da1a98a4dfeadbf6ac0ba0ac7cc51bbcc870
SHA512 7fa5e582ad1bb094cbbb68b1db301dcf360e180eb58f8d726a112133277ceaa39660c6d4b3248c19a8b5767a4ae09f4597535711d789ca4f9f334a204d87ffe0

memory/2884-2165-0x0000000006570000-0x0000000006582000-memory.dmp

memory/2884-2144-0x0000000006020000-0x000000000604C000-memory.dmp

memory/2884-2138-0x0000000005FC0000-0x0000000005FEA000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OViewModels.dll

MD5 0ef343471a5777b6f90d9ae85164449e
SHA1 90a754b788f48a1a1e799d77cbd5d84e60bcdae4
SHA256 295b970cd45ca0d9577d5ce875de5cf92367fcb6c7794e525b00090fa1ad62d6
SHA512 d939ccb622f4b519f5aa602f8793ba69492e77b1f73a710997899b9a716f1425044bf8a86b1ad3335eb81339d9cdc3ef7f641eb7d4c1ab29486210fafe76f14c

memory/2884-2132-0x0000000005F60000-0x0000000005F68000-memory.dmp

memory/2884-2125-0x0000000005EB0000-0x0000000005EBA000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OUtilities.dll

MD5 de46930143bfc9b30f0f68ef2317a320
SHA1 e6b48151e5f3fcc5d9f300b330e9aeb7602adcf9
SHA256 fe4942cf5b5fdfd04e6af4cdaa128fbadd35b9a4c6d7d6b4407a02ce55131932
SHA512 8e23169277ba0cbc0b8f42db19140d1edf66a9f24f115be19c98f3acf64ea871d8bb8923d709e8b1dbfda0abc0382f5326457c929d422099d8e7a1d26560bea3

memory/2884-2117-0x0000000005F00000-0x0000000005F26000-memory.dmp

memory/2884-2109-0x0000000005ED0000-0x0000000005F00000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OModels.dll

MD5 e57646a871a04782fd546583a01d62b4
SHA1 983fad031d66098df6331e0b562d69853ccb37e2
SHA256 f5138fe637e5b1b735fb2e54607147ceb973cc537ad07690ef1bca27ac6da4b5
SHA512 65d4f51417a19d0cc16ec47f21ab3a1d8877864015098a7bdf21286eaf4be05356381e15ba9d7a27baf9567f0fa47f17cfb35e6af6bab495b617dde9d7d89ef0

memory/2884-2101-0x0000000005E40000-0x0000000005E5A000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\OfferSDK.dll

MD5 1105b8b33b0f019651566b87959512e2
SHA1 14d9ee07349bb349c32fc3b0e80087fb75e6bacb
SHA256 9a059883bee5177723b1a971172010a349db64c1dd60fcb3bbf190fe0e78bb07
SHA512 aaca1803c2618cf92306b6dd71b6d8d505c0fe8cd0c6262be268d7097251cd4edcfbeb60be109488958956b570485f2ea94a4ab7cc8e8c149f55759741014010

memory/2884-2093-0x0000000005E60000-0x0000000005E92000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\ServiceHide.dll

MD5 26d7a9a819ad38801857d657da7b43da
SHA1 c234851024d125caae81d759da98789c9dd2501c
SHA256 43bad9c77f861c5ce0f622896a33dbd8c34157c004550cac22cc97d3a4ba3052
SHA512 628299c06673b33566049d70f2f1f1a2a5c769ea5f5a1382b917c3cb11cd6b943005870e536b9e816632f29d1a3dced8eaa81e154b741491d57ef2cd54192190

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Newtonsoft.Json.dll

MD5 9de86cdf74a30602d6baa7affc8c4a0f
SHA1 9c79b6fbf85b8b87dd781b20fc38ba2ac0664143
SHA256 56032ade45ccf8f4c259a2e57487124cf448a90bca2eeb430da2722d9e109583
SHA512 dca0f6078df789bb8c61ffb095d78f564bfc3223c6795ec88aeb5f132c014c5e3cb1bd8268f1e5dc96d7302c7f3de97e73807f3583cb4a320d7adbe93f432641

memory/2884-2187-0x0000000006A70000-0x0000000006AE8000-memory.dmp

memory/2884-2182-0x0000000006AF0000-0x0000000006B7C000-memory.dmp

memory/2884-2188-0x0000000006D50000-0x0000000006D72000-memory.dmp

memory/2884-2189-0x0000000006D90000-0x00000000070E4000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c695d5b3c2b5907_0

MD5 041a7d1468aca66b3f00d05ce8827ee3
SHA1 5ee1892fe9f08e5bb438620abd1a6c5231060064
SHA256 4d5043c17f2a3b25ba3b224946ca57b1b76d5b6405be2c3c0cc4eb3c738a0d22
SHA512 eafc37cfbfefe0453e22229f6a2ce76f0892aab78edfbb5c263880409740d4d7ef5282447def9b70ae0838c7c1f51eafaa85275dee94bda4ad6a7d34ffc25e9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5a4cbeda3f42093_0

MD5 dd0ab0fb6ca43a2400ebc5edf74ae2a9
SHA1 8c92de2792358fc1659fdc8f4a2fd789f8a38e8a
SHA256 b07c174d16ceac5b8af541298c275d9710a788a8ba2199e8372d36abfe89de4d
SHA512 a3a729b21e8f4d759e57bd27baf24540352e77ce5845582a1c54762106a615ea8903a909c6cda4cd05bba318cd9fca103b37ae65220a5b5407089221e994e86b

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OResources.dll

MD5 d2f164645dc4fbff8458306adf7b1870
SHA1 85b787ea895d08925d06ff021eff2412593db40d
SHA256 8881f487bc800630d0292aff9ff8364c228e634710f1e4766616b0ab7f9a724b
SHA512 21c729c85ef36cdda3d1574a9cdf8fc18d7c868ff4072c8e5e8968c57bc6c239ba5d627189ad0ac24d04d9eb5390b090882f8d17da09fac308b81acf4617d4dd

memory/2884-2207-0x0000000007480000-0x000000000748C000-memory.dmp

memory/2884-2215-0x0000000007A40000-0x0000000007FE4000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\H2OCommonResources.dll

MD5 7057b9c92d465cd8582b3af21d44239c
SHA1 fddb6a013467a9973c7eaeb0ceccc94209d5cfdf
SHA256 3a59cf866661a07ea7c2cb88c957a966fc5a24e1f0fb2b764195b79702c18239
SHA512 da80adce2bd141a73caae5bbce7a38751a34534af1fa6e8bf0d6c4456c97f8c0dcf73d231a07e9eff860471785850be4a8f2f243eb04982bd3fe83fa0fc8a7c8

memory/2884-2219-0x00000000095B0000-0x0000000009B64000-memory.dmp

memory/2884-2229-0x0000000007890000-0x0000000007922000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 15c099153912719744c600b39e250b62
SHA1 5a8d0758d4d9bef007375be1f7d62c78970bc519
SHA256 211a6007dd01efba89f0f1c7347c56b51691034004e55448b6314c5cd3dfb4bc
SHA512 cd47b558c6df96eb48f771f0c30b535283ecfaebb6d6dd62fda437cfff23a1e1353abf291e48b601df93ab25066d56d6b3594500f1890622af4d013b6fe9c3b7

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\MyDownloader.Extension.dll

MD5 28f1996059e79df241388bd9f89cf0b1
SHA1 6ad6f7cde374686a42d9c0fcebadaf00adf21c76
SHA256 c3f8a46e81f16bbfc75de44dc95f0d145213c8af0006bb097950ac4d1562f5ce
SHA512 9654d451cb2f184548649aa04b902f5f6aff300c6f03b9261ee3be5405527b4f23862d8988f9811987da22e386813e844e7c5068fd6421c91551f5b33c625f29

memory/2884-2262-0x0000000006290000-0x00000000062BE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4de6d5e27fc382385b82ea03c3459122
SHA1 fb91a512c616368aad2789ff697822742a2a2481
SHA256 42aab05923c677d632850bb0aa91054de43b00dd0e54c7acc84f3c89f39f348c
SHA512 5571ca1e884aac9404db0996c00000593a615c22b555dcb96c684fe7ecb19c5a13cf0cd7df830b82709939507b419fd7c36ce365c044253ff0f1a1377279a16a

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\tis\Config.tis

MD5 bf5328e51e8ab1211c509b5a65ab9972
SHA1 480dfb920e926d81bce67113576781815fbd1ea4
SHA256 98f22fb45530506548ae320c32ee4939d27017481d2ad0d784aa5516f939545b
SHA512 92bd7895c5ff8c40eecfdc2325ee5d1fb7ed86ce0ef04e8e4a65714fcf5603ea0c87b71afadb473433abb24f040ccabd960fa847b885322ad9771e304b661928

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\app.ico

MD5 aa571be4bad9099f9527715bd18c18d5
SHA1 25bccca2f3815f278661f1bed46a927340f46fe7
SHA256 9ebaa28a2ab1a09718ce3e20359b7676e50d6993e111e2970bd573e602e9afae
SHA512 8921c14c03f8c496ec16e5af7fd770337b9ec8166cb5470e370027e5a66cb824839b2ddce4afff38ffdeb5bf23da9f71280d5a358ddacf3521c852f8e3ff52ae

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\OfferPage.html

MD5 903c37b4ec25ba738462988f1bce9d29
SHA1 7c7f4ed5428ea7f90e90f2b890bc79815970e7ab
SHA256 2981341fedb87b8363e383e0cdbeee93a3949c9e2bb8f7e4dbabafd83161cc64
SHA512 35a0c8f487369cbd05987fae36dfbd9b96ed11c6f09799e8d4a100bd8504032903aff2de8d6a3770ca9bf8c86f6919d2934f987062756bfa394c882b32d0da74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1abf1dae0605cf2d31e41e8ab39d1bec
SHA1 987ebd181d83756af004c4e7c43e4a6baabe9dca
SHA256 b78bf8468ba04c6e3f518bb7bfce42b23aac9c19a2d266854e5ebe5ae3fb6722
SHA512 b7a5855860fa805bb3df2314174c013dcb9a18aa0eb5810ca805aabdefe4becdb7316d0a977d8c868dedfa89e8cbfa98f1e04256fab5272bacb413be92989249

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c638ea4d5959aab8fcb5e587b9adc61d
SHA1 885c43cab9df936d22f55becc6f76922e4d5f9d9
SHA256 21c9d806abaade0365ac1d37fb96fce8256187ecc3ccd57a84a818de4aab4656
SHA512 a0d70d8cf3a94dc1308299af1164adcd7843f3c8dda6d7c00ad12e789371fb1b93c47e404bb8fa49edaedea7aacedc27f89b2c7791da8beacddc7421d2209f99

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\style.css

MD5 24d47cec7804a5fbc36e21bac597d625
SHA1 c64c1f5216ef7e1848b2648f78da4bd7c9844a17
SHA256 2b6d279fb191b9d09f57e87f29afee4c2d139ecc5e4f8d88eedfc1e5215101ea
SHA512 a8fcd3b7040b9121e8dff0e1cd38ce2223b847e0066e36155b4aeb2b369bbbaccc25eb6ab6e25d71029e7c4bfd0fda8a2bb57ab303be39bffc9c93dfd42645ec

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\tis\EventHandler.tis

MD5 1116d7747130f4552a91e61a3a6000b1
SHA1 bc36996a664dab24b941ec263679c9d6322e61a2
SHA256 5c09c6784f3fdc4a6b2998c4c9e02e366265ee5314c0f982859825576dc0eafd
SHA512 af34413f242b64737ac9f7076e449b0d0485842d653d1cad12b54b868f09817d3595cd935ad7e03003d536127c173d624dd9a031c079fdb8f897ab0b7b9474e8

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\tis\TranslateOfferTemplate.tis

MD5 551029a3e046c5ed6390cc85f632a689
SHA1 b4bd706f753db6ba3c13551099d4eef55f65b057
SHA256 7b8c76a85261c5f9e40e49f97e01a14320e9b224ff3d6af8286632ca94cf96f8
SHA512 22a67a8371d2aa2fdbc840c8e5452c650cb161e71c39b49d868c66db8b4c47d3297cf83c711ec1d002bc3e3ae16b1e0e4faf2761954ce56c495827306bab677e

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\tis\Log.tis

MD5 cef7a21acf607d44e160eac5a21bdf67
SHA1 f24f674250a381d6bf09df16d00dbf617354d315
SHA256 73ed0be73f408ab8f15f2da73c839f86fef46d0a269607330b28f9564fae73c7
SHA512 5afb4609ef46f156155f7c1b5fed48fd178d7f3395f80fb3a4fb02f454a3f977d8a15f3ef8541af62df83426a3316d31e1b9e2fd77726cf866c75f6d4e7adc2f

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Resources\tis\ViewStateLoader.tis

MD5 85c33c8207f5fcb2d31c7ce7322771ac
SHA1 6b64f919e6b731447b9add9221b3b7570de25061
SHA256 940ef5e9f28da759fbf3676fba6da5cc4199b78ffc4fefe078ab11d53e70fb0a
SHA512 904188ab57cfb4f3d8c51eb55746ae2589852f271b9fa3840b82bda93f69c9f985e65f67169302d08818b707f36246f83f245470d5175dba5f0ad3a2482740c4

memory/2884-2353-0x00000000075D0000-0x00000000075EA000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\3354215998cc498efdf76f123473fe62\Vestris.ResourceLib.dll

MD5 d39f7ef14893f4d0e909a9ef67d91d7e
SHA1 dfd7519871580b605366a513377db0549bcd5eee
SHA256 d571df8d154118bbbfd16fffb1a4ad642ad854a98ccfb712097633b522ce7aca
SHA512 f15f759ef12970afb8aa46550d5e3491ec771b69c861da3be4a32cb6a6d93eb78b52aa595758277918358961ff99e5ec4fa5f411fe86ca7f87af0fc1a8923b1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 19b291e2b92e65a5ca872537251b68c9
SHA1 46571b0b3f207c60b15733f50fd5a8cb94d409cd
SHA256 98e6865b0212459c48a267cfc76ea1fcb7258fbc0388427d7716b70feb2005ce
SHA512 182d72e18b45bc9204950f1b884dc1ce6b80cc516634ed88e9d660b6a451eb45ff9e77c988d43dd0d29151d995a84739f4d7c5aa738d1eac8740599797fd23e9

memory/2884-2367-0x0000000074D3E000-0x0000000074D3F000-memory.dmp

memory/2884-2368-0x0000000074D30000-0x00000000754E0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3cabc7dc130e2853_0

MD5 4d7a54d106f5d619a25f23ddbd869d39
SHA1 52be0cbdbee312164bf70fbc924e3d7587dc37a5
SHA256 7b3e001fe76bccdfa3830d3ea0a37bfdfdacdb996dad2a8d5a9798d4ce5bdab6
SHA512 52eb54e7a73d50372f6550fa84b9adc0a9b892577dcbcf2603644a3ea369cbb09c2a6e22f4b26a3a33c47c72926e129d2ead4c6a272016eba7785ee6d17e8210

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44e69e665494d260_0

MD5 72044c7ee35a9e37a8bdca598dedd6cb
SHA1 edc831e83388a504903aa8ba71281e5dd9f276d4
SHA256 2df9e2640282e3a208f775c8d66784dfef04c0776d7ec59d7b0649daad4b11f1
SHA512 87ef6bd45a52a5c72dc574a3cec3a62861b974cbb39cdc185622e8b0636d2fb2f03537c340dd909728c60cb383598594ae5a28a5f5e17fba1b42ae52bbcf954b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\69297fab760db33a_0

MD5 1d95b8628e6281afdf2d72f4b831ecf9
SHA1 6f04ee63bc30d43d0d3df533c4b1acb93f8b3ab9
SHA256 9a5a4625b352bd15efd6f1903d719ca6610bba4b55271516725adf20e432193d
SHA512 7f7166e89374f6055da93f0eff093fa28ebd13ca124c36bd3258ede3deee5a2b8558f4ddbc80c0dffcada12bd4ae3afae12e7aba753f1297bac3f3ed80a9471a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e2b26c661e93a55b_0

MD5 bbf408bceabb749c59f5ebe55cc76dea
SHA1 ed186cc396ba21595b874fafdb57f77e2a016b6a
SHA256 3d07f1860bcd301414af0b2afe69c420f665589a188ad25af3965b06b1e4dd9d
SHA512 86420b3013add168ceffed6fb9af6398afd730a35012999b3407ecdcf58162a98fa9e6fdad77803c3794c9225dc4084a5d0911505f41a5cd68bce5fc1fb97f3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e13b3c74a4ba117_0

MD5 ce9d16af5c079ba37850b64220112465
SHA1 63878fe81310ac94a5aa7d0d978642c46eaba518
SHA256 e79425ea77251fc51f660800ac014818190192b8f95ae0000f36279fc0ef7bb1
SHA512 656a1ea37ccce379edf7a4aad5e251da68b0ecd8c462665c4bd0cba589018a143260b61541271122736dbac44dfb38564db52f22fa11085b52cf66f1cc465973

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ba030626de2ac75e_0

MD5 3656fbc4166fe056f826ad54745e3999
SHA1 66dbd7ff1db7425de2fa198e1e450fe06d194dc8
SHA256 659adec35636c243001b039c297f3d1bd61659f0ca703418b5383bb3a5873386
SHA512 1cc79c2547af11067cbe18fc53d779b80203acd3fe4dba5bebab994475e9c9cbcfc34c648f1bab956f140e5d0a5fd29820fbebf21ce2320a150e411a9cf08057

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 09e8d7338325512cc0d17ee53d95bc97
SHA1 2a08c345b0baa4c8086fde9b4ef200879fc0878f
SHA256 5ef9e9ec8f3ef3e861cea5347c9ba7c619c6beac8b483ac584e492e28ed2fa10
SHA512 cca29a2613750374ceba83473e440de8e7e252487d29d52deb11591009c53a6fbc7066bcda49343ec8a8ca6e1943179ac4b96374f910773ac80985b9e7808f6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6cbe38e5e7d4918ae0a93b4378f24744
SHA1 0fba412deec9b078b527afae9b8a32e009c96ac8
SHA256 28f8c380213210cab12d482f2c639a0a944358800182d65ae18cb84a9d3f2681
SHA512 d4a886366cebbbff326e2d14e3d9c49e1fd91b5a92284706b445ea6baee3ffa20b1ee49eb26994db1a05de23f20a123d3c6b07645b645d04f50059f76cb052d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83055de0241e30593b62a8517ea7e3fb
SHA1 c49e23512ef05877b9867b904c43814f2ca12813
SHA256 15c94898b17f2830a24778885269d3ba68a81e72f27a2f374fa59768b22592b9
SHA512 828ef322a05a2cd9e62d6afbf8e8f274feab4faac131207777401f563eddc8f53eee142e27d57143d38d5ffc52a5abeff3e25af20e148eb27078ad794d8c9f7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 29057cafbcf523b62812410bcca3dcf1
SHA1 401d3af36386315022aa2b835d8dc97a4c5f1e60
SHA256 d9557a412ff6ee82402e9418617876479f4e36e50b9d800d5b81b21671b6dcd0
SHA512 c55da7a506471753a20586e1388764dd01eb217f60d334f039d7941ee83388fe3d914bd5dfee009d54fd784ac7c09f598e321e5ef90d8f6b09b543d5089b9be2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\18e444bd4de5785c_0

MD5 fa99e5aee3268c4d90e3a6a95201dab1
SHA1 447ed0aaceb32f30146562ef70389f3538937fba
SHA256 23f780bd5980e519bf638e74a86190a51a70240d03af74ef6be2108a21ca68d4
SHA512 0005f340db294255adc6a1784bf476dbd010c128a05c382d754d2c6cbb57930daf9bc591b4a958e07f660793c306a843219256dcc76a10a42a1164bc79f3e724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f5ed9d34f5ad8f32_0

MD5 3f46502cd2a72e3c04fd368e23092e1b
SHA1 4e4715e548fe46577ca41490fa555f83bdd1f656
SHA256 6bcb620f0f02054be4f49e418a5736b31b48627dcbb56c6b2a9f28c2bd847a62
SHA512 ce0c855c425603b4e2464f0b15af53a78871b9246b35e1aaacc6d7695514059d0d68f4b8095fe212a4f5bb6c4db74edb74b0ff5bdb990560eb4fba20240b805d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 df345390525a171bae89a06a92321b6d
SHA1 5583a02e5ed1495dd31e78cc54d6eaa7a889179b
SHA256 44a09b7991a5f5cd4b89e249c2c08a538582bed0e43fd9aab0a672cc1325ef97
SHA512 9be47155e0310bcf47747932e3ab136b94a89f74f612d4de1967df56477384be845f599c7c0f1dd010c52ac230e3b3a67e2f2176dccb23bae1a1b2fd09c2a18b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69b2298c82e5cb73f588b0212184e255
SHA1 43d24b0b433d872b6c39b4ea93097059ca824ce5
SHA256 a35302b7091e849cb9f6f846809fd4b608acd4cbcf67154e29e3b4f45de7554c
SHA512 4df7a86d00d37f9a64006313c9c691e11debe7f157fb7a08c2af9a93cce739b8ba5bab87938d51d498c8a5b293cf2da7f4ec9d9bff413ba7b0687a4d4a24901e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aa9577279d4acc21a612a48c7ca6f8d9
SHA1 a2aaf721984cc9388ab18049e39de26aef16cfc6
SHA256 01547444bc011d079a24cc9aa6f32da91a703b795972e0d73ea140de4b261889
SHA512 95e4e925994024bda2bd7ca316f3f8decc8e4b735d17e84e6bef47644fe76fea88226d2233ae154770de603d38efb225c79356c9106c55ab9740ee2707658124

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af669df2c8a3b43dda5586cd29b62cc9
SHA1 3bf677aa44f7d96675bc13725dd15ad860f489a2
SHA256 6005f9e3162382e19fa04db45980f37d9da9ba29f4f5ccd6cb8549ef569f17fb
SHA512 ff0d61fc19963c3ae43c02dbf34ada0f701859505e399da9f8b3f99a845efc183497454aa509ea955e30c8e42e1c4bfae72b92598f9cca7d6ad0a3c5e33985cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1abcb3ec5e41778cd0171abe8b4918b6
SHA1 6189102c9dbebcd82cbc9582aca46e5515153099
SHA256 90d0d45937fd5017ccf0e064b7fcfe8921dc8372f070675404c9c54f09550876
SHA512 1e73f38f4f776ce06e1319de7a2e24be1060bb76470c66bb5ec640d5d40706bb56e1335dfa8ef97c77f4511ccadd07505df50b6f7a8e904f2475204e3ff69bec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ec6a80196af47cc4b16401cd8b8adb69
SHA1 8df00ac96e762d22a5a09dad457c4b67aea7e3b7
SHA256 f421725d4cde2863267ae0bdd951e553fa947e4939e4b1607a2005015e1125d4
SHA512 9d0854010a916a22edb9eea203fa72059e050de84fd2c25a6d0ce8661b787dde2c8463cf78c9afe908186c462960bc2765b577d9d8ade2e8e62af212f8c0ed3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c27e19e55252eefede7e24d99bf5d8b4
SHA1 c4804e63cdca98b8c95d3a79ff096abb010f696b
SHA256 edc6f8f36fc70eb695e791d36927eece234cf8f9ad7d0f7c3e13621ce4ea6cd9
SHA512 7b2fdecfed61209cdac9a2c5d514e1204bca1c6ec01e9eaa4d76d18f6114c807f36d4885c5ff66cfb48f3fc4fa2c7935092270e4389ea0e208370906176f361a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\db6255d40c5e85ea_0

MD5 479bd93bf8d5105a0939309aee1d91d8
SHA1 170d9fdba0d1fa95d20754e0ddf7298d941693b0
SHA256 ab56e48b1b5f6b3449c041efdae5f09b6a84e72dc6d583f384f4fb03b21b6906
SHA512 961f8214292e8e59d9014395d2dcf08b42041d43ae48398757aad57685200b0b243203e172228e24d401c781806c2908a8fb3a0e2d2a90004271c612faf6edc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a2e7c7e874a009eb_0

MD5 257648b6a1376a7d26aba15b717eba74
SHA1 4d656e37ef6f621b731426a41b64692f8ad59de7
SHA256 8ae2e333b328796592b1d9a227fd5eb213ef970f4e9c2784cb1eb8eb8601c619
SHA512 8594b5cbf80866a5ab6584dabbb19a49a638ea82d36a1556a5f5f96410164fe136be22a0d33ed249d54eb417ae3d33cd97590a055b0b9df20bab6369de6dec6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 aab059625b8b34ffa9ab3cba533c7ab3
SHA1 99b3766985352d48f7988fb903b92cfde290f05e
SHA256 c35d0f8b39e05fa5b77fa0097eb4d169ca51efabcb223d954840a4604f3e7ec9
SHA512 5a5571e8a70fd239d8d34409724820f75573c42e7863bc428daeb07343464ff7b8ff3842560685ac16ef509041778b6dc1cb531d463ce8b00e33cac7c8b75f33

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 603835699a8d934b11ebd28887d98da8
SHA1 99d954c9cfb93191c46f56b426f24ab85836884e
SHA256 e428dc08733b8a254dc466faff3eeda892690c11ef03ec9df4728134ae43b46c
SHA512 19e16ed4be1d4a7993ad5b5eaf8efffe45d03975351d01747155f585e54e98d6ef08e4b670a3af1dc515bff3b82cee4646d3bed8d5c24b637ceaff71703c3184

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d94188e00dbfde0608acac94fbef8ed4
SHA1 61d99a7aa77a71d254b79f7e1147c7051098b02a
SHA256 70040d7bfc4e0ec9bab343683c5d6a978bdb46c3f64c4eb1fa3938b02004493d
SHA512 fde47bf258313a18d7a660064af74242dd5cd0f92eacf0d321b943e84944101fa6199ca241c29ead79a580b24924cf04b63ef4441a71d44f26bc49115e7364c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2d80e3682c4d6608263f7c5f22f89df0
SHA1 35dbaae81e91c511d1b0958336d6cbebdc89f27b
SHA256 53db8f942aef20d05b873586e6a191a85490f960a46daa9b27489b706ad0ac6f
SHA512 d3a1cb6332a3932edc9187363c343ff4b464fc7aa861d6d669f661f1a43e6e6c6a1bcc654431393f33e82a7cd4a76e7829e354c5bc994fef6bca8ff0ae5a0b25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50e2b8ab-e585-4632-8273-95a658cf18a3\b3c91324ef8d55a9_0

MD5 f45d0557dfcb916783bb743139d2d5c2
SHA1 7806e820ba2a380c7a1248edef390ce24ee2cf4c
SHA256 4102e3a9a19a0d8d12255746c55a16eeaacfa5608dc087dae90e709514be8b02
SHA512 f1142f04efee5dc5c779678fa9d6ac191717a1f64328ec90c5576b830f163f6f24c374846aab6a7206b93a41dba468ba56223c3ff604e385d804139ac863e50f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 509e6c852c59e65a72699bc4b6da012b
SHA1 c484f4f1d59056d882b63cc5b1e3d857df1f7866
SHA256 383dca4d227c996af39d34502cee903722c5ec4e296ca6ec3f5a14573ae5e8cd
SHA512 23b0b7d6f8974563eff85f1e237799acd545b4163e0a3dd3e0a5c6ca0933a9824a548fa824a6b1c3a004f8747f6047a5a3436d8a69e368f16bac0d0fde394e2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 11a70d5025a5f8aa29ea24c141599a34
SHA1 77d75a96535806e4b47192aa667822960584ff52
SHA256 c977781c6b20365a130ec38195d66a2ba5843e38e2ca551176c0221647ff755e
SHA512 296d6dede2e022da569f739dcd72b038594e76f599c291326b1faf105e07b9bacaaf8bc8f11a4bacf0a8284d1223ce6a925c7110cacfca6bb2506a6314f68d30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e8b2a7a1fcde47766c6528c2991a41e5
SHA1 a31f990f0278a5b1383102ffffded3260b199bfc
SHA256 f26f38bb6094d852cc0370faa6181acb2666f1dde5936a233e4a41d4b52a4fb9
SHA512 41905610171abceb52b198b31f171e261b5684552d6d7ffbea2a5963001d9a77b856d353ece13c59ec2cb0019745269db46e348726b9ba6cb8c38f4e2e86a489

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 551cb07c32ba20c2e74e98c6b05fb1cf
SHA1 41b6578a02df8d0091bdd4cd6eed021ac16cb51a
SHA256 4bcde65295134d5652659aaaf693ea875f2a897156f9caa685b5f9ca3343d0d6
SHA512 4b36dd01d3989cb091a59a454c2950c0bf0ecc8b1f12443f0177fd0612998b4d16cb9a71ed30803915d985ec793adadf05b3bf05dcbc401b26345604830c30d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 367d6749aabc56bcfd8fe6f68e8ec07f
SHA1 94603bfd837a6cc48b0b413d97e6c21294139f01
SHA256 aba7125a597cbea4846b275de47b9e35fb42202d217c321ad861b09d3b831b5b
SHA512 737b43474c49d945fcc767a082ae79734333de55374c35825993539376577af76175a966e633b8224b4ede6a42738f3298e5c42d7a307f37897857c7c65842c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 40284bc6c107faf56ba0ee9a670ddf65
SHA1 4164b99ff6ba78f0dff96cf9b8ef6a0a1ff7a6c2
SHA256 67de97bdca047ba42feb9aa765c71263f218101bc85768ed0a4e2ad44654e9d2
SHA512 db93ba6fde2e0c5d308e87194dee9d8a8531bec15bbabe5066fefc516ff38389542a557681a7b7079805b99db4531e5ff0a7ee99cd55828bf2df46a75f1d22ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8e61c3a34c61482759fd60e30cbd33a9
SHA1 e1b8438a5653cd2670232fe17fad4ef2a2cb468e
SHA256 a32fdeaad28b56f456aa46100847dc00ec4272e4f53bb50b086c6cc2741381c8
SHA512 af8e48bf4ac6d15c17fa38cec1e576258b635da200dc82eca30e27c7847d68bc418ab688a0a1dfad58c6872dc290de299f4f4525ce72aa9e15c27d4382165609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 c8c455ab19da7e8bb4696f87e371b9c5
SHA1 390a37075a618bc95df300b01e6aba12475a9636
SHA256 9471954c33755f2f04c4b15df89a61f742978a1c92b285a9c8cf3579495c2da5
SHA512 87e7de39d3a6baeca5fec54056f77303546d9947013ce936f28c9c32453fc3faf5d3bc6ecf229fe6f9e4ba1852956ad69d2e9f2d2a050ad88722a8697d800cf6

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 324739af53c5507d9d51aad527a1e3ff
SHA1 95533c26a3a8b618bd130d1c3c26f9bcfe2f87a0
SHA256 c1c90c89088c86a2a249b16f54907ffc97d8c16bb6d5e950d70735a6451785b5
SHA512 c7322a865f00a87a59e7eedd33a00b32417fc3cae43c214685a3d0a87e614bccb31bbb88c98fef84f4e44ccd77e0a4b21b52b514f17736b049a6d38855c0254d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6461c2afe6fc7a8a3518a9d0a5d0620d
SHA1 4785abaa98f7c23b36c938a2bed3e28649ae3e01
SHA256 a7db12ced187dce96844c5628843322c29cdc8ec4076b42fae78f4e3a2e531a0
SHA512 e8b17b4cf1192081a1efb05ec0af9f5d76a244fd13c8621ef884928c7d700979525450270962bb4d73d122051b980210957cc1af78e79c896088a476be810319

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\c51920ff-b0e4-4f42-89cb-4a231196dee5.tmp

MD5 97531841aa67040ede566aa94ece0fef
SHA1 32b8e81a95a27b050e26ae526a18ca53b6b8ea77
SHA256 40c9918a04359b57f197d3f689681b7f16be5494a70c5f9dc04437508a6b08aa
SHA512 4078644712edd5a438ad1089dff3f432ed8f37c95fbaa5f9ca8c7a3cf5a5015a9172812b92ad5485877ac2bf493ccb54d4d7935e71231568a8bb3ca3d19f87b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fb9f17491c33f194491791c870379dff
SHA1 ade77196baaa035fce1fc13e8aa65307f45ea4ef
SHA256 c8d8f9f16255e446296389f5babc441894d1a360c28527c79d1f20d76a9515a8
SHA512 0d7711ca3108e4fb7f0a0e501b027a896909c48131804ea58a1ef838102f9673efa3c7bcf21e78499d613faf8ef18601f8e4da0bc9e4979dfbaaae5425c09061

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c3

MD5 b1dfa46eee24480e9211c9ef246bbb93
SHA1 80437c519fac962873a5768f958c1c350766da15
SHA256 fc79a40b2172a04a5c2fe0d5111ebeb401b9a84ce80c6e9e5b96c9c73c9b0398
SHA512 44aefedf8a4c0c8cbc43c1260dc2bbc4605f83a189b6ef50e99058f54a58b61eb88af3f08164671bad4bd9c5e3b97b755f2fa433490bef56aa15cdf37fb412b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5

MD5 f90ac636cd679507433ab8e543c25de5
SHA1 3a8fe361c68f13c01b09453b8b359722df659b84
SHA256 5b4c63b2790a8f63c12368f11215a4ffec30c142371a819a81180a32baeb2bce
SHA512 7641a3610ad6516c9ecd0d5f4e5fa1893c7c60ca3ba8ae2e1b3b0cc3a72f7f9bef4c776a1f2fc52f366bd28a419ae3594a6576e886e79a20ebd98b55b2acc967

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0cd83eb25f2bc8542112a161432388ed
SHA1 20ad030d1ffac5323f69046c2ffce79e225b5d63
SHA256 fc6a22acdd93854c9ea627bc79a6abcc49563b6e1a182b3549ff794b076ee97f
SHA512 c5ef6630e6c49bada0f83bacee150d3ffd8739c8fbf970a6e3b6df5da12ca2ac50d1c5895de9f458ff5faf3909bc110cc19ea457e06d63f51d8e02003d176f01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b21cbb4613a0b2d2fbbcfed2a67802a
SHA1 a7ef344310bd142a7ffb256671d6786bb98b073a
SHA256 b0a1476bb850ccd22ddcf0230358ecda5907774b50a0e7f10e46aae85fe82cff
SHA512 889a0015db0d8310e717614da8727e69ca14f21c6f0b5f49c309e33562cf48ae94e1ed9b2f019905b80ab0f61b578a45a8af58acb845394900fb0e5255b17af7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65663d37574ba933b68589adbe458d51
SHA1 0b039fea78b282982dd99d7185b3cfaa52767f62
SHA256 3b11e0afbc5727f8368b2bd8df80e759f8101baf0014392c49dd2c2bcfdd4d17
SHA512 5d16c6a132de415292c4b088c199c562ec85f3490e8818992be04d21a5403c039b04c4a80f13a42a344d26631b0cdb6a776051985bab4b9530737b5608579030

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000092

MD5 436cb291875078f028cb5994b272a1fa
SHA1 f925c2f4e13219366a34bbf6fe835d5cbf371012
SHA256 3d7bfc2af8229c413dfb92212b2afc013ff4a98e220b5a2e8b33ba20ea5aa901
SHA512 e31d3ffc5dc63c9606c81870d7fda7bf5b8cc923aeca09fd32c4a096f06900fc2c98d368e5dc3d2adbdc6b2b733ebf205191b9055d57044945a06a89e97a2c06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 14e151a9fd90b81acdc8c7a663d08625
SHA1 a32bbefec59a3ca2402b48bde1ecd81e360919cc
SHA256 04e8990044fe1eae060ee1e323f8262298ee5c20f0dd7fc6ff3fb7a8dcbdf259
SHA512 4641d1ec5be3d8bbcd7a7f1581cedb50ee893a51d884b3b59c9da371c1e0ab460419d7743ee66df37c95310328e370c47671cd125e459af451595bfdecd64ffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3ffb9e8fe9bfb33192b94f9afa93fdea
SHA1 cbfc4e3eef742d3393d45b5448ccaa521924d91f
SHA256 4e82488b87eddc42400e9775490527b962a17bff4fdea72d67cfba9e8f0d40de
SHA512 57c8e79fba3d9d5c50494ce6c34650e6b18f4adee3fe605de47e4b49bb4c923af3fbe881cf8374c88b0a53764238c4b4f0065f5eadca90a1528be886e5e35581

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d8249a8470b29b813c5876091acf4361
SHA1 a4c800afa06061b16c18eb9245bd6770ac3682f6
SHA256 053c07b7ab273e629885da692202cfc04f6742aab61e7f52dc5c2b28559222dd
SHA512 00621ca5e0ff1eb2e77e8fc2a3d72c8edd00598b065ea4664db65326cc8b4a55b49fe1354b45fec85dd9594986f7b411408bc021ecf27f0442ec8d006dc92c63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 21748a4199e110358f3244cccc3a6824
SHA1 492f8293db10f634198d0895cb17aa5a23a3a3c9
SHA256 c2610096047cb51aef4775fd4de30784b2db2c6a272c03c72aa3437464111868
SHA512 da4ee3ba465902bbd14605e813f3478aa3b3f108ed6334a1e840a68c2cb3493bd7dbc549a026dd721210c8ad059f41bf60cfea92232cd7dd655ec3c2366789e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fa9fc5fb96c6f2f234c8dbbf17fbf1cf
SHA1 593c3d78624a6e34013f56fbef28ad1eaa7da0ae
SHA256 a03ee69c4f5c3d46a1d4cea5ad70da47482e4b4d45158cd971fc089032b071d2
SHA512 c2e72b57d99c03d260c296e4ad420900c05009c5900f27643c0597c9cc6b7bcfecb417ee0e5ac26947e4a890d514087bfcca9ae271209d0644caa024d1ee8c1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c0

MD5 7c37f7a2fe7adb1fe24847c8d183acaf
SHA1 c805644f664c317dc06e8a6a6cefccaedac8244e
SHA256 63e4487b4d674df52cf013de1eac3c09f5baa83f8a3666709cf5b671f2badb11
SHA512 308d44714518b8d0f7c3b1145a87814cc382bcb20bae374e53781f5f2fcc8e914604c1b6b6df57ed3e9a94f7dc81eefcd1002880a392ce4d744fe569fc8d52e1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 10bf068a961cea0c666a3d8f3cbd78ac
SHA1 2efc5e31c244ff646978dd37f6d176b3593187a9
SHA256 4be028e1fea26092f3c0994fbcb547fe3989bbe05db74162ee9d5b9aeee8ec98
SHA512 7c8e26e2b97f9d13ff2b4f4c8aeee3bde7206866ea1c3e0db88277ebab039a1a9c269450fb375ce5b367ebe8a4ef9290317052af2e38c29bad2378239e5db1b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12676e67f8107461309ab822f391bda7
SHA1 e7fa59828f25481565694994b7d81a0bb46196b9
SHA256 e8e466491a4b366916c78c17e6d3b1a69cc6ae8ea0db03e476531a10d8a69442
SHA512 4a055d698e13f79f4286574140d83ab0c086f8b5eb473c8f434c23a6846fad0f317c32eea4b08340da3cc986a9b7eb9003e0c4fdf6a3171628e351c299e01d0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 72d3d46ebb5b397947dc09ffe619a463
SHA1 9337acf904f88d62441433cd6f81184880f6ea0a
SHA256 f439142be244ac7af97d5ed0b5d91b29e329c33cf21c871767d2320f39ac708b
SHA512 8e9053c73ccdd2913e42aa5c2fa147c9c42772e4f51e420f3f9e16385f648f819fdfe42d5459df14e5f0fec783c763848cd651dfac7fa5969afdd9a820ae4ae7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 224f426cf0aae97378d59eeca71cbdcc
SHA1 bcabb5e27fd0fbc27f1cbb8553a1189c802a5cc2
SHA256 2605e1e980f4e3c68cfb09917bcd15b2c34bb01fe55592e5340f68c04ac1132c
SHA512 9e3ca833de0bc821acfc33cbdeacad47aa67428915b1cb29e5cdf42f147e12ed8f967fd74aa4877f26acb1acd1ffb8628a1a0c29e7aec42bfbb208c356bbdfaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 974883491344fea402252717083f3b4c
SHA1 88c00b77acf1cb23089153adbe28d508edf3f0cc
SHA256 3cce64cecad5d47673676648ddda71a62535b861cb42b2b189be8b6b92c17bbe
SHA512 6686cbfa1c8dcf2d7c86c3912e6f026c44ba201a2d0bbc730b5c5e0aa275ce0ce49435c3138b952861c718ed8f40acf9c90f3c6cecba84dc0675a8652ec29e8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 c2cbb38ef5d99970f0f57a980c56c52d
SHA1 96cff3fd944c87a9abfd54fa36c43a6d48dac9cc
SHA256 85369a1cf6e7ff57fe2587323c440ed24488b5ed26d82ba0cd52c86c42eec4a7
SHA512 50371320c29f0a682b9ae3703ef16c08f5c036e84d5056e658f5d9be7607e852adf72c13bf2d0b63fc492f5c26d330bdeb2ba38bfd8b0d4567f0cc6b0c0f7bd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 63b278e1e3e361e2cd227f61bc158bd6
SHA1 f6556e2cf4abcf83c44e24a4a5e5679907fc7051
SHA256 5aead015e42bdd62fa7b1f199d8c8f73bb3bba2f3bda58507f6ea414e9d4a774
SHA512 50abe5ced9cc2df0341d6a9dc572687874477fcb74bd84e35483280da451cee03fa86cbdec705944b723f28788bf4bf6572be7557f87334d0ae526c894a86f34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 48784885227797ec68755bcafb09dcc4
SHA1 e3ad92e2db1962fdd2282119af804ce4a24b2d21
SHA256 68c539a158a7b13669e177f3ada99c1f73128458638a1bdf07a21384b3904aad
SHA512 1f7680e872f0d75da23292ed6dc5750b1131eeaac982f2a4892f0b455a763f2598d959daf9e9595f05a07e37a9693808e4464b1c92222518d2515ee1a7ab8865

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8cce52c39d384f1867c1309ff34312e9
SHA1 12548f5769d78e50a4f7acf5cda94f73a3f683ef
SHA256 6d4099db3043607f727749f6cd5293081fea5584ac23977c7cada231d3dae34c
SHA512 f52d93a5b3c8d365ad842ffc74077c3f0af75f207b657e14d4e4decdfd1dedfd77509175e0f3e14ef641218d5ee3973a5e1d7b770ae077445c8c4190d1076afc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8de92c1682f57b84736f2b2c5e4bc4a5
SHA1 7d63c8ac33728e28c106556d995ad742fb64c0ec
SHA256 f7ecbc757cee7d1a50d267c6d6e25f9304d9ca08d52eb3ba22579395877eecb6
SHA512 1035cfe0f79db05ec9b81ae8389325d03b47c3af1cc6d334ac0871bff7cdf1229b59b9b76b1450e774d944f998187dd32dbdbc27ded36d7effafa7054c3394d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b2dc77d759cba71aff013af568249527
SHA1 a7d2510c6c3388a31001027713094b4d04199205
SHA256 c094c71747a657fceeea583b4b765238437b45164ed61ffa2d24fc481c30d534
SHA512 4ffd8d1581c82463ebb9854ed1355d4083be8e4d130a4c995e03c8e76e9b967b1fbf81f56cb1b2933f78e02476bb7425631d9a71cce52c68434511a5cbc2e3cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a699cce1d4d71386ca8ba9e39ba891fc
SHA1 fb42ca2511ecca7bd7299f7a5bc3047e3703081c
SHA256 96ecf3ec6c54213b461445c5a2311d06285f950cc0a04611bc4e956c9c7efe9e
SHA512 948442f452acafc66b5c9950f7111db8469f274683052fd3770ed1169b103104fc2518e526559c69e1c78b055b821221bd0b6ae1526a95d3d7049dd3b79f4676

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e1919bd12ebf050a24fb51a34e62c9c6
SHA1 79e62dc2ba4b7704bbe3120167c3d09b4c01d069
SHA256 ed270146b029cc6752b7d1047ffb2509dd9379ca570ddbae57bbd451691b7dd1
SHA512 582f989f0d2be08ab8300b4a947ba8093b9587d6af7729406ce914db533ed2fa2db9401e2d18122a1016956b183f1685208642204c7f042abb3ed6da067dc1b2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 9b8faa9c8ba3c6bef5cc7e857fcebaba
SHA1 836f60c5f17a775c1b9ba7eb40b8beb62ea1d46f
SHA256 e4cc8f0e13598c8601410b27f3c78c6e5f96a9aeafc536c45192103ea7cc75dc
SHA512 6b4018a82ecb7cda55534c3e75be0f1a17cd1235e539029c2d9e091852c3eb26fb68fa221725e2007f4cac89116c49085fde16928a7c45c6ad40add5f475d2ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 257ee6a88905013204d0e3167c7bc8e0
SHA1 7d837bf7a4939e7cfb61e68ff6a03092eb2e5f00
SHA256 04696d0ab736acbe92972df5b869025631a03d650c9c0e37ba5fc806dbdfc52d
SHA512 fcff4b05949a86817cb5b0193b00f4169b612e3cdb18071afd68f1bf6c827dc57a2e1b44cde462b8463f0af6f133f71b26721a683192ced8f86b3944916a4881

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98f36526f4ecce1a81da66040274735a
SHA1 a4571907c1d8e1e685bc87c33e5533d70f7303c9
SHA256 54e6a1d9ae53d3e05cc9f4fec33ed62f004e8e17e5500f56e75d6655f8d7be04
SHA512 af5e18bf9177e1823d4e6a23e23c353761eea10c6c538a74489806e078d3d2a5ca2aa1f6525e9462998561a44eaae402040ebebbd8b96e957be2cae3afad5267

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53587932f53095f570c13b67cd1cc857
SHA1 31d7fab9b9c71350b214d7ac80bbf16eb4cdd75b
SHA256 990caf8582f7dce691e6e0d4ebdaa911306dd46fad695db78fa667745d2ff8fa
SHA512 b43eb76fc37b5c22b595a93c8615058cb843350da884a3ad5bebeeaafa881bb0724b4a327381548438f7810fe0e49997bd558aab1bb0435218044a0f25cc717c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ffce019bd905f5434ae59c84c593d321
SHA1 7d221162600bdcb7a3802af54cbc4f3803595719
SHA256 0b35c2115e9439fefe3317d6ae83e88e6e3c40872d5fab4a9ca590b62aa00e5e
SHA512 3878567e2fb321e1e8040983819ae50f81822d4ad60e1a5475fcc3b539db6b978126f3124da5db6dfc542cf655cb524d51afcdad21aeba8db1cc55e0518155a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7c8b834526ea75902eebe59373947b73
SHA1 11932e9f0f07a8822a205d367053dc2f2536de0c
SHA256 7c94a4ef539cd45d883848e51fa881468bcd7169714cc5cd54fc11f6ba3278ec
SHA512 6eff4bf27fc5a138a2354d22fab57200ea01ca4f248f2a22c4ce26c7752d1ce0a8019c3f9320e794067671ae358fcbc3d6d410821b91bb6c1b689cb345aab0a0

C:\Users\Admin\Downloads\installer_29374.exe

MD5 c2f4144790ed39217b1dc7cc511ef8c7
SHA1 3c033675a05d6c57e587334b6466964adb69dde5
SHA256 0ccda2c02458f8251b7b2e825b44f95ac6b2cc8a0ffd53a50432992d6f9de8fb
SHA512 1927500a11be63a3ddb51db63f3f28f606666c172553645764ff160c626a866b96b68e5c12de85665cc4dfe852ce545077270420baefac4bd0444176e32122d7

C:\Users\Admin\AppData\Local\Temp\OperaSetup.exe

MD5 6b990d544fafd1348ed8744f889084bd
SHA1 b4fbacd91715a26f5c049d954a4f9c683ecddaea
SHA256 be613eb70bd7e9d287d0aad1ddc1b523d968457594f017b2fbb8c1fe6015478b
SHA512 e6b12488453b767660099f24c1b106c5e44bc90e69f8498691ba32dcbcd50cc8c8a0e63f2a63e0005f14eace2db72a6a36284ff541cb6a4d65d0766757318f6f

C:\Users\Admin\AppData\Local\Temp\Opera_installer_2405151520143774888.dll

MD5 74ceaf1146735fe0e297fa37ecd98349
SHA1 d77927d0b1bc98c4a1d1839591b1d3d5da2e3f50
SHA256 b4bf308a845e7b2b6cf1743a7c67440c8690a73631977d75197ae4616996c694
SHA512 f7717dbf780b5badacb27d83fc0e55b14477fe2179f11396780b053ba928b1875d77c83c470d5940ade9ce53082989cc581d411e9b441b52fe0b1f9396115251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d4874004d81ee22c5f7f00fcebb541b
SHA1 a9aea34ba010d73cf1723f855ce7f03334864704
SHA256 4f710626643202afbdff61d9c68b91b92c25aea9330de8fead81eb3e2ecdf8de
SHA512 9581f883544d4a93cd9921415a8fef99044436a3c4ec1dedc42c2c5d5debebb28283e46c57f785f74dd21c7ca510fb226dbf9f7cc02faf4762cf6b61d5017035

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0fabb7b1fb224a3cb0e983db4bbedd19
SHA1 e9e8db6dda03766d0aeeb737d510664e88b94318
SHA256 2bd8e92a54c1284818d6de7dac781e704421268d975d676b07e8f6d18cc186bd
SHA512 44d1d838bba9fcee8ef155502b6474e2b08c61ece12db9395344477f86da483c2576a10fb4165bd6ae25c37fd5329e9a568f731ca82a48027047c1aaa7d3f9e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 a6d7f7b58420dc47ec59d8a75578dfdd
SHA1 821489653a867a4a62d02a2d0abe300bc49b9e63
SHA256 93bf91b8669d44987ecb798483940f3ea3384b73ff7689d2087380ce8d794776
SHA512 656a98df71ce6c1f75c8cbde2c566b17b08602d5de64558139b01b6b46e652e2454cde72f2f22463b762b1e976b596216a65dda05036653b2dbd0dcd2b6520f0

C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202405151520141\additional_file0.tmp

MD5 028fb19ee2cea3e611b4a85ac48fafbc
SHA1 d1a802b5df649282e896289b4ec5df8d512b53dd
SHA256 e8fa79e22926ae07a998b5d2bb1be9309d0a15772ac72b88f4eed66052f33117
SHA512 99959d7765c1e6636dee1841f214cb2d0c7684d7128381b0387fa9c7ef4a92ef62bb094087bdcb343e44196b5a333df3a2104ced9f49671197a06fafa27aff51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 17074b58add8ad7158edc6d6b47fa387
SHA1 9676a791811e00d839d0091edd0e85be3ab82cb9
SHA256 77e7e95a32114d3bdbca75d2a88fb204bb00b7d6d4847a31eb1e1cc7ef1db216
SHA512 d9459b87170a5844d137db76a6bc5f2967d311d0e86a81cd1b6f22cea5919cd95b39b93f4f904f29978f10b04246238046aea1a4ebb3251985ec841bd6ed2634

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6037a92c6eb121eca87a0243949488a2
SHA1 a71cade7ade2a65ee9d6abcf055f295f30c37b99
SHA256 d1752ea70daa861467f663f0a9c9b5b00e7f0d778adeee06b37d394d5493836e
SHA512 69279df270854bfdbe7a19568ff80496ceff579d3e614807aaacc22d325701e43a64edb203e3a291658d0c836cc31bcd368b495989d1dccf94124837beff3570

C:\Users\Admin\Downloads\Dupper (2).cmd

MD5 006d4773a97b11259af25702dfa4b27d
SHA1 842aecbcacf3c3105d9676a0368ac1af31eb91b3
SHA256 e9a0b5137fe823ff30ee4b0d18463e0e800fdf3d42ec286ed2004c59379427ee
SHA512 32e37db31e9148414bab67a0b780e0f78423d32bbbb72ce589bb84f40563fb15617a63ad6cdf9bf4e04f6778c4a21d33353c41acbc286ad8d1ae0873dfcf20a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a39d653471e532d742b50d09c4309575
SHA1 d26f6bcc2c64072aa0a63791413a6e8d485480e1
SHA256 ef9b4e88cef232f7b27bc8476331158a118c8d1f1328205c307b1c451ed6c2bc
SHA512 6404f33dc558ef35e9208970be9c4c869e7ed084956cd490f3ad328ca8755c2d996cfc9f8b7803004cce78f8564f1b7d7610df7228a39c504a25137bd13d23e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 caadc61e74fe44b06f3b18d854831686
SHA1 02f28da0ae48a211c65d88e749e80171760c4382
SHA256 823e1e8a9a9203f2511ffb97027656472c6c8a0ba397a4b055ae74d4a79662cf
SHA512 b05ecdd2e6f02ac3e00ba0fc646afc94d51a3cec4a81e06228ae959656b9b8fde12358ef00d962c631300be0d53a04daa6811ec554d9d9697ea48f81eb726128

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e1a6e309c42a8d5ed42cb21928bf495
SHA1 5452e38b0bf782af8b031a0fe8aa22c79bcd4297
SHA256 40c5b19507e8eaa9e5b31d6b3d96a3917644f6a68514ca541fed32f7b1478622
SHA512 73c30a91461b66bffde864ecec91e8d87bfcc4564f8067ffe7b930b24db5f6710caa73149d1ea39dfcbf2ad6c75ec6d9800657bfc115209da6d43a52b237ab06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 cced2ffd57ffc1b4aba9c430d6f33e56
SHA1 e1f752581df22313f79ef58406062f40a891fcb4
SHA256 2f93a6bb52c5cdb5bec4717b8b4b15cca0afd353715b7be5ec96bd5d1dea24ce
SHA512 8378c4997fbbae837ff54557524a60de6b96a157bb4eb2c36b357d01ec24a1748b68f454160ac920242154164c1562746f26fd01dd5d10e603ce59ace42a6da0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\207b599f47743639_0

MD5 0cd733782e04afb1cef57700a5a321b2
SHA1 e66ba2a8df2a041b6d6963b7362ce68635cd0e3d
SHA256 735aeb78a325a394cd3875053b94be5674bef08d06cf5ad2721de2cb95fe6f1b
SHA512 29cb11d7ded40fac8be3c90d131c4129308b0f227f1a75c3fae52dfe5c2e5dda15af411c4d752ef1b7567437e186e7512e7cdbf88fee5b5cb6711de19a63bc5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011a

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000113

MD5 b7664a140b3013a92f71734d14377cab
SHA1 1dc63764fc431bcc9298fa82aa33c4925c8128f9
SHA256 7b7d3b8182944f9a81291e86a8b7d697d37d2a73c8038f1124cc01d6c4701377
SHA512 5a724275f5e704788bcf59035899424dc1cdfd0a3a0a5b87412689da83845b0d3b5c81aa3d950bc9df2251ac46a035576eb09bd2042ffcac84933743ae7149b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011b

MD5 f782de7f00a1e90076b6b77a05fa908a
SHA1 4ed15dad2baa61e9627bf2179aa7b9188ce7d4e1
SHA256 d0b96d69ee7f70f041f493592de3805bfb338e50babdee522fcf145cb98fc968
SHA512 78ec6f253e876d8f0812a9570f6079903d63dd000458f4f517ec44c8dd7468e51703ea17ecce2658d9ea1fdb5246c8db5887a16be80115bbf71fe53f439d8766

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88044d05185d481bc8e7fcf87efa8ce4
SHA1 848f867ab8a2b96f05a8ab3b376925580ba5d14a
SHA256 6bcded584c2251eee25ecde83cbba9c83b657adbb8f1fc29b2d2bfd6e0497ab7
SHA512 4a115027c0b9faa2095196aaf9f78d69e8d9545ec9aabcf2a8c61d69d23535ecd047e7dd4c17ef163d6a9f54f0b1c7cc7fa4a1e87870d7e52aafaa6069ed78f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7be3388852d68db9f0978b5e1bd145d7
SHA1 59bbf8e22f92ce572a69972d4bb949bb965ec113
SHA256 418cda855d1eaa18b9fe863a687ba0369ee1eaa8d3811b5699a139ea6d2071ed
SHA512 30bd2a2934bb79ac9e6c3f8c3205bb1a635179d9f8691b576c3a786bc1f9776aba9438eef91333ab6c6188c4da1f84e1d06b4dc1cc783871780975f19f25748e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fde4e6797c76a688cf4487080e66585d
SHA1 bd10ce2edae4bb7a8c9aaa2b066338a03b585341
SHA256 ce9f2ae2aebc7c04095495b135774ec9794f536f11910d0eefbf284fb707998b
SHA512 32b5211251b9cb097856e5f08acaf9e990e2ae5e6cb1fa56848920997bbce2e80f442faf52af10bbe3943c96cd289fde3d658f26c3fdc14936ca7525a3b002e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 82118342c59a96c8e0cc4783273f71a6
SHA1 2a5c3e8d9c6830e7310e6f384b44ad5d74835942
SHA256 af353a82bda6121a9d9c383b581399ee44a619848fa1fa41191f36661a6bab38
SHA512 fc9f9f20839d7597fbf7c1cc88ef8e071aa522272f41289f4a03a2bf84bf835754d066104d9b40270fb370322695fa3360bd06a122d237ff9cabb56eed5b7462

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8cd4250ee7e9a1d0b3ed3cc97cd012c
SHA1 ea6b2da027d4bf8ffc6e79b7ac6c400dee1c3273
SHA256 bc6269b81e62555acc0748f8a1d6d9cc76fbf9ff924a60a3de1d180e28e8614c
SHA512 0fb7a2f523e2a4854db91ad3f1be0196bb91dd8aebfb7c841f90600ee0087030e6787bb5c4313cad136a97413016bcd2d0ea8155c60a0cb955e84cff1e51bc86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0c2bdb6dcbe3094062262cbd77cbb566
SHA1 168e8bee241dc6d71445d822c6d094e7fb5c8cc1
SHA256 a6239ad98e2040c6fd2d5b20c15ac8b32f0b4f2db30ac22ec774c20c5a2e2e74
SHA512 458f55455452a3453b7dc2f156a82920614ce2926c1ed4ce81dbc74193574d5e06e0f6ae7e82d388f4ddc77d1a05f2e63b2542acc9a8b2dd232bd99163003a60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9e8f936028f531de81178b7dc3315fae
SHA1 f93b6d2a536ea7cb71046a41c59d7abbc3f9b3e8
SHA256 77caddc7b68ec38ffde6fd4bbf86ceaab8b8e37ce60698bcea54bc60c2d34df4
SHA512 7ef1ec354b8dbe84a997eeeaaf9b5a24db9baa7cd9cf27ffcb0cff255411cc4c77da569c95b7674455d31d79c1332f5fdf8f4e27bcf32eb863f522f9c51b61a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 785fa3637cf2cd4c9816875461ea3973
SHA1 a013bdd7fd2062c9cea314500406631067765077
SHA256 35f165423e689d9d2adfea1648bab14e088645e1f86434079f9f245abfd293e4
SHA512 398bd384ee6c5397ccc1cc7c4406ef86cac698b2d4cbc6011a07edd6f424d8b1de5d35ae48d0aa7b18d9df716ce1b24e4df0f844fc0714a1cb6e35018399d878

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 32b83427ada6433b4d40fabc88b8b384
SHA1 2218bf7ff0a9c3a17d6978a50f2df8f64c9d6d00
SHA256 9b0cd5ffa7f1e058032ed89e59d5245b00987b3bc98469cc9e96f36581366c7f
SHA512 a13830008fe4686231c2482f67a97efe08453912654e15216d7ae22fe54bcc1aab3d0f30b106ca32d1e0f2d1c77876e7b61d7b33abdce56d4795d6911d38292c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000122

MD5 6b5c5bc3ac6e12eaa80c654e675f72df
SHA1 9e7124ce24650bc44dc734b5dc4356a245763845
SHA256 d1d3f1ebec67cc7dc38ae8a3d46a48f76f39755bf7d78eb1d5f20e0608c40b81
SHA512 66bd618ca40261040b17d36e6ad6611d8180984fd7120ccda0dfe26d18b786dbf018a93576ebafe00d3ce86d1476589c7af314d1d608b843e502cb481a561348

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 805cda5956d01ecc78f0dfca1dc2e5ad
SHA1 98fc6043f7cd7ac8fd5206d437cc5909242462ca
SHA256 0d3f989f3aabdac17f7fc0fd1098abcc7515092d0e47a5b533cefe464c04521e
SHA512 bbbb510e1e78943deb240d1305caf096fcedab28e13f4af93f64d3775da9b808eabf534c94670e32995a69b070e0fd778a645fc37fb2afd8adc97c88a75aee9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 674630170f96142b3df816e5eb48130f
SHA1 2563aa6b2e20abe4cc508bfd975916185608e1a7
SHA256 1951a98d1624b6df74afb63632a09b1fc855a7b00a0e4d04c49d7aca14bb5720
SHA512 c07e0db508b03ebec22ace5d0a7b8de94873e1349fb0e7f274508b91a62c0f18434fbb95149425437eec1a1d8215a724f721729961bdb67ccf0443e844af38b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 daea3d63042b78d68093092782188bb9
SHA1 27187a0ed1d09cdfcdb9325a7c81391866cfac59
SHA256 88d7d4f88309443f19d9cb92f437e2a6e509f0fa2e5bf41c191c474596adfada
SHA512 a84f7b5f5d286d9a95dc249d575a0e3757bc8c5db04609a1ffcbd71f0231dcb73efbbb8456004049d1f5cdc5e60196b73981c380b1fe90f3c0189b74a20a6e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a5c70bdbb11dbb883c2a2aba6264ef87
SHA1 45eea16395e9494b20561f5007d63ad863d3cae5
SHA256 40c6d6e6c0676bd0739dfc3f097d7c1020e3c03417c3b89fb3bfc56d332a4c4e
SHA512 2179973c272142dbc1002446c2ed3ac6527a72c457d07d6a45df6ef48c5401f6191f153ac629e4edbcc549718d0f963962f00697dbf16aadd090d594f2fd35b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8eb2b7a586898b77a8dd6c4d6e1111b7
SHA1 17fbf9d1b2fba5be90f41b7a72429911d30da9bb
SHA256 f8459cd82817171b1b297c4c89a0efb64e6439cb7bacdb801196d1f90c463e4b
SHA512 8f94ccb5fcde27e2a2393506c9383a4bb9ebef01a9be8887de47694af02190075ac554d2d71a40c7cbe1e16b10a3f3e25750c3c4b5dd12272ab52f85ff58bf15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 068a864561ab557e6b6d58185907fee4
SHA1 7f9d2dddefd405a42704ebc18ce18a7e7d818aae
SHA256 eaa1824c4ca38f9142a14d96c5895ac2335fd8616570f4b6a20e28904c563429
SHA512 c253c15389159d540f9ee07c1f41bd26e6fc145a1ad7a03d7d86d6a5476417f66137f18d27c903b6bfe3710c53d99eb6fd4bd52c41f9d21f4fc9fb9de81c2cb8

memory/1808-4908-0x0000000000F90000-0x00000000010B6000-memory.dmp

memory/1808-4909-0x00000000032E0000-0x00000000032FC000-memory.dmp

memory/1808-4910-0x000000001BC70000-0x000000001BCC0000-memory.dmp

memory/1808-4911-0x0000000003300000-0x0000000003316000-memory.dmp

C:\Program Files (x86)\WindowsPowerShell\Configuration\Registration\chrome.exe

MD5 8717d14d907d45031d066f4d9b333b4d
SHA1 2af66086911f2f085ad432dca7e47ef0d26f4975
SHA256 8f3a7e7815fe750ca11a6663bc569df73dd7969b931273ed3c4a4c8fa0fce9b0
SHA512 d7858e472381ead4cae13bd75bf6e28855b1f9e7fafee39190ea51808bd625ccfea611fd1c54efacf5c575746832630f235b8eea0f266c2537dd74c458cb4f4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 eae5397ba2e7c6eaf8d8722d1057a189
SHA1 af1c31d9b8a64aa76a69118adf325b6811ab5ac4
SHA256 8e9fb71df1a56074e1d05ba6414189b197df0d435a1b4a53f1dd0f992c84acfc
SHA512 1aac06688267fd280120003562361775d27e77e6d3c2003eb841c2011508a2854998b2f231a61875012fdc76f8b5d167899f959fdb9f0992579460bf01202cdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2800f421-edc3-43ba-b137-6a99338251bc\index-dir\the-real-index

MD5 de1fbdc901ef0f7a793a775f6d1f6d75
SHA1 7a9ec9dc4ad59db220500f7e4979622464e833e5
SHA256 dbf44815624b44552f59eaa8efcaaf7f89319dc706e4d832ab84dd866fe94a76
SHA512 c3f20d0597331c3ee78097662f54cf2c3ee3a5f3cda87b4b08a9cd82c5e687edb2dec9dcf150672d60530d52a139caa452cee08e8cf5c627301e2b15010211e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4fabceed55b6bfa853f212a3bda77185
SHA1 1a8c933be9cec5e442dd41bde1c5fa15af136959
SHA256 bf4ac90ca5a03fe566fbffd81b1cf89c975299354cbeb51174a101edb9a507e5
SHA512 63c4555026d048e53eb28b1fdcb31f990152332b404e1e885282c098738d624f411c78ca10089dd3a7ead83c94b92218d828d4ac30ae706093fcec306b7b60ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1b972b36e1b6a410964e3a8646cc474
SHA1 f3960e3a96c7039c795e3cff0ffafe3d0c026f41
SHA256 cca565b6cb3e114f8aa441cce44c43153181372af8fcddafa9056784c266063f
SHA512 e30964b573ede30420531062e4cc95f88c10450ff778a742c2a89bbc69821414e85b318f5bf516133555068a3ab6558443b41fc8daa13a0c857d5003f553d012

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 86e3baea205f985bd6857d76cfd394ff
SHA1 18dd7f7194b8722b2a43d0c091a8d481e414192b
SHA256 ac36018907bc2c472f6945b1fa3732cdd7cf4eee58e86dcda8cdbdd62a6101e0
SHA512 c61ef93d5156b13c59ddf731a9cb9c226755728413720a387e5b5cfe582ad174db620202a603abda31a666bcfeabb9b4e26ea5fff976d7b65c1510e7cc386d56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce8c6e5c56795abc653e66ee95f59683
SHA1 ba27f3f94f1186f7958c4369b47d7861b9ac2d0f
SHA256 2752637b6d26ae653c9c1b45664fc0409f9ad52b10973b41dfac752c20377820
SHA512 3b50b4acdb470b6b3c60130298a63e1e21a5f4660d572abf6771a80291da093b57e3cfd1b5eea9eba39acd25b2518471fdf9fee178de4a18f89fe78e6bcba3b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000184

MD5 6156363d08a5450f3252989587718add
SHA1 bb917063c01d5c50a883f7d1ee7dd9b450399059
SHA256 edd071ed2c1d002561a5f18f4c97f7f788b3a5a03d32e5aee8fa1ae2c3484517
SHA512 3c1ad32a552dee10df6f3f16e96f53fc193dc00420a690cb976f00a5c4a68305dbb5c1c01c37a2868fed55dbf3c22f94524f18d0eb14550d8e2e2b84a03cf7a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4f8969eae8e0359f0bc7b30ab68da48d
SHA1 10062bdef4b7b6555e7bed45f940cca9ed10f520
SHA256 349b755bef256469b8961fa8111a1ed9080d0eb13bb38515687ee728a1b8293f
SHA512 ba9e401386d039a137645af970d953ee1c7d9e727c9bf2bcd03eb9d9ac52f25b9e94e3d1aa047aa4bf7704cd2e49f850e83dd59faf969cf302e950d4aff5eaa6

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 88a80032c9ee90934de86a1df3bcc9dd
SHA1 89b5ba5feb78e388c54fb850b504f6cfae24b95d
SHA256 b4cb2e93709595467f384f0c56e7fed1510164bf567334c1b0f1b35389e22252
SHA512 1b997da17b688c43c957e4d351ee126965c52c48d502205c38a0168fabe0183f32b7c0327556af67c010e29a31efd11833df68cfbcf9ec40f61e61bd056a5d81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 21811f6f257173f91af2aec1e5b03101
SHA1 eb05a83c8b63803ff6ffab6afcd1bc70748368c6
SHA256 8cf05cdebfe6bd679af2cc5b794b0e46d3819637d7c26a851d50a07e52cfd261
SHA512 16f7e23cf3595eefb6b1cb482fda9dcc256d217c796fa725f95a86615233e2d0cbdf065f72324dd47ad50efb587d898272b5db8d9022c6e8d5e446f7fd34c3ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4f55f194cb9cd26fcbe6af1f0d526adc
SHA1 3f7057689dd3f39bb05d10a6ff47878dc66e5531
SHA256 7c4cb0598a9c5b8b9377843fa109f24faef43793300518ab4262022f39fc3444
SHA512 10f882e27e87969f3b03dab1cd6b2567970b1378fdf74a6671f17f293d658c9d5d401f022126fb938b31872b0a9c54ebce0260a7c33b60c2c76c5cefb4ff735a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 870237c2b6be011684ca753277ae15fc
SHA1 19a2186ff4358f09afb3dff4330f57c2ae5efbd1
SHA256 17fc0d18ee50f297234ac524b495f01b4d4d34cd19b3316bcebbac930a522b3f
SHA512 d4c615d2b80dc1ad5509e7f528fc03f2d5286dbc55ebd0ebe573fc321a1c93e4a710e1c49a24c4d9858f1d0962913b20469b7aefbfd2332c5e69a66d8f271eb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0961eb997a2141f429869af35a8035d0
SHA1 3204ebe215cf303ef2ecfc0254019a2d0226e23f
SHA256 6a5ac5b89127ab81649457ef44d49f375371eb80d7e94dae12d6298ffeaffa0e
SHA512 060a206f9956f32ad48fd877f2cfc51a531f5abe65178220166b9f7196861ecc1a8813eebb5b43b861d7caccbf34511b949b33aab8094e695caa4a5cacce4d36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8

MD5 fe8b7cdda74af277e71914fc58d95763
SHA1 63c6f196f334e9275195746d3544f32ee0cba1ba
SHA256 95c62c2771501d941f071087d0223a7fe8d56a1edd7c4526645f53cf11df84a4
SHA512 a7e3aa9464f5ebccfbe181d2b84205fcd49b8f3c3f5b21fdd1a6030f0dfb883898a3803b769b198edba90f33f929fe56ea8e2773c72176adb5780669da3fc06a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7

MD5 72ac30ea37b47d1a87da9651daf9d9af
SHA1 d72ef7b5c3bccb7b4a599c7bb69dd05cc4e470a5
SHA256 faa68acbf52537f5f27f2f63120ac34f8f0ff1cf460c90a8c5e7ebeb47e8083b
SHA512 3632a1a327dd62d736ac7110df17edc7320e4266ad78ef5cec96b03e96bd0ad2c5c9d35a6d8ab016ac6e24e4f2d260e088403d287564b7bd4dc4d6ed68cb20da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a9

MD5 36c06be874845eaba4e495cfca6b385c
SHA1 5fbf985308e15b2bab5907b3bb9a64839c4d07b0
SHA256 6ea38572866f5657e053197a7295560d9ea1d36149f2c0938f57efdad8a70523
SHA512 2cfc5138f964f254cf67c22196f364f187616969e5b2dafc8d84de1638b3f2bdf9382e6f50135abeda0de00b7c0605678663a67e84f3d9d95a1149f02a4854f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab

MD5 11d340cba94753097d5ead8e86a8429b
SHA1 10a95cdaa5352e046c6aad1b951814c2419e8920
SHA256 fce21d555b40b8be2918c341b22e597e6f578e3443a198024948782cef394c9b
SHA512 1624bbdd82f03d4e3714e09489e8b3b1ef5741a75bf370c1c4101dfe2ee228d68a103b26e48af6c2a4171423f02ffa4ba7bb2bdf4e4d4f829682e681ae66dd22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b0

MD5 413aa9031a0e03f0eecd744bb354102f
SHA1 433c5c71bd4954c11cd4aa346b3300a9d4186129
SHA256 060e60eefcf5d39d1f5f677d95a869ec64e0812ef83bac32ce42129da686c712
SHA512 b2ec7d3b208b14d33d2222eee6f5946e02c2d5d1a647ef71d49a1261ce827cd68523bced8202f0ecb4dac58f23c5c16a32e8828d2f3331b7e92732cc11738a73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b1

MD5 891382f4dba3e9eba8a2dfb012af0f70
SHA1 acb7b1676ef2540a17965cbbae7d8fe3f334f342
SHA256 1c5046d51650e73413f70123a6e489157fe70c7674ed72e010f46c005ab0ecc3
SHA512 ac9e1458ef5202000f0ba1f3e837ca77bca6c53fb2f5b9e0828016fa8137cc3961a78cf0be3dc46a823a8484c0c1a4ee3944c2170762d532201e777375f0338e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b2

MD5 4db9acad2b81638d899571d496a7b107
SHA1 096f0e9fca2590830b6dc162c6f378d17158eb47
SHA256 dd8a7c8d470b4ba5b6dd3f6927831e9e243f6624004d03b010deba95009f8fb4
SHA512 cbeef0f12a43be21bbf6ca4aa2a667f311f806f4f2907d68cbc4214d250171a3cdb5f5623b3eceb5db043219cb413970e699786f2ddd8dfad9faadaf0376027d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b3

MD5 d2942779e01188511ef5e34bfa73789c
SHA1 46d47d2a9a39673bddf42c4c0d2e336dc6d849d1
SHA256 a2f1e4cd3ef283d860916e4eb712351bcdf498246729cede353c4147ff903937
SHA512 4eaf1b014ba3ab57a3fe15423724db2b22996185b51372f6d5b050740f29e825ac1dc18243128b2704ac1414ad539da1bf2d01cd93c89ab62cb42b234ca84119

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b7

MD5 dd4fa6082e5d441dbe8e530ad4e935f3
SHA1 8ea582f42b30b3ab58383bd11235aab2a2458834
SHA256 73df778aaa086747e049d0ff1284ffbfa1ec34a720bea4eb8100c0283cd9ebdd
SHA512 2a8665da59982b616b654ddac8c8b76728bad1482e142e533d9fa35e17633839e413ef7b55edf0b605eac5dd94a0c3d35dfde8105db3e5b39ae1788dd84970a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b6

MD5 e52a8a040b1e200790d722cf11dd198c
SHA1 82e233ed9ed49c2bf1ffc5b67b319f90bd5109fc
SHA256 ef3136d43973015b2cac5996042a13f714cce7b8786825082c68fddf6ea320f5
SHA512 f21420bee65a30e7808c927ac85a39f77c44928c4c53c60d43ba871f239242a3225f447f6538e51f84e124e3dc5c982a7b609f4cdd5bde97a82e0d2afded040a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b8

MD5 bce0ab38f368b6ef16a88cd9ad205cd5
SHA1 61f5b42c75d13d33ee4f81d4758282dd260b4076
SHA256 40427e775a5cfdb085d80f93d7f3858811fe8b178f2986cd5b61377ae0035745
SHA512 451c218014e95431cdc8adb6e56936c041e394868d5366a649fe16a6f48055013046dc48fefb845a65ddecac1691d3315ee029d572ce444565a0cdb56765e447

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ba

MD5 aa75a1a20895b29bcd6a4455960911cf
SHA1 ce33fc9836ff2cb326efba9a5b5154223b73a7ec
SHA256 d30239aab100bcfb4c17cdc74221285e1676351ed3b998267374b5e37098a7d0
SHA512 c1700403f1be1e93aae2ece9788d53f5e36dff25f389e7959b48548967d670abfe8dade7ca16b4cd918699ebfea8e245ee5003870eb94f715fd2a43b7233f350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bd

MD5 1cdb447580ecb0bbd88a8192f4d6eb74
SHA1 86f7388b664037d9cb96ade59561322bfc3d57f9
SHA256 bcf7f4937444899efb2e4dc587b2c15c1a1655f0b62e922fb0381c7574b597ce
SHA512 01922e4f126329b824cd5b93d1288df5f7eaa97a09f4c4e509fc0967d2534e967664758d2f855072729ba3c07c062a791c0c093a94d116016dcdb5a2d4b18ac8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bc

MD5 aea59a041974743ba9af3809c2338977
SHA1 d4e739a5695b4089ac1e5f0dfca1b92afcfce562
SHA256 c8947a5f90442af758825079770eaa49cddb9cfadeaffb624d85d38c2bb01a12
SHA512 3460960c3715c12383ed8ba572842d50bb2a1036ddcc1a87aafd9f5c22ed40354814047ba02131d896853c8bac070a80d7364c469cc3b94a742c1a42e5a24531

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be

MD5 1c29e85095a09c7d403f68d995046a42
SHA1 ce642e67c322743729f1a16b162c2d348f0380d9
SHA256 9e70dabdae1ed169188178b0644dc9e28c94589278a88ea2aa204d4a6c4a58d6
SHA512 af3634ee3f4326977ddbad528363a81e13a146ed50760d46076cb9c7e8e00a0643a2a094184d64a53819f4c09b51e58a6a11a746cb769850636b182cd2790248

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb

MD5 211270196cc7e56aa48c59ced82c5490
SHA1 d66c957354c7e4feddb92033de110c0d814b604b
SHA256 2b567404e5a37a10dd0d4b46742223b8cce5d4478865d36004c1c7a199f99d83
SHA512 858053009d95aecc44dc0e6bd530e3776595d272d5fa4bb5eae5d1101e96d7e80ce8f5704c32fa8270a422d2ec2418189926f21e99173d263bcf27130c06783c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b9

MD5 b7de4b08121680d105386631f1427405
SHA1 db518384c911ec6e18fce36635df85312ce063c5
SHA256 df28672f6a49d10417585d8280545092cd387e494af760d7d625f15d46c1862d
SHA512 a8259f03b5bc6df1936426a817ae97675c5210b28151a50c69ad0a7747b2e27e2f0d55850e52eb981341d1ab6bd40fc2964593f6ac4b175433f35115ad08bb36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5

MD5 96be1b35b23d9c59be6c9a3982b5f6b8
SHA1 eaaa3f88a4701a943829f311b5b2f5c344e726b6
SHA256 b7dceceba0e76c71fcd21fb02e916b5322816655742ed3469a130e7e50c73137
SHA512 f9646d6b0e4c284773c0e3924ac1434fa42a569c66bab6b8b0359157bd38fd479c243562a633af6dbd3bb89074311e2bc2cd7b3cd1e22eef01e88ea154a30be8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b4

MD5 0feaf72f31b24df1abcb4ae668b85c65
SHA1 a3c47373c7fc4c045a4dbf839248e579928cde73
SHA256 d1c3d96864acfc9dcd041c3cfea3977f9a4ea157e17c3ec875d86463e2e8a5f9
SHA512 f070e89334d683523b9c9893958cb2e252a46a90260cd9946062027967565840359b4b0cf08043992c1e7052f8b1953a032f89f6e6a66cf115d030780af78d64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000af

MD5 c12257427f6a3de12c9104d145f53dcb
SHA1 fe76665a5a8cc1d6389165d0b0915718f76d9c73
SHA256 7d09be393a68bfddfdcfb703bf6a3947e83e20248db76265c7b6402011051c3f
SHA512 d721e6e3899da8f257f8cf3795baf8f9732edbc72bb0a76bc8a9a69dae32b6a189b4fa65cae274c250e0a9629c562e49ef0c5c83bd4ae03a06f89fe8d046b878

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae

MD5 f4a12fec261fb8822ca8a146550df66f
SHA1 401de9ceca010e04bd06077f79c3aeb46b86f5ee
SHA256 7884dd51d4bf204de918ddc5612c2622f354fe4fb01284f8a04d1f7164ff75d6
SHA512 3ec1c7614f8ab254a4a48e1235ff74eee433ab82b041968e843464083aaad332f97db780f76245e4a599b515d775c42dd1f135e5a6349c7efa70fe5a33c09a31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ad

MD5 fab91c5af0eb55164794dd506c55024b
SHA1 a366b2acc2b8abb79611ca8fb40c8a1f09223d56
SHA256 d00fa9abb7ee9b505d35c4d1a0b5b81d4edad7b1003298fcecbb079f0492d0b5
SHA512 193f0beda6b15938e8e9d2618e85b9ccc074f087b702b5e6de80f399f8598c07f4da32104eb3b638b3d684fda35679f827047ba48c9f593734c6b1f79e81b034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac

MD5 2dc0722a67a27c0e73b2865a7ebffc09
SHA1 e3db8ae776b0f2b74577c2ddd4868029b21284c7
SHA256 d419de3ee94af74b81f8491d84c2d88d664cc0ba4bb354bd913ae3cdad06c498
SHA512 c7617e1ec56e3c449f452df41c0ceffa6fe8194114adeddefb629c95afaaadd307b55af6267d484e8d8c7f49e3b146db6736a81db6048c952f6150c1c91cdcdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000aa

MD5 621e1c6d62dfc80180fc2efb6e3277d4
SHA1 042d44d671aca105119b164109b04fa509114474
SHA256 da0365ee9ed4a3d139557b8d5aa8a7900e7c2d6125300e37ee160d00d451f16f
SHA512 6a2eac5f554c065cfd771d53f34c623bfe92ef0a9ec71442ee80d0af0f66e1833489acdf177ac8d85768c8ec49540ca8d4df9bf2ae5a929cbe6e04b92a074cae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bf

MD5 a0be78e86424c26106ea2fa5c3264393
SHA1 32d0550421d434a4b61d8ae1e5ea2383ec403ce3
SHA256 571b4ac1212e81c7fbaebb13ebb8b12ce366a9b8728803a0167a7d5ad080c747
SHA512 a61e046bc07f45d392faf2e1a2e2a2e5014054cb76a2bda0560458e8a50f8fa3a75f75993f62874910f4c0157bf6f6e96eb58ab7b6a3e6f6860cadf97acaee63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7

MD5 13cf8d49ab1c3108d45464bff594076a
SHA1 dea9dedcd7a32a847ae0dc943007c924c3e7a44a
SHA256 fc1d94d23e21b4533363ca0510d2039c8727f209bded2e12d34f79d9e0d6763a
SHA512 5a0a2c294fe79d32324511b20aaae6f038f8bcfa2861c3ce945845cd5520a438d0b662669dfab98ad8db285278eb2736b29005b7d260db977203dc4bc9b7c5ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c8

MD5 c5037f5851c684ab7eba57f83fa75bbf
SHA1 1600b6700578e4917220a86c9c6c617bb3607460
SHA256 8613900a7ba81fa38d9e77db6136115f9d98f21d0376c7f73a54c91ff32abc85
SHA512 2de13380f3fd8898144b59dfd5a79c47b32cb298a97a3c6c0e6651fba77dee931904a297224b031c5a33b94803ad2b5f5a9df0046bd758a41fa7a0cb1bcea3a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c6

MD5 75f0b0436c11f6a07466c6da72f326ad
SHA1 d1041e5020c65dc8492f477cce31153852c312d3
SHA256 892648fae18931dbef99a5d868179de13cb8142256590cc5737638e3d2110559
SHA512 580c391a2f849c4fe8d4655b90541094f24127679ae598e2eb607d0db6fc62d5fbc13e6e6d78b86a4d95a89fc04858c0b4ac628b08283cfd5a19d493abbb6945

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1994e0783bb81a82eb98ac5f7f3bc8f5
SHA1 35fc918fe8f0f3d4d811682451998569692dd828
SHA256 c3c99719a83194aa6c2c28bcf7cc9a5601239697d54df53399987545e1c5aaa9
SHA512 8e540bae2c894ae594a95b52a53bbc4b46362a4bdc39a8aa46f8e5d51d4950cc11248b5da67fcfa63566c8e012c42dfd3d2876524713c314cca354e812ff4c41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

MD5 30986c3a80484f551ad5379edb4246d0
SHA1 8194f456e2c725539b5177b9603eedb0b433c3d2
SHA256 3a8fc611e3ef96d37b4dd70a021ac224dbf431562c046b24da8ddadf716c53a2
SHA512 c9e0f5423f51b9243c3704fa350e4fc8a9fb0b5b27604f15fcd654e068a4463c2d3e4f488ddda06b7e762e13eb5e92f7ec4478a4ec8ce1ac5c226330f943bd13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fad4ae53dbff1719a9589077d3e7cc8d
SHA1 d61d27fb7dcdd8eb0001d7d8e5d7dc95539d292f
SHA256 5d0171364100d31ca97a423b10432fc13c02b8e8d6fd777f560defbd69dff8a0
SHA512 a34e1e8fac75af9c8802a0e8236248b862f36c15134176c100d758c068e2167f7a403644961330bb8392a44c8326efb416a7043d4c15554ca150a4a9e42a2b3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 61427c760b668c2032056f0d18f639ff
SHA1 25e5c9d0b27b34066e1abc4ed12e423064efb527
SHA256 9630f7899f32aa7f19391f2990e2bf7af8830817d57ca74ba6e6e255c4eaa19c
SHA512 3a18633c7bf6740f26991890f50f130ad2e8e875f01f529578ea4e3f702fa4eb6b6b77a22cded60a31ae96aa21fb7d62168097b5ee5515c3e2cb9270f1bb2f28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a694ebbf75f3a2bda653c8fc6766c85a
SHA1 11bc0b0396738f73afedd596469a77215b9f0ab5
SHA256 7c0f075b4fa45db40149933d597589f2f89d100efbcb175fe81846ce4dd2c00b
SHA512 3a31f7da5c5b18784eea977485b3e30bec6aad9e6b43ba0a76fbf6fac4586cbb7d88fcef20cda6b84c460dca40212a2eb17ae6367759c668261f0a944f77db80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 47e230920403e978c59bfc51acec31f5
SHA1 71c7e337cf4e1156a386d2e2320be7c680c6b1a9
SHA256 937c06e97c2f31e7e1c930523e68674c598a392d5bd214441d599b889ffbf36b
SHA512 b8b94cd69477ac46efe1aad2c23c75ce4d39b4117090bb018746e98d1e02d900c64734c891d8170d1f8454e0d250f8e9d12490e0d89083231fca771fdda2368a

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\fontdrvhost.exe.log

MD5 baf55b95da4a601229647f25dad12878
SHA1 abc16954ebfd213733c4493fc1910164d825cac8
SHA256 ee954c5d8156fd8890e582c716e5758ed9b33721258f10e758bdc31ccbcb1924
SHA512 24f502fedb1a305d0d7b08857ffc1db9b2359ff34e06d5748ecc84e35c985f29a20d9f0a533bea32d234ab37097ec0481620c63b14ac89b280e75e14d19fd545

C:\Windows\System32\GroupPolicy\gpt.ini

MD5 ec3584f3db838942ec3669db02dc908e
SHA1 8dceb96874d5c6425ebb81bfee587244c89416da
SHA256 77c7c10b4c860d5ddf4e057e713383e61e9f21bcf0ec4cfbbc16193f2e28f340
SHA512 35253883bb627a49918e7415a6ba6b765c86b516504d03a1f4fd05f80902f352a7a40e2a67a6d1b99a14b9b79dab82f3ac7a67c512ccf6701256c13d0096855e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 0cd429098412849541cb95afaf497de7
SHA1 34fcdc8c1708981ab8e69a9ccc50ab898d7f7df3
SHA256 d987cb1f82d1cfa20deebd5947b3ce1b9ae9ca25cb7df736727c507a3a17700a
SHA512 955809ff9150048d9b739222dfe4c1cc7b4f330cab2858b74ba1b8af8514f1d97268812c0ef81a3d926c9928fab845515a0fbd834a8dd1d0db39359001ce5f03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a7

MD5 8475a8ef024d6adb709bbc9189006d54
SHA1 a983974dca1a77838d06c1f41266e1b49959755e
SHA256 daf12baa74093add95f81b905ecf2aeb5b5efe056167a2b342d9f174762c8e38
SHA512 6faccf617db94895f403137e7b45e2ad9b265a8855b6ba6dbba930319b8b512724337355a29ad8613ba150e8f03e1f210a6c26ffdab0099ecca4af70d7f3dd2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 74c1bacd27684ef4b8a1bb818cc906dd
SHA1 586cd796c6f830e353e86e02f4f3f4208e7c30b4
SHA256 f63082abf3aeb5b70a86339a0236a22f9a3e11291c1ab326709e955fb922f8bc
SHA512 fdf9b2f824c4ea595fbed306fda9eab59988c4da73b7994ad23bc0d9f1ef9ef2c0a92d3fa5b0711fac4f46c0d7bcaa5c4baba5ef7f1b15e60165a6c9732eee83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d7f7d62afd0b204d81ceceebe89d7e1
SHA1 aaae3ef198a5f74bf15e27fc8778e8e06629de98
SHA256 7025e3f32c57cd1975c2f412365426dd56761138532e6529a1073a9fddc72231
SHA512 7645e9219f361a49b7db6574da35673d0a118558fa671d52db11caf1a7e9aa87e2a9224f48de89d7cba28b06e8bcceb492b786d7c80a51289a5c45b01acf8280

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 737ea38362731f9e206e70ce1e4b28cb
SHA1 b38fe3384295b8a8cb53ff124ed11f8ddd820aea
SHA256 5524ef0d0b526f05ad3ec54a0e1c21ea237daa79c536969aea3e7d1df554df2d
SHA512 7f14c706623318344b94d67b1c05b9e979fc1a485af11acfcb21622b6ba00eb2c57bee5a2cec0c1ad2c79bde7f7ff4fadfcb78191467a55178d61d8893025882

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 223442c45041f6d2d69ba0d9a4f64ac0
SHA1 0a6c4ea3a0a5e552547aabfa2993420cc73fea6f
SHA256 63d03443dd165d9f3ffc89502e42b0b5850497ce2f11111198decdd955b3b696
SHA512 2b11b82f867c2a18dafeaf5954eb2f134f9b4f4944be9c8db9842830922ad76231301ffe58bb459647e1335b64c43deaf9ca60a9cec936654be16c80fa1b43dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 819f893ec13bff4ba9e7c0cdcfbf7ffc
SHA1 ccf741e3bf883602cac06c9489af2545214e121c
SHA256 bf862a3fbae6201c5d68c343de4c156f91b6cd441c6f3f264169b9d0758a1bbf
SHA512 5cc15dd3cc861c466db86b774fd58efb57b08bdbbfcc57bba13ce2ea6db48eb4e95a75483be44c43f68ae87295dfa499aa275b65a6fe29f6a06403df7bcac690

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 abf3caf6111d6cf1b3ae45ef0659463f
SHA1 7b725e5474807e37d95c9d3bc7b0a3f3498eef01
SHA256 bb29be405006e1b7a001cf9f29bdd02e0855817280d57fa8dc87612a184e50ab
SHA512 1a3e108156bc7f4d3be4a988b4069c444feb63a2fec63e3a5a97f71f61e8365289f35d37207dfc839d862e875589cc47abb8db30cd0cdf6dd26311bdacc0c2e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 92e7060ad3aa5034d9088fe50090c250
SHA1 3d255c4040bcf2481dac8af72ec91ed685880bc3
SHA256 7a252a72f2e6a40153364b34c3968e75469a6c2c031e2680fd831f4a456d5680
SHA512 15790806fb339ccf66c650f11f4271c3329f4a66ff6235c07f12d88b7c490c1cb458d23baf76b0f39aafc98448ccc351fc81e759850376895f7c88d2e2061821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5453d2909b36c6bb20d2e1845bb00411
SHA1 c8fec9cf87aa9d7de3f79bc48f116ef438299109
SHA256 411327177f7fb1c3f68808c5a9bb3c1c260dcefb109345cb162181304a9c8dfa
SHA512 9fc728a884445eaf43b1b26d168cfd4006299fa2d9efef8f1c98ddce7fbc912e60438c82f97a5be6106b7b0ff224e54d639b09b74a8917b1541f17dfdfe0e36a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55df7f5086fe1a5d686fc4c5a80fccb1
SHA1 d368f211f95ac4f485fe7ae664c8303a474a0366
SHA256 85d038c6a779304bae0044130f669585e9c338fb208e35bf4df2654abf3d62b5
SHA512 5b0cfd152c6121f1ea7e5d04c80717d175c8009edd923cdc08cf5fc36eed85f70f73da9bb9cd50c73c1faf2e029f4216886062267c39fa821aedb75c4b39ac32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a6132fa21c37b61d36c012304bb01699
SHA1 62279388c4cacc76b580c900381907394013c779
SHA256 fc88dbd4b1da63b3ce5e7080da573e803b79847e84776b98b332307cbceea8d0
SHA512 4036ee7fa422280e9d511e8b2ea1800fcf244e63179e627383546a7db426873d78c94f85613c843aef9ca3d7d4673084e30d660abf026719cee4cc180542069c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fc3ae01616d9aaf0d2f06d0b2f762206
SHA1 f6a4e95e31a7c4e317e7e55786fdd13cdfc7e59b
SHA256 ffa1153cec1c6bc829b4b6644179e5b440dbb90ce9c85a4ef465b43c29fb5635
SHA512 586f67b591567b619b43400f45d2221ef7484354cb36dda6337466a6f82d18cb37cced53f88384e5015802ea96883465dbf43e201b6901735c16d037b8e42681

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fd62b42e3a178c78b0699657fdd2435f
SHA1 bc4abcb97e0aed871de1f8d02058506c52a1f406
SHA256 3003e9c34217a9afd02cef637339b4ba30c1d62e8e72dffc524ad1da334480ef
SHA512 ba9a4346bef783055db1b4aa8eb93e2e0af6cb7cbfd191555d91216dd20101e69a92a798cecd6959a07846d2fcf29c3c5fa8b7c0e268d84e30ff9eddd283416e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9f574bf49028dd294a0166499e315244
SHA1 a79c37cde3e3a633b8cfb579f45011f1d60a7270
SHA256 d1131257fc39e1bca7fec044ef2557f2a25a18186e7b23ce2bf82a8e5825d7a4
SHA512 c1f9e739518ef330165c8ab00400a5d4377ed1f4eaa0099e8932adafef45d2b5e1f52847810b60f820890bfd89ed246cca1b67a6c2b524daee5b70cc99ce0235

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 12a6f1438f4e09e2e826b5c24103d858
SHA1 75ec896a8888361c335c76c61ae7214ed083cee9
SHA256 683bd689a39222dc9beea5ebfee26846d6141747fc3e6813faeed2523ba26e01
SHA512 c1d25558a60994dfedc8f8fa8f43c6bb076abaf93bf07d25b7af8cff4b669ef52cc485ee1e19b35481245b5a5ca7d9b13d5f2e4dc77932a4704d040f14552876

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 efda3ca8c78cf268b2b3696c809e4a06
SHA1 eaf04a92e8de67c0339d4f82a57e020151fea4ad
SHA256 8cfcc9516557c26dcfd89efa45a1dd5c93786c96d48f9ff8ad92b63c44c59754
SHA512 0bba82520f4326e9ffb2a2d7b24c60c05dee10fb91e96b238ed059ac3ba928a08748fbd87f884ebc3a53e3ec46731b1293910ac0f90267d608cae80f44c78d19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b6114a903e83841c0352a821d68c0e08
SHA1 544114eb885f3c02f9e83ffc5814160b29e2c042
SHA256 13df7c53cd49b1244ed14f5f77ae8b5b25a05e7be2fc468924e119552cee929a
SHA512 67e1eabbb9b8967caada32f9e01bd977ad778c82c4e0eca4b8febe45642e9b97b0a1b4f83353346b7ba54d27b6d5c12e11fe40322c3a6c9ca1fbe17c9bab9909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 27db8408781bfa709ecd2a85ef63f430
SHA1 33c369a043b8f352fedc7909826822fdc212c90f
SHA256 284e13ea45e080d17513b3794aad00cc3567414286f17e400eb6d533568a21de
SHA512 ec182e031cf46f3871f4d321453f5685577e986ee3116a467e9de5216afe43689e5da1fc137dfce3323be7006dfa4b87741dd0914f5a9b95c7d6199a0b0c1d6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 23459ce91a6a21646f8313e5de2dcc02
SHA1 e389dad397238b76406d99f94bf240bb2262223c
SHA256 9e07b0c9df6e40633eda1f14b6ae859b1364ec044d1e0d4bd6d8d4ba4c20c32c
SHA512 48ca7451f2e4d4711dac7d9c0cb831216c43ed51b697e1d20b92ea6fd6be1ea53ad6a00df7d4bfcf3b41dc4f218ae4c9b35b02fdf9cd83e2bad5d6d1bda0c950

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001d5

MD5 d471455913239a5a3f5071f11eb98279
SHA1 6363a2b11d8ed56d2c338aff9b6bc4d6273a7a52
SHA256 b567203f583417a920247ea727fe7a4f2b1ed34663731439f283e49e279bb3d2
SHA512 6bc532d06a88003b7f1f7db290312be00199aa62202832d33a23483f25ca399df9319ee45d9a969e233f3a04fb35221bc8537ec81815c5a5f602dbe1793ef794

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12412932df203fef0301540f34076809
SHA1 9ecbcc85ca51527d6a58fa18789f95bc8e7b5257
SHA256 341df9e946ce33f913463e811be6bb38cf4b1671054fdcc2c5f6d4d4f777e47e
SHA512 aa02f3ff5929245b48d6bc745241b379b1659a74f895799f23cc6da2820a1a480f4cbe4e255016e0d619852a8261ff5a31aa7e314a6b4a9791693833443fd9ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20f7d6e6c76e7b32663cef8a83c42141
SHA1 d2398ccfd259c1ab0896fd8e6536bc0034d47187
SHA256 d1a79f667bd547a5f7cb5ada280f76cd2697082ae59a79bb87289cf3d7bec882
SHA512 107c63701149db519874c905fc0568781ee99233595d363870975937567b6968cd23de6d06d415630c58daed52152a1afe406d0371c26dcce7354148aef1fed4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001dc

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52c4ec48c828b36eedcb111db9e788d5
SHA1 7150d3d9635f6936f595fc011570eff76ed64a73
SHA256 4e6de524d8270fc503248f670321b47db2240d6f1e6ea4720f3130162d51bb8c
SHA512 51be18e086c90d0f308fc3c09532b69ad13c86e20f0aea0359645bf2b75cf08ca2de19c6d9aed55729f520ce5cf72bbc1e880e5523769c2faba759abe3765bc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6ea44a12cb427ad9bbd2e0d74b98142
SHA1 57e0bbcfda6512af63fafa3c8d763cb356099049
SHA256 a585e1c09c425d36b2b3420676b8a28d0388f2586f540f133c03eba7e3999f4d
SHA512 9a7d2ae7031e7cc22a08ca5da0bee086d8e33b0b30e77d8939aee92e742238792126228807660b6631900387ac8adf045da9b0e58017c65093c7fa71d85654fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ea

MD5 7037e51f42555a3cce85239884e4752a
SHA1 1fa5025e69d46afc381cda0f889291025de0f38f
SHA256 476ae111a7b04e7cd50637f483c8e237f19ac2b9b20aa1b2fcd9e3ecf752b6ca
SHA512 939dd2ff90f67ba5528320c2ad51327f5f0e4bf6a6693cbee229a72ce90bb91a6cacb9394393638539dc9a487d1586e3c0641277b50be6d24c041463cce18c0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ec

MD5 49295de6ccd23cf80b6418a2d209868f
SHA1 42a955b4560bb22cb9b5b39577f7a691ea345018
SHA256 d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
SHA512 2954ab185fd84a08933bb6e79d91e301021fce4e632b477e765c172cacf72913561e101ed2f7e66bfbdc5946b35f2b63eb2b6f878e0afc9d26ffe71ee112a1c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001c9

MD5 29b1adf527657e404731bcb7271b79f8
SHA1 50aae42abf35013822edd2004b109c1dca12e96b
SHA256 4fbab2df29d82f1d5d1ab88a4cd42dfbfd777934ed5b177324542239df37bcc8
SHA512 17d123f7b9e62a158ab2589750da30e0d8290f910052d0d464a7f5a40d4e5011c8c33ee4804000fbc52f1c4e27b8d04cf7fd1bf13a9a9b07ac2376fad1e6ed56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020e

MD5 6120112064df7e01644f60aeb65ecba4
SHA1 8efa12fa6808ca9b1ab1e060e0c1570efccb963a
SHA256 27bfab95e0bbd46fb94fd5fc14c552056a8d6bd2c11464bec0de75f95eb1ff34
SHA512 665c0dd96303337f477d0945630bb40436cd2d06865d03f159adc3f989be04b07f9d75c74ad9c47647d95537515489ee3ba795b0b321d5ad10ee5849bcf7ab48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00020f

MD5 ed8ebbfacf255abdcc4ead7c815f927a
SHA1 bc8f1227220e22f9e2771b289ead22012f50a792
SHA256 d9ee8e0605fafbf1356b0d7e10e3f7e1db80e03d750426520dec7e7b8f7c4a11
SHA512 594533d9c5a542b5eb2afcd34b93a74036800766cb6794d70278e67aec1e3c82cace129be00cbf63def9caef3534bc9f43d590af9b3bb93dc635fbb020c543ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000210

MD5 752615ba7dd29a04883381e0d98982ec
SHA1 44b04b9c14782359d9d82ba4f9cc9861002bfe4b
SHA256 ecba4b5b62de51a7d0318933cb1089257d63159f8b1d2e0d017d7dd1ba1dac3f
SHA512 cc308cfdc95bd16f0a0513e4aa39739694189e2edd212d32f3f7799863c634205aedbdc14ebff566b9687d5b35420c05faef6e3726ffb35eb0b3af0f25b78160

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 173c7b9fdbc4652759cae5de0336a342
SHA1 46e082be8cce85fc965eedb382fb0aede5d01c17
SHA256 cbb9dcf756c5606c99b6f27ad32bbbfb71cbb463b90a29af6d432c1ff743f433
SHA512 c750b33bfe1e4a8bdbf1ab778a47b55db7e50b808dd986ddb42c3b76d1e99a0c95729f1eaeb51479f29adbd76a608afd0c016a040bfee2653930ac7b2e87372e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e3

MD5 c7abbc9e65446bde7792aa1c1b573528
SHA1 c4de48491225b7670dce31fbea742aebf6b7a53f
SHA256 3296a975e45bbaa05d91aacf13090655559a31687d0c1cf7edb6706dfc1df072
SHA512 6b7f7b01e2bb792d55f94099ecbbf81f7e36bebebc02418f0bf85b90cddf2665acd1ace96ca488e4f51da4552ff823eeb7852be1fa095244dbf9d3a4ea6646d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001e5

MD5 8264fcdf246c9ca9090374bc0176ae0a
SHA1 dc475b3a77e9ce3ade20c655903f1cfb45895426
SHA256 20dcfaee51768464071aa8cd2b9a79fe0f334e04bb6d565cb2892b7c9e0bf3ee
SHA512 80fc913347aa57d463ca5f137956982102cf82b527e42841d590fcfebce9176fc3bf618b13075111250968e169bf3221d990f0c914e8418f708822335a0f6c83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000216

MD5 82aa61f9bc21eacc27dc5791512ca5ef
SHA1 3b87343dd19ed056390ddcf3aa7200586c40560b
SHA256 517904e74c2de0c87b10aaa2f8bd0fce270f0cb1bbcddae5e071d02442bfc861
SHA512 113b50b3de4425ac034601bf91ef88a53e163e240a07d99b768e90f20432da89126b600d2ba3a3a02b8c843bbf29e84a64120878296f2fedc80697d97e2ab978

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000217

MD5 23686c522142d1bc5a8a39ca3192a91c
SHA1 9b8043115235578e011fbca70fe06d15954acfdc
SHA256 849366e4134bb5f1a1b366bc86cf0031c9082c1a7916ea54e32b7c8d856c3a20
SHA512 12f2d64c72c22f3ca5e0986a7c77b5caee853c7084badfbe558783efa64bab692c2531ea370ebec2671da10e92dac5c5befac211ad1a2fc57b62f6333f5bc759

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ff

MD5 fd7b364eb1ee091ba7b6be6f443d9383
SHA1 5a56ee272aea7bbb2da8fbe225ad57916ae3fdcd
SHA256 4d2e29c047e2ae40ad1cc38c6f28044f7c5a30fd81d743ee55fa8a254817f217
SHA512 e9f29da4ad3ad5fe5a75a1b68ef88052be88ea2af6d6718963ece06e67cc9ddc6545a89c83c7178e8d9a80650fab4266e3d460ecc631a42d9bd64db600bce6f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000232

MD5 7dc744b67919bed7c6d10359ebe0add3
SHA1 0fd28d6a7332385e2730a0c6d247856fe5454761
SHA256 f2d6f6a97efc7476f2c9cfaa15354e80ab7993ebe545f1f8f2872206bdf9958e
SHA512 d930fe5b2a783f2ac047da7d3bd8239844c9fc8261aaaad79d694fd11edbdf2137bf52546a73eeda0cec5bead2702fdc82893f8d693ab6874a0f755e467c028a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00023f

MD5 b443ad9152ea618ce6370e5477f147c1
SHA1 decfa6cf20c992da45483bf5d61f898708180f1c
SHA256 af00ebec8461a36ae94c8bcee3e0d7b7f0d0a3dfdc29e1be021a800e7fb1a52f
SHA512 3fa843f62faf21f892f7d5df025189907edeeaf83ea5607d6e1533a13739206db1931397a14d3f6f7c9fcedc17a7d59f66f0ef7e8b2e66601511243ee7f6870e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000241

MD5 a39e0989d5bd3bc63ebee012de1733bc
SHA1 f7cb155b1cafc907a856467c805cda8a9638bde3
SHA256 0dbca462699c9e28625806528c175681b994e05937354b4f75f917e2d0d997c4
SHA512 da6f1cd5f3473379a906d71e7f475573d3e491501b17d179361fc5daf4a601f1a37b0a00335c71f7c1df4293ff763d2ead6b94ae2eb2204d28feb689529212f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000240

MD5 3c7bdb250a4f731117a32707e40a663c
SHA1 ee2ad304984bdeb49870a6f9fc137c0913f98e24
SHA256 6b73bea5ba468f8ddabc19f631931075a9b355fc3dad8a487ffa91f33a4bc671
SHA512 9bdbe8b8aadad4cb8295dc00661f3c1e7da39d495e1ffddbcc1e0e9f2abc0aef508c2478511187f6fa0f9afb40d99e45e75a9a545ec9a28e58a365125ac8f9c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000242

MD5 830ed02f56b8b14c986667affe909793
SHA1 11829cd249f6239beda9ed282a1493397788e089
SHA256 d050c14477f348c41be98f219c1f43eca1171f6a598846fe0ef28fa0bac19f92
SHA512 763d790bad81a03b9caea44fd0781834f8d3710b5f4632fdc1c853c5010eddd9087d3cb6bdbddc01acdd183ed1a8ee0b1e16022abe35849f88df7c40bba232cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000245

MD5 d233bc5546bda04494462bfae4eaa829
SHA1 0676f2e4b1942aed9df77cc1961500fd322354e0
SHA256 9202edab3df3c4f50c590faac67d5c4815345de216d8e6de71aa4b2f660a5ff6
SHA512 a1bdcb1c8627003adf0abcdf18b3df751d6ad07d8057f4eadc1e1cbb36f3441dba89434b9af759704fb0eaed906ccf71c8562e526e63bdf3a109d0e553f191ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000247

MD5 9b2ac57dbd8702e4e41294d7012bafb9
SHA1 7f950f2da2067c3cf0f6985edced2664bfd75d72
SHA256 13aff5865342ce3a3965ac84fd5aa00285269e05e6cc8b9e53f7f819b776585f
SHA512 7c701b780bca42a3a90405138ef61a591dac8768c5a7cd821eb3f10e30e0808aa64201d024b529c7a35ca879d7d499ccb36bf3862797ab097510922c666d82bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000246

MD5 622dab9011abaf30c539165185615406
SHA1 354dd92405928dfe744d547b2bfd15b8f6c2ed58
SHA256 66a39e9b6bfa8b7d2800d49a0db4e3370693bab5b4d34fe8c62ba8482e4c7d66
SHA512 77d9ce39a29de6f36d35e6f08edbb9956d95ea19fe6eee19608cb89b01a13cced38bbe0302673810b92800eadbe9e431eac1e31c588c27fb2d2b4dbcf722e257

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000244

MD5 e6a9551651152fb3e7e544f112616669
SHA1 a005aedf78d9e76853ef447da6dfe2d8c6781a86
SHA256 019856a20fdf3e9d9c9c143c46fb1d3cd1cdb2e8a3c27c836aacba2ce1449074
SHA512 37945504496d9ec0cba53ba53597539df4b62f48c6f7f1dd19ad02540a0c31b00dc77ccc54c2727000fea26047741cb13ae8eb1b5ea244b603161e58b8c7deab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000243

MD5 c77d0552a4525a0620f9845392dc4379
SHA1 93c4efb6d675280ff91029f21a5f6155f8b20108
SHA256 4cccfc907545f801d8c648e07b307e2a31f231ad7503f823faf56adb21c95ec9
SHA512 fff47104923f34d33b35405a33cc97d15e8baf69bd78769a96d63d453e55ab570edba120ec4e19fb0193b4bc5bccc21c1bac79076297ef67976e0c88a805a555

memory/5444-6905-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6906-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6904-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6916-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6915-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6914-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6913-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6912-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6911-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

memory/5444-6910-0x000001ECD7800000-0x000001ECD7801000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6dccbaf7dffaa24f_0

MD5 120900ebdc8eca5b4fcdea5529b88614
SHA1 d996dde990f7c6980dc3284816696b851ae987af
SHA256 fa14444c7b687e97fa34a7bf19cade7ce0aab55cc43363c7c142eee6bdb70cc2
SHA512 8c1f9ce4ad805ee8889d17896c02df868b4aad615d6415a74bf7443e77dd6940a9b490d0f124b818acfad493400fcbd28b82f1be05745c2ba91e5549224f1ad7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\83979094740cb628_0

MD5 d29cffea57ae1915bb2cf802dbddb0e8
SHA1 60c72e5229cbad41a965c1abaefcfbde9eb92661
SHA256 d15dfa63f6d764675f187409d7ac0b50dff44eec568657d91aab9f1c30627e62
SHA512 69cb26bc2b836e3a638b87e2fe2d60a80c6f3be8b5c135833f2e7f9f4a15ecdf24001ece0fab5d545b7e40cc9d6366a2196de1144b179c691708e4d05cb5b6a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00024b

MD5 9c7c5cd3974d4d86695b71aaebc108bb
SHA1 bcf8972f46ef00e26f5dc69d93781e3fa269623d
SHA256 49d2bc87fa88f5755109d254f11816355a299c0054c14aed8496d44a9f68c600
SHA512 b62f428fbb12e9107e15856c38128881350a46874b729560535ad113123be5aa817262088fa92aad2734dc52c27b62122b678a4211810929d1044ce9543a8ea7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00024c

MD5 a8146b0526f9633f138d380fcee98475
SHA1 cd8a5941c5acf42d93d96a2403d9c8cf82cbe778
SHA256 0b604297d3e4402794232ad57468a0ea09dcfda713b4abd4b0fcbcf11c49616c
SHA512 02901a14fdd58ec920b634ea9c68bb40e57e336f010f04846627be1fdb6948ade8961a9ac00483e5649e06608ee4c0a46f332e90741b796d660da07b0c2df0c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00024e

MD5 7dc3ee70f6eae85b0db724863cb1db5a
SHA1 94e794504c5b9035fddaab4e6fc62139533ca0b4
SHA256 6cba55a9842c68010914318bcc6544e3e2692790babf45cda34587e656f4dfe9
SHA512 6384568cf1113a5c0143516ca71d43d39391fb400b2e61b7ed73efae4e56acf42a25c1e6f39e7dfa10ec1e78cce1b5d459fae89ff763df8b299c949d90a70cb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00024d

MD5 b0c736bf6d0c56734a87434801c2ae74
SHA1 4d74f3644b9b41ffeb6f45f0bb2e053a76108ead
SHA256 9955b4929cfe1e6edca6cc77009aa8b849b0a81297a124d72e98dcc1f4261ff0
SHA512 45998bff925c4b5ab4045b439436a32025fdbb947c10cfe7e577ce6b9f42c1f6b5bd1004669655b4d821c2528df7110c795300d927b05fafe5f2bcd6f87caff2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d0f3798968e499fbb16feaba545b98c
SHA1 be2c5637bb7efe25e9f82d30f01df7b29022d7d4
SHA256 43335c535d80a5d1b43e5403560910d6404cbae5c8f93da29c4e851f26bd8b21
SHA512 2d9eb3b5bb49a5f8eddb435aeb8d09dd001fe3c47826e526df48101df2aab33b2f7a740301bf8fec9d7c737563048535bea2ca443e720cf6de30071e98abd07d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 207fc1ca071970ee63fe3c72dbf7f8f2
SHA1 c6d2b7678f2c9b76d88f0847ccf9fa4fcc1114c9
SHA256 530642fc15010d98a8b7d49dd50475c9cf8a327b2a1a434edefb659fac765782
SHA512 dc31b212400b8436e93ec3298d0890034a2ed3bfd523d4b6f68786a467f0eedf8b2dfed386896a747809a6308cce07e7c490c61fd8eecd1d43f5dd5c3ccecf7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025e

MD5 d44f356b6656ccda3c33fde6c6193f99
SHA1 28dc28a581da443144d5b1756e5c94cbecfb562b
SHA256 698a8ac14cb631f41bd32b576fb74cd9975fdd36e4289005e9931fd17bef3056
SHA512 7d64276875f9a721829afbd67df9d5a7d763b86c94d9b3cb5f1fc5a298f5ba6618d1fb46a0ead6f0eb08bcbacb40be6d207c81c618ba5bbcdba733dbe54d5398

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00025f

MD5 a1f249147a56b8146e15bdb89de4b550
SHA1 99aeef66e9f25fd67cbc7eb329e7199b2464dc49
SHA256 ab96a81416451a273d7952b08647f089d5837553718105adb0a67459b35663ac
SHA512 464d9d9a5b72547ec48f68d89ecbb5a2d29712a2198de5cb57d99bcf6ca208424c86e190ef5b8ed26e42e7687a528d3d25fa46017b2169d8fecaad57b02f8991

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 8beb039f4d1c02ef2460ea27eb990fc3
SHA1 c91363ed368a2e77ce12d41f7f322abd93bd4eb4
SHA256 af5eb0ab8623e131b579c84cced90ed018036ee37b832e5ab208ec83add90259
SHA512 3f6ef1f7e10df7fc8a961802bbbd61611fb9e570d21e365a414ada1614aad4200e2f5a5052337a035d2479516bd1fc4a79ad94a0a85cff7407b04d8f0e0f6fcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 81990b382db37dd0e3356a15891b2d97
SHA1 e364d0fb2b0c7845c2d6d6934fe90d861c4e29df
SHA256 4cfdcdae089229fb577e53435ecd8ac9e07c05018a19ad8724172e9f050b1875
SHA512 0e90e5ba1c1081b2b888f80a8c76c989006146e2fb6fe0c248626c126895e3364400beb4da1a8f5e1114a3ad3a921b74a8cda30ac3952fe22978c95e4a0092e4

memory/2884-7105-0x0000000074D30000-0x00000000754E0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 67707da8d9fd37c018f4031cc4f581f5
SHA1 05e676ffcd798a4f5c4b9cd7db0d1e9e22abb59b
SHA256 0083227b92f0049adba54969de0bdf11b309be17e59383a8b02f0b0288f906ac
SHA512 fc0af758cf61bc4293a5958eb87dc705577f464af5fca82817200fc12e30c93ea66880b775c132937cdb54426928b349d50af6555cb02ceb7b14468c96b1199b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9e2f5caed46f195d6d09defc3db3a672
SHA1 2ebde0d822a2da36829d59a9181d4a1e88c51422
SHA256 bea0f3b9fa482b595d475ceefdc038f2a3cf374ec4498363fc6be554e231fe70
SHA512 101b646f71942f79dbc97f5b411e40bd9c6e274ff81a5877aaeb36dcac0004d039e746a889119a92adf156ec0c4aeec55b3917f0364560471d33b35f9dd14b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_oxy.st_0.indexeddb.leveldb\LOG.old

MD5 62a0399708ece83c293c09e1142bbd80
SHA1 1be3b9e01c2c268d515e5f1b323fe0e9f7873576
SHA256 b35b550ba86fbbfe848face6ac0f246678696f1f287acc3626eef3b7bf034031
SHA512 ee2a867d1cc3fd07a326928d5a0e7b11b47e142eea2260be7e4b1054b9f8d8c5b1318e253fcc7e0fde010b5f8458548f79398873fc6649b2b21730bed94ec29c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2d119d73ce4c298adac5cc7f6175c07
SHA1 46637efb7f2612f7fb5229e9491217b19b857eb2
SHA256 0e6907bd3f42aaf27013dcf9210f759213219f12228a14c0147a5203013cb617
SHA512 dffd2b59bd3d0d990ef04456a139f96e0e45aa40328af995ff647bfb57fb667b8bbc631944aebac5ca00264ac5621609997db5aada9dad208b2f97eed3feeb6f