Analysis Overview
SHA256
fcb63ed3223083b3f1d6830ad56204e47d2394fca667cd21125b744c05f6e3e8
Threat Level: Likely malicious
The file Picture.psd was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Downloads MZ/PE file
Modifies RDP port number used by Windows
Modifies system executable filetype association
Registers COM server for autorun
UPX packed file
Loads dropped DLL
Executes dropped EXE
Enumerates connected drives
Checks installed software on the system
Drops desktop.ini file(s)
Sets desktop wallpaper using registry
Drops file in Program Files directory
Drops file in Windows directory
Program crash
Enumerates physical storage devices
Checks SCSI registry key(s)
Modifies Internet Explorer settings
Uses Volume Shadow Copy service COM API
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Modifies registry class
Checks processor information in registry
Suspicious use of AdjustPrivilegeToken
Modifies system certificate store
Modifies Control Panel
Kills process with taskkill
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy WMI provider
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: AddClipboardFormatListener
Creates scheduled task(s)
Uses Task Scheduler COM API
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-07 19:53
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-07 19:53
Reported
2024-06-07 20:39
Platform
win11-20240508-en
Max time kernel
2697s
Max time network
2698s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Active Setup\Installed Components | C:\Windows\explorer.exe | N/A |
Modifies RDP port number used by Windows
Executes dropped EXE
Loads dropped DLL
Modifies system executable filetype association
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\batfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{ab0b37ec-56f6-4a0e-a8fd-7a8bf7c2da97}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{ab0b37ec-56f6-4a0e-a8fd-7a8bf7c2da97}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{117E3954-5034-453A-A18B-7B79493646E6}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{ab0b37ec-56f6-4a0e-a8fd-7a8bf7c2da97}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2}\InprocServer32\ = "C:\\Program Files (x86)\\Stardock\\Start11\\Start10Shell64.dll" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{da3306b1-2554-420b-8d0e-6bd29bb4d8ed}\LocalServer32 | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{117E3954-5034-453A-A18B-7B79493646E6}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{117E3954-5034-453A-A18B-7B79493646E6}\InProcServer32\ = "C:\\Program Files\\StartAllBack\\StartAllBackLoaderX64.dll" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{da3306b1-2554-420b-8d0e-6bd29bb4d8ed}\LocalServer32\ = "\"C:\\Program Files\\StartAllBack\\UpdateCheck.exe\"" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini | C:\Windows\explorer.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Windows\explorer.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\explorer.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Downloads\\OIP.jpg" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Downloads\\8f7aca51-005d-41d9-a1dc-1b46844d4bb5.jpg" | C:\Windows\explorer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Stardock\Start11\Uninstall\uninstall.dat | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\10.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 04 Mono.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-08.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\Links\5.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Flame Grid 01.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Marble_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\Uninstall\uninstall.xml | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\1.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\SasUpgrade.exe | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\Start10Shell32.dll | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\ThemeHelp.txt | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\lang\ja.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files\StartAllBack\Ribbon\theme-dark | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\Uninstall\uninstall.dat | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\SdAppServices.dll | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\en.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Leather_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-11.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-dark\windows.help.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Default.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Small Angle Stripes_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\TabMedium.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-dark\windows.slideshow.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-light\Windows.MoveToMenu.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Corroded_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start11.exe | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-19.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\start10_A64.dll | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\lang\pl.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\lang\sl.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\26.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\Links\8.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Metal 2_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Fabric_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Flame Grid 01.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-light\Windows.CopyToMenu.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\pl.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\zh-cn.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-24.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Start11_A64.exe | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 02.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-10.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\DarkMagicLoaderX86.exe | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File opened for modification | C:\Program Files\StartAllBack\Orbs | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Start8.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\MenuTextures\Corroded_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-18.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-23.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Links\21.lnk | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-dark\Windows.AddRemovePrograms.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\StartButtons\Start6.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Dark Wood_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\mrmsupport.dll | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\Uninstall\Encoding.lmd | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-dark\Windows.shareprivate.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\DeElevate.exe | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Horz Gradient_x1.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Taskbar Grid 01.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\TabTextures\s11-tab-texture-08.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File created | C:\Program Files\StartAllBack\Ribbon\theme-light\windows.help.svg | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| File created | C:\Program Files (x86)\Stardock\Start11\lang\cs-cz.lng | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\StartButtons\Start7.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Stardock\Start11\TaskbarTextures\Metallic_x2.png | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\explorer.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\explorer.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\explorer.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\explorer.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Capabilities | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Control Panel\NotifyIconSettings | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL\SdDisplay.exe = "1" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SdDisplay.exe = "11001" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL\SdDisplay.exe = "1" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SdDisplay.exe = "11001" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL\SdDisplay.exe = "1" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SdDisplay.exe = "11001" | C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppUserModelId\StartIsBack.UpdateToast\ShowInSettings = "0" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{ab0b37ec-56f6-4a0e-a8fd-7a8bf7c2da97}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "9256" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{FCEA18FF-BC55-4E63-94D7-1B2EFBFE706F}\Shell\Open\Command\ = "C:\\Program Files\\StartAllBack\\StartAllBackCfg.exe" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "2" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\windows.immersivecontrolpanel_cw5n1h2txyewy\SplashScreen | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F} | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByDirection = "1" | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.AppsFolder\Shell\Delete\Position = "Bottom" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6A451C0A-9597-4915-BCCE-6E859BC996B2} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\themecpl.dll,-2#immutable1 = "Change the pictures, colors, and sounds for this computer." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\Shell\OpenFolder\MuiVerb = "@shell32.dll,-32960" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{24CCB8A6-C45A-477D-B940-3382B9225668}\Sort = 0000000000000000000000000000000002000000f4eec83032a8e241ab32e3c3ca28fd29030000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{FCEA18FF-BC55-4E63-94D7-1B2EFBFE706F}\System.ControlPanel.EnableInSafeMode = "3" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3433428765-2473475212-4279855560-1000\{0EED0B6C-3C6F-4AEB-9412-FBD1559566A3} | C:\Windows\system32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers\Start10Shell\ = "{6A451C0A-9597-4915-BCCE-6E859BC996B2}" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1280x720x96(1).right = "1050" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\ShellFolder\Attributes = "2684354560" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\sib-reactivate\shell | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1" | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\Shell\CopyPath\Position = "Bottom" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\0 = 7800310000000000a85852771100557365727300640009000400efbec5522d60c758cf9e2e0000006c0500000000010000000000000000003a0000000000710ee80055007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-159#immutable1 = "Programs and Features" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\ = "Open" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 0c0001008421de39070000000000 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\Shell\Properties | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.AppsFolder\Shell\Delete | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1" | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\Shell\Properties\SeparatorBefore = "1" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\ShowCmd = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\0\0 = 5000310000000000a858d97b100041646d696e003c0009000400efbea8585277c758cf9e2e00000052570200000001000000000000000000000000000000b4182f00410064006d0069006e00000014000000 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\ = "StartIsBack All Programs Folder" | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\StartIsBack.ImmersiveApplication\Shell\Properties\Command | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616193" | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\S8Theme\Treatment = "3" | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\sib-reactivate\shell\open\command | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3433428765-2473475212-4279855560-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\sib-reactivate\URL Protocol | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files (x86)\Stardock\Start11\Start11Config.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\8f7aca51-005d-41d9-a1dc-1b46844d4bb5.jpg:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 805426.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\nsdap-hakenkreuz.png:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\StartAllBack\Orbs\nsdap-hakenkreuz.png\:Zone.Identifier:$DATA | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Microsoft-logo.png:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\StartAllBack\Orbs\Microsoft-logo.png\:Zone.Identifier:$DATA | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 442035.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Start11v2-setup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\OIP.jpg:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\StartAllBack\StartAllBackCfg.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Picture.psd
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff875d03cb8,0x7ff875d03cc8,0x7ff875d03cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3368 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6952 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 /prefetch:8
C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe
"C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe"
C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe
"C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe" /install
C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe
"C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe" /install /elevated /silent
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /Delete /TN "\StartIsBack health check" /F
C:\Windows\SYSTEM32\taskkill.exe
taskkill.exe /F /IM prevhost.exe
C:\Windows\SYSTEM32\taskkill.exe
taskkill.exe /F /IM explorer.exe
C:\Windows\SYSTEM32\tskill.exe
tskill.exe explorer
C:\Windows\SYSTEM32\taskkill.exe
taskkill.exe /F /IM explorer.exe
C:\Windows\SYSTEM32\schtasks.exe
schtasks.exe /Create /TN "\StartAllBack Update" /XML "C:\Users\Admin\AppData\Local\Temp\sabtask.xml"
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe
"C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe"
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\StartAllBackCfg.exe
"C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\StartAllBackCfg.exe" /install
C:\Program Files\StartAllBack\UpdateCheck.exe
"C:\Program Files\StartAllBack\UpdateCheck.exe" reset
C:\Program Files\StartAllBack\StartAllBackCfg.exe
"C:\Program Files\StartAllBack\StartAllBackCfg.exe" /welcome
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7616 /prefetch:8
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8588 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8712 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Start11v2-setup.exe
"C:\Users\Admin\Downloads\Start11v2-setup.exe"
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1936418 "__IRAFN:C:\Users\Admin\Downloads\Start11v2-setup.exe" "__IRCT:3" "__IRTSS:0" "__IRSID:S-1-5-21-3433428765-2473475212-4279855560-1000"
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" export HKLM\Software\Stardock C:\Users\Admin\AppData\Local\Temp\registry_export.txt /y /reg:32
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\GetMachineSID.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\GetMachineSID.exe" C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\GetMachineSID.tmp
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c if exist "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Stardock ModernMix.lnk" (del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Stardock ModernMix.lnk" & echo found)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c if exist "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Stardock Start11.lnk" (del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Stardock Start11.lnk" & echo found)
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe" -install
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe"
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe"
C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
"C:\Program Files (x86)\Stardock\Start11\Start11_64.exe" START
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe" INSTALL
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files (x86)\Stardock\Start11\Start10Shell64.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files (x86)\Stardock\Start11\Start10Shell64.dll"
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe"
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe" FIXSEARCH
C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe
"C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe" -prodId=2674 -ProdName="Start11" -company="Stardock" -forceUi="Welcome" -parentPid=2228 -prodVer="2.0.8.1" -ResponsePipe=1480 -ownerWnd=000E00BA
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5788 -ip 5788
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5788 -s 2320
C:\Program Files (x86)\Stardock\Start11\uninstall.exe
"C:\Program Files (x86)\Stardock\Start11\uninstall.exe" "/U:C:\Program Files (x86)\Stardock\Start11\Uninstall\Uninstall.xml"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe"
C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe
"C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe" -prodId=2674 -ProdName="Start11" -company="Stardock" -forceUi="Welcome" -parentPid=5520 -prodVer="2.0.8.1" -ResponsePipe=1484 -ownerWnd=000A00D0
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 400 -p 5020 -ip 5020
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5020 -s 2224
C:\Program Files (x86)\Stardock\Start11\Start11Config.exe
"C:\Program Files (x86)\Stardock\Start11\Start11Config.exe"
C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe
"C:\Program Files (x86)\Stardock\Start11\SdDisplay.exe" -prodId=2674 -ProdName="Start11" -company="Stardock" -forceUi="Welcome" -parentPid=2532 -prodVer="2.0.8.1" -ResponsePipe=1436 -ownerWnd=000A0366
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 1480 -ip 1480
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1480 -s 2264
C:\Program Files (x86)\Stardock\Start11\uninstall.exe
"C:\Program Files (x86)\Stardock\Start11\uninstall.exe" "/U:C:\Program Files (x86)\Stardock\Start11\Uninstall\Uninstall.xml"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8204 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\dashost.exe
dashost.exe {ce95e3e2-d1ad-4dd0-b2681ab636483866}
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" FeaturedResetPC
C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6916 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\dashost.exe
dashost.exe {04c18573-2dad-40d7-b7fb0fea6328bb2d}
C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"
C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9642874956706000494,17705707432407556054,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13128 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| BE | 88.221.83.185:443 | r.bing.com | tcp |
| BE | 88.221.83.232:443 | r.bing.com | tcp |
| BE | 88.221.83.250:443 | r.bing.com | tcp |
| BE | 88.221.83.250:443 | r.bing.com | tcp |
| BE | 88.221.83.232:443 | r.bing.com | tcp |
| US | 2.22.144.11:443 | aefd.nelreports.net | tcp |
| US | 2.22.144.11:443 | aefd.nelreports.net | udp |
| NL | 40.126.32.138:443 | login.microsoftonline.com | tcp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| BE | 88.221.83.232:443 | r.bing.com | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 2.22.144.11:443 | aefd.nelreports.net | udp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 3.165.112.151:443 | d1f8f9xcsvx3ha.cloudfront.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| IE | 2.18.24.11:80 | apps.identrust.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 3.232.39.225:443 | stardock.onfastspring.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 205.234.175.175:443 | stardock.cachefly.net | tcp |
| US | 205.234.175.175:443 | stardock.cachefly.net | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| GB | 51.11.20.152:443 | secure.bali6nora.com | tcp |
| US | 35.186.249.72:443 | utt.impactcdn.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| FR | 52.84.174.71:443 | sbl.onfastspring.com | tcp |
| US | 3.232.39.225:443 | stardock.onfastspring.com | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| FR | 13.249.9.41:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | 51.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.209.79.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.39.232.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.20.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.249.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.209.79.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 3.164.163.90:443 | apis.fastspring.com | tcp |
| US | 3.165.112.15:443 | d37uz57cydkqly.cloudfront.net | tcp |
| US | 18.245.200.75:443 | d2kl989519khzp.cloudfront.net | tcp |
| US | 34.96.67.224:443 | cdn.sift.com | tcp |
| US | 34.36.213.229:443 | cdn.pendo.io | tcp |
| US | 34.107.204.85:443 | data.pendo.io | tcp |
| US | 3.164.160.123:443 | d8y8nchqlnmka.cloudfront.net | tcp |
| FR | 163.70.128.35:443 | www.facebook.com | tcp |
| FR | 163.70.128.35:443 | www.facebook.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 34.102.232.42:443 | hexagon-analytics.com | tcp |
| US | 34.96.67.224:443 | cdn.sift.com | udp |
| US | 34.36.213.229:443 | cdn.pendo.io | udp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| FR | 18.155.129.126:443 | cdn.mos.cms.futurecdn.net | tcp |
| US | 172.67.17.16:443 | static.filehorse.com | tcp |
| US | 172.67.17.16:443 | static.filehorse.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 192.0.66.80:443 | b2c-contenthub.com | tcp |
| US | 66.79.209.93:443 | www.stardock.com | tcp |
| US | 199.232.192.124:443 | cdn.vox-cdn.com | tcp |
| US | 66.79.209.94:443 | cdn.stardock.us | tcp |
| GB | 143.244.38.136:443 | static1.xdaimages.com | tcp |
| US | 104.26.14.172:443 | liliputing.com | tcp |
| RU | 141.8.194.242:443 | startisback.com | tcp |
| RU | 141.8.194.242:443 | startisback.com | tcp |
| FR | 142.250.201.170:443 | ajax.googleapis.com | tcp |
| FR | 216.58.215.36:443 | www.google.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| PL | 93.184.220.66:443 | platform.twitter.com | tcp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 36.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 104.244.42.8:443 | syndication.twitter.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 2.22.144.11:443 | aefd.nelreports.net | udp |
| FR | 216.58.215.36:443 | www.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| RU | 141.8.194.242:443 | www.startisback.com | tcp |
| RU | 141.8.194.242:443 | www.startisback.com | tcp |
| FR | 142.250.201.170:443 | ajax.googleapis.com | udp |
| US | 104.18.42.227:443 | startisback.sfo3.cdn.digitaloceanspaces.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| RU | 141.8.194.242:443 | www.startisback.com | tcp |
| BE | 88.221.83.203:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| BE | 2.17.107.130:443 | r.bing.com | tcp |
| US | 188.114.96.2:443 | iconape.com | tcp |
| US | 8.8.8.8:53 | www.pngkey.com | udp |
| US | 8.8.8.8:53 | cdn-icons-png.flaticon.com | udp |
| US | 162.254.37.172:443 | www.pngkey.com | tcp |
| US | 2.22.144.8:443 | cdn-icons-png.flaticon.com | tcp |
| US | 2.22.144.8:443 | cdn-icons-png.flaticon.com | tcp |
| US | 2.22.144.8:443 | cdn-icons-png.flaticon.com | tcp |
| DE | 138.201.132.95:443 | www.heraldik-wiki.de | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | 172.37.254.162.in-addr.arpa | udp |
| US | 2.22.144.11:443 | aefd.nelreports.net | udp |
| US | 2.22.144.11:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| BE | 2.17.107.121:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.233:443 | th.bing.com | tcp |
| BE | 88.221.83.233:443 | th.bing.com | tcp |
| BE | 88.221.83.233:443 | th.bing.com | tcp |
| BE | 88.221.83.233:443 | th.bing.com | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 2.22.144.11:443 | aefd.nelreports.net | udp |
| BE | 88.221.83.179:443 | th.bing.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| BE | 88.221.83.179:443 | th.bing.com | tcp |
| BE | 88.221.83.185:443 | www.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 2.17.107.122:443 | r.bing.com | tcp |
| US | 213.174.132.224:443 | ibb.co | tcp |
| US | 213.174.132.224:443 | ibb.co | tcp |
| US | 8.8.8.8:53 | simgbb.com | udp |
| US | 172.67.131.251:443 | simgbb.com | tcp |
| US | 172.67.186.53:443 | cdn.usefulcontentsites.com | tcp |
| US | 172.67.21.227:443 | dsp.vlitag.com | tcp |
| FR | 162.19.58.160:443 | i.ibb.co | tcp |
| US | 172.67.131.251:443 | simgbb.com | tcp |
| US | 104.19.131.76:443 | cm.mgid.com | tcp |
| US | 172.67.21.227:443 | dsp.vlitag.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 3.165.118.121:443 | c.amazon-adsystem.com | tcp |
| FR | 142.250.201.162:443 | securepubads.g.doubleclick.net | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | 227.21.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.58.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.131.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.118.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| FR | 142.250.201.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 104.22.37.96:443 | useast.quantumdex.io | tcp |
| US | 104.22.37.96:443 | useast.quantumdex.io | tcp |
| FR | 164.132.25.177:443 | prg-apac.smartadserver.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| US | 18.245.175.156:443 | aax.amazon-adsystem.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| DE | 141.101.120.10:443 | px.vliplatform.com | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| NL | 145.40.97.66:443 | prebid.a-mo.net | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 104.26.15.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 8.8.8.8:53 | 156.175.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| GB | 146.75.74.132:443 | odb.outbrain.com | tcp |
| US | 64.74.236.95:443 | mcdp-chidc2.outbrain.com | tcp |
| SE | 23.34.233.58:443 | widgets.outbrain.com | tcp |
| SE | 23.34.233.58:443 | widgets.outbrain.com | tcp |
| SE | 23.34.233.149:443 | images.outbrainimg.com | tcp |
| US | 64.74.236.159:443 | log.outbrainimg.com | tcp |
| US | 66.79.209.82:443 | install.api.stardock.net | tcp |
| US | 66.79.209.82:443 | install.api.stardock.net | tcp |
| BE | 88.221.83.210:443 | www.bing.com | tcp |
| BE | 88.221.83.208:443 | www.bing.com | tcp |
| BE | 88.221.83.208:443 | www.bing.com | tcp |
| BE | 88.221.83.227:443 | www.bing.com | tcp |
| BE | 88.221.83.227:443 | www.bing.com | tcp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 69.48.181.148:443 | getasword.com | tcp |
| US | 192.124.249.20:443 | originalgermanmilitaria.com | tcp |
| US | 192.124.249.20:443 | originalgermanmilitaria.com | tcp |
| FR | 18.164.52.111:443 | images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com | tcp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| BE | 88.221.83.235:443 | www.bing.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| BE | 2.17.107.122:443 | www.bing.com | tcp |
| BE | 2.17.107.122:443 | www.bing.com | tcp |
| BE | 2.17.107.98:443 | www.bing.com | tcp |
| BE | 2.17.107.98:443 | www.bing.com | tcp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| BE | 92.123.52.10:443 | cdn.cnn.com | tcp |
| BE | 92.123.50.164:443 | ichef.bbci.co.uk | tcp |
| BE | 92.123.50.164:443 | ichef.bbci.co.uk | tcp |
| US | 2.22.144.37:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | roaming.officeapps.live.com | udp |
| GB | 52.109.28.47:443 | roaming.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.28.109.52.in-addr.arpa | udp |
| NL | 23.62.61.184:443 | metadata.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | 9.144.22.2.in-addr.arpa | udp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 52.109.89.119:443 | odc.officeapps.live.com | tcp |
| NL | 23.62.61.184:443 | metadata.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.203:443 | sydney.bing.com | tcp |
| BE | 88.221.83.219:443 | sydney.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 2.22.144.37:443 | aefd.nelreports.net | udp |
| BE | 88.221.83.203:443 | sydney.bing.com | tcp |
| US | 8.8.8.8:53 | support.microsoft.com | udp |
| BE | 104.90.24.112:443 | support.microsoft.com | tcp |
| BE | 104.90.24.112:443 | support.microsoft.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 20.42.73.28:443 | browser.events.data.microsoft.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| BE | 104.90.25.175:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.73.42.20.in-addr.arpa | udp |
| BE | 104.90.25.175:443 | www.microsoft.com | tcp |
| DE | 104.102.44.165:443 | support.content.office.net | tcp |
| DE | 104.102.44.165:443 | support.content.office.net | tcp |
| DE | 104.102.44.165:443 | support.content.office.net | tcp |
| DE | 104.102.44.165:443 | support.content.office.net | tcp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 20.42.73.28:443 | browser.events.data.microsoft.com | tcp |
| GB | 23.206.74.209:443 | support.office.com | tcp |
| GB | 23.206.74.209:443 | support.office.com | tcp |
| IE | 66.235.152.156:443 | microsoftwindows.112.2o7.net | tcp |
| DE | 104.102.37.192:443 | assets.onestore.ms | tcp |
| US | 192.0.66.224:443 | www.techadvisor.com | tcp |
| US | 192.0.66.224:443 | www.techadvisor.com | tcp |
| US | 3.164.163.125:443 | cmpv2.techadvisor.com | tcp |
| US | 104.22.41.219:443 | cdn.subscribers.com | tcp |
| US | 3.165.113.14:443 | rumcdn.geoedge.be | tcp |
| FI | 95.217.0.30:443 | cdn.onthe.io | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 3.164.163.125:443 | cmpv2.techadvisor.com | tcp |
| US | 2.22.144.96:443 | use.typekit.net | tcp |
| GB | 142.250.179.238:443 | cse.google.com | tcp |
| US | 104.22.41.219:443 | cdn.subscribers.com | tcp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| DE | 188.40.115.111:443 | tt.onthe.io | tcp |
| FR | 99.86.91.10:443 | w.soundcloud.com | tcp |
| BE | 2.17.107.224:443 | functions.adnami.io | tcp |
| US | 2.22.144.96:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | 14.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.0.217.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.115.40.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| BE | 2.17.107.219:443 | macro.adnami.io | tcp |
| FR | 142.250.179.78:443 | www.adsensecustomsearchads.com | tcp |
| GB | 142.250.179.238:443 | cse.google.com | udp |
| GB | 142.250.187.238:443 | clients1.google.com | tcp |
| FR | 216.58.214.174:443 | ampcid.google.com | tcp |
| US | 18.245.199.78:443 | images.techadvisor.com | tcp |
| US | 18.245.175.73:443 | t1.techadvisor.com | tcp |
| US | 52.10.82.190:443 | twin-iq.kickfire.com | tcp |
| US | 151.101.1.44:443 | pm-widget.taboola.com | tcp |
| US | 54.200.139.216:443 | api.kickfire.com | tcp |
| US | 23.21.10.42:443 | mau.idgesg.net | tcp |
| US | 172.64.146.86:443 | cdn.permutive.app | tcp |
| DE | 104.102.36.95:443 | s.ntv.io | tcp |
| US | 104.21.234.176:443 | cdn.adapex.io | tcp |
| US | 3.164.163.81:443 | cdn.jwplayer.com | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| FR | 18.164.52.90:443 | distribution-cdn.askmiso.com | tcp |
| FR | 18.164.52.90:443 | distribution-cdn.askmiso.com | tcp |
| US | 23.21.10.42:443 | mau.idgesg.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 134.122.30.244:443 | cat1.hbwrapper.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.16.132.229:443 | cloudflare.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| IE | 52.50.65.213:443 | jadserve.postrelease.com | tcp |
| US | 35.241.9.51:443 | f5b3be27-f789-4ef1-8867-37c67da5b361.prmutv.co | tcp |
| US | 8.8.8.8:53 | 86.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.234.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.36.102.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.82.10.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.139.200.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.10.21.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.20.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.123.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.248.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.31.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.132.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.30.122.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.18.183.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.239.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.113.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.65.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.9.241.35.in-addr.arpa | udp |
| US | 34.107.254.252:443 | api.permutive.com | tcp |
| US | 34.107.254.252:443 | api.permutive.com | tcp |
| US | 104.17.118.17:443 | cdn.permutive.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.239.73:443 | btlr.sharethrough.com | tcp |
| US | 185.167.164.53:443 | adx2.adform.net | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| US | 75.2.82.141:443 | api.askmiso.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| FR | 52.84.174.40:443 | config.aps.amazon-adsystem.com | tcp |
| US | 192.0.66.80:443 | b2c-contenthub.com | tcp |
| FR | 52.84.174.54:443 | p.gcprivacy.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 91.228.74.244:443 | secure.quantserve.com | tcp |
| US | 172.67.25.151:443 | cdn.pbstck.com | tcp |
| US | 172.67.25.151:443 | cdn.pbstck.com | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| US | 23.21.10.42:443 | mau.idgesg.net | tcp |
| US | 3.164.163.81:443 | cdn.jwplayer.com | tcp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.2.114:443 | ssl.p.jwpcdn.com | tcp |
| IE | 67.220.228.200:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 3.211.196.116:443 | p2.gcprivacy.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| FR | 172.217.18.194:443 | cm.g.doubleclick.net | tcp |
| GB | 172.217.169.65:443 | fb2dfc090567b8534618c9f04437148e.safeframe.googlesyndication.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| FR | 18.244.28.2:443 | rules.quantcount.com | tcp |
| IE | 34.249.60.18:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 75.2.82.141:443 | api.askmiso.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 172.217.18.194:443 | cm.g.doubleclick.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.60.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aggle.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| US | 8.8.8.8:53 | googlesync.permutive.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| IE | 52.212.11.218:443 | id.crwdcntrl.net | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 34.107.254.252:443 | googlesync.permutive.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 15.197.179.7:443 | aggle.net | tcp |
| FR | 52.222.201.119:443 | api-edge.askmiso.com | tcp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| US | 151.101.2.114:443 | assets-jpcust.jwpsrv.com | tcp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| US | 151.101.2.114:443 | assets-jpcust.jwpsrv.com | tcp |
| FR | 52.222.201.83:443 | t1.cio.com | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 192.0.66.80:443 | b2c-contenthub.com | tcp |
| BE | 88.221.83.160:443 | cdn.doubleverify.com | tcp |
| FR | 142.250.75.230:443 | s0.2mdn.net | tcp |
| FR | 142.250.75.230:443 | s0.2mdn.net | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| BE | 104.90.26.20:443 | eus.rubiconproject.com | tcp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 141.226.224.32:443 | cds.taboola.com | tcp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| IE | 34.251.32.20:443 | ce.lijit.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | public.servenobid.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.231.116.105:443 | i.liadm.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| DK | 37.157.4.29:443 | c1.adform.net | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| BE | 104.90.24.23:443 | contextual.media.net | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| FR | 52.222.169.84:443 | public.servenobid.com | tcp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| DE | 3.125.241.184:443 | match.sharethrough.com | tcp |
| DE | 3.125.241.184:443 | match.sharethrough.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | 32.224.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.44.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.24.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.241.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.116.231.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.8.201.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs-simple.com | tcp |
| SE | 23.34.232.182:443 | cdn.adnxs-simple.com | tcp |
| US | 3.164.163.58:443 | cdn.mediago.io | tcp |
| US | 52.204.22.109:443 | ssp.disqus.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| SE | 23.34.232.19:443 | hbx.media.net | tcp |
| US | 104.22.54.232:443 | c.aaxads.com | tcp |
| FR | 152.199.22.243:443 | entitlements.jwplayer.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| IE | 99.81.213.130:443 | g2.gumgum.com | tcp |
| FR | 91.134.110.133:443 | ssbsync.smartadserver.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 182.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.22.204.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.54.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.22.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 52.73.206.35:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 172.64.145.29:443 | cdn.dxkulture.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 54.225.147.212:443 | vpb-cache.jwplayer.com | tcp |
| US | 54.225.147.212:443 | vpb-cache.jwplayer.com | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 142.250.179.226:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | assets.bounceexchange.com | udp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.145.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.206.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.147.225.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.72.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| GB | 142.250.179.226:443 | www.googletagservices.com | udp |
| US | 34.120.253.250:443 | tag.bounceexchange.com | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| US | 34.98.72.95:443 | assets.bounceexchange.com | udp |
| US | 34.111.8.32:443 | contextual-analytics.wunderkind.co | tcp |
| US | 34.149.130.207:443 | pd.cdnwidget.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 34.149.177.128:443 | data.cdnbasket.net | tcp |
| US | 35.190.20.72:443 | page.cdnbasket.net | tcp |
| US | 34.149.164.179:443 | view.cdnbasket.net | tcp |
| FR | 172.217.20.162:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 32.8.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.130.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.177.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.20.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.164.149.34.in-addr.arpa | udp |
| US | 34.111.8.32:443 | contextual-analytics.wunderkind.co | tcp |
| US | 34.160.20.10:443 | ids.cdnwidget.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 34.149.130.207:443 | pd.cdnwidget.com | tcp |
| US | 130.211.44.5:443 | rtbc-ew1.doubleverify.com | tcp |
| US | 34.111.8.32:443 | contextual-analytics.wunderkind.co | udp |
| US | 130.211.44.5:443 | rtbc-ew1.doubleverify.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| FR | 185.235.86.202:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.180:443 | gem.gbc.criteo.com | tcp |
| US | 130.211.44.5:443 | rtbc-ew1.doubleverify.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | tcp |
| GB | 142.250.178.3:443 | csi.gstatic.com | tcp |
| SE | 23.34.233.119:443 | svastx.moatads.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.117.4.53:443 | ssp.wknd.ai | tcp |
| US | 34.117.4.53:443 | ssp.wknd.ai | tcp |
| US | 34.117.4.53:443 | ssp.wknd.ai | tcp |
| US | 34.117.4.53:443 | ssp.wknd.ai | tcp |
| US | 34.117.4.53:443 | ssp.wknd.ai | udp |
| GB | 142.250.178.3:443 | csi.gstatic.com | udp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| NL | 141.226.228.48:443 | am-wf.taboola.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| SE | 23.34.233.119:443 | svastx.moatads.com | tcp |
| US | 130.211.44.5:443 | rtbc-ew1.doubleverify.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | as-sec.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 142.250.179.110:443 | gcdn.2mdn.net | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| GB | 74.125.105.40:443 | r3---sn-aigl6nsd.c.2mdn.net | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| FR | 142.250.179.66:443 | ade.googlesyndication.com | tcp |
| US | 52.204.22.109:443 | ssp.disqus.com | tcp |
| IE | 34.251.32.20:443 | ce.lijit.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| SE | 23.34.232.19:443 | hbx.media.net | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| DE | 3.125.241.184:443 | match.sharethrough.com | tcp |
| IE | 99.81.213.130:443 | g2.gumgum.com | tcp |
| FR | 91.134.110.133:443 | ssbsync.smartadserver.com | tcp |
| US | 52.73.206.35:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| IE | 34.249.60.18:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 54.198.181.57:443 | sync.srv.stackadapt.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| US | 52.73.28.214:443 | sync.ipredictive.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| JP | 124.146.153.169:443 | tg.socdm.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| FR | 142.250.179.66:443 | ade.googlesyndication.com | udp |
| JP | 124.146.153.169:443 | tg.socdm.com | tcp |
| US | 130.211.44.5:443 | tps.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 1.15.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.153.146.124.in-addr.arpa | udp |
| BE | 104.90.26.20:443 | eus.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 130.211.44.5:443 | tps.doubleverify.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 130.211.44.5:443 | tps.doubleverify.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| FR | 185.235.86.202:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.180:443 | gem.gbc.criteo.com | tcp |
| IE | 52.210.15.1:443 | usersync.gumgum.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| US | 23.21.10.42:443 | mau.idgesg.net | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 3.125.241.184:443 | match.sharethrough.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| DE | 188.40.115.111:443 | tt.onthe.io | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 3.164.163.81:443 | cdn.jwplayer.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 47.252.78.131:443 | event.clientgear.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| DE | 188.40.115.111:443 | tt.onthe.io | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 75.2.82.141:443 | api.askmiso.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| BE | 104.68.68.28:443 | servedby.flashtalking.com | tcp |
| FR | 52.84.174.120:443 | ajs-assets.ftstatic.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| US | 54.198.181.57:443 | sync.srv.stackadapt.com | tcp |
| FR | 18.155.129.117:443 | agen-assets.ftstatic.com | tcp |
| FR | 52.84.174.8:443 | js.ad-score.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 2.22.144.16:443 | code.createjs.com | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| GB | 3.9.87.252:443 | ad-events.flashtalking.com | tcp |
| GB | 3.9.87.252:443 | ad-events.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| DE | 188.40.115.111:443 | tt.onthe.io | tcp |
| BE | 104.68.68.28:443 | servedby.flashtalking.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| FR | 18.155.129.117:443 | agen-assets.ftstatic.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| FR | 91.134.110.133:443 | ssbsync.smartadserver.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| IE | 54.229.87.16:443 | ad.360yield.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| BE | 2.17.107.122:443 | www.bing.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| IE | 54.154.113.180:443 | ads.servenobid.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| IE | 34.249.248.83:443 | ap.lijit.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| IE | 54.229.123.28:443 | ads.yieldmo.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| GB | 89.187.167.4:443 | vpaid.vidoomy.com | tcp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| BE | 104.68.68.28:443 | servedby.flashtalking.com | tcp |
| GB | 195.181.164.21:443 | vpaid.vidoomy.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DK | 37.157.2.228:443 | cm.adform.net | tcp |
| FR | 18.155.129.117:443 | agen-assets.ftstatic.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| GB | 3.9.87.252:443 | ad-events.flashtalking.com | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| NL | 141.226.228.48:443 | am-trc-events.taboola.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | web.hb.ad.cpe.dotomi.com | udp |
| IE | 52.213.16.79:443 | ads.servenobid.com | tcp |
| IE | 54.220.253.172:443 | ap.lijit.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| NL | 64.158.223.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 52.213.16.79:443 | ads.servenobid.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| IE | 54.220.253.172:443 | ap.lijit.com | tcp |
| NL | 64.158.223.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 54.72.64.29:443 | ads.yieldmo.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| GB | 142.250.179.226:443 | www.googletagservices.com | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| FR | 99.86.91.98:443 | tagan.adlightning.com | tcp |
| FR | 99.86.91.98:443 | tagan.adlightning.com | tcp |
| NL | 178.250.1.39:443 | grid-mercury.criteo.com | tcp |
| NL | 35.214.200.194:443 | media.grid.bidswitch.net | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| BE | 104.68.68.28:443 | servedby.flashtalking.com | tcp |
| FR | 18.155.129.117:443 | agen-assets.ftstatic.com | tcp |
| GB | 3.9.87.252:443 | ad-events.flashtalking.com | tcp |
| US | 68.183.18.251:443 | cat2.hbwrapper.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| DE | 37.252.171.21:443 | fra1-ib.adnxs-simple.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| IE | 54.220.253.172:443 | ap.lijit.com | tcp |
| NL | 64.158.223.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 52.213.16.79:443 | ads.servenobid.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| NL | 178.250.1.8:443 | grid.bidswitch.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DK | 37.157.5.133:443 | adx.adform.net | tcp |
| IE | 54.72.64.29:443 | ads.yieldmo.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| NL | 35.214.200.194:443 | media.grid.bidswitch.net | tcp |
| NL | 178.250.1.39:443 | grid-mercury.criteo.com | tcp |
| FR | 52.222.198.194:443 | gw.geoedge.be | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| GB | 142.250.178.3:443 | csi.gstatic.com | udp |
| BE | 74.125.71.156:443 | bid.g.doubleclick.net | tcp |
| GB | 3.11.152.19:443 | rtr.innovid.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| SE | 23.34.232.221:443 | s-static.innovid.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 88.221.83.160:443 | cdn.doubleverify.com | tcp |
| GB | 13.43.203.89:443 | s.innovid.com | tcp |
| GB | 52.56.121.62:443 | ag.innovid.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| GB | 142.250.178.3:443 | csi.gstatic.com | udp |
| BE | 74.125.71.156:443 | bid.g.doubleclick.net | udp |
| US | 104.18.36.54:443 | vast.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| GB | 142.250.178.3:443 | csi.gstatic.com | udp |
| BE | 74.125.71.156:443 | bid.g.doubleclick.net | udp |
| US | 104.18.36.54:443 | vast.doubleverify.com | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| BE | 88.221.83.106:443 | cdn.doubleverify.com | tcp |
| US | 172.64.155.111:443 | vpaid.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 172.64.145.17:443 | vtrk.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| BE | 104.68.68.28:443 | servedby.flashtalking.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| FR | 142.250.179.66:443 | ade.googlesyndication.com | udp |
| DE | 136.243.151.13:443 | tt.onthe.io | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| GB | 142.250.178.3:443 | csi.gstatic.com | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| DE | 136.243.151.13:443 | tt.onthe.io | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 2.17.107.130:443 | www.bing.com | tcp |
| BE | 88.221.83.203:443 | www.bing.com | tcp |
| BE | 88.221.83.203:443 | www.bing.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| US | 52.168.117.168:443 | browser.pipe.aria.microsoft.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 142.250.179.66:443 | ade.googlesyndication.com | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | cdn.flashtalking.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 142.250.179.66:443 | ade.googlesyndication.com | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-vid-events.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 116.169.222.52.in-addr.arpa | udp |
| NL | 141.226.228.48:443 | am-wf.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-wf.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| NL | 141.226.228.48:443 | am-wf.taboola.com | tcp |
| NL | 141.226.228.48:443 | am-wf.taboola.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | 39.169.222.52.in-addr.arpa | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| BE | 104.90.24.47:443 | stat.flashtalking.com | tcp |
| BE | 104.90.24.47:443 | stat.flashtalking.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | 89.129.155.18.in-addr.arpa | udp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.116:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.36:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.39:443 | prd.jwpltx.com | tcp |
| GB | 142.250.200.2:443 | pubads.g.doubleclick.net | udp |
| US | 66.79.209.91:443 | hubs.stardock.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.38:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.44:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.5:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 52.222.169.95:443 | prd.jwpltx.com | tcp |
| FR | 142.250.178.130:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | videos-cloudfront-usp.jwpsrv.com | udp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
| FR | 18.155.129.89:443 | videos-cloudfront-usp.jwpsrv.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 23da8c216a7633c78c347cc80603cd99 |
| SHA1 | a378873c9d3484e0c57c1cb6c6895f34fee0ea61 |
| SHA256 | 03dbdb03799f9e37c38f6d9d498ad09f7f0f9901430ff69d95aa26cae87504d3 |
| SHA512 | d34ae684e8462e3f2aba2260f2649dee01b4e2138b50283513c8c19c47faf039701854e1a9cbf21d7a20c28a6306f953b58ffb9144ead067f5f73650a759ff17 |
\??\pipe\LOCAL\crashpad_2092_NFHGDBYKKVXBVOJY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e4bf11ed97b6b312e938ca216cf30e |
| SHA1 | ff6b0b475e552dc08a2c81c9eb9230821d3c8290 |
| SHA256 | 296db8c9361efb62e23be1935fd172cfe9fbcd89a424f34f347ec3cc5ca5afad |
| SHA512 | ce1a05df2619af419ed3058dcbd7254c7159d333356d9f1d5e2591c19e17ab0ac9b6d3e625e36246ad187256bee75b7011370220ef127c4f1171879014d0dd76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aab073269f6c879cfe04d138564b6110 |
| SHA1 | 27447e87e1dccf3f74293ec56bc5e1e98cb79bf6 |
| SHA256 | 57917cdece8f244a3ded7eebaa102bbae7e0c375e86ef813d4e13f54875fffd5 |
| SHA512 | 1c68c34e2700f8c4c5e1f99963f3f6e530721ef8d65c6c2268e4dafcadd4b31d9c3e85e02fcd13338e89ab8543d6d59c80df6f7387828570d1e10918cc615812 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cea5bad40f343529ad2bd8ef0a88a714 |
| SHA1 | d2bbcb8d04f70bd2a1fb99b56215bcd6942fd887 |
| SHA256 | 538574305eaf10ccd051e189edac7ad42c7bf3c0a69fb7083ca401f11aa9df82 |
| SHA512 | 60165b6a0bcabefea29f639fd3fd12692e987f2c78bc87495d8603c9dcca5fd03a475fe35165c345d82d9f7c104130b219d7fe76a972b93df5ef88e5944d49a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9509a81eba1e77bb30550b577b73e5c7 |
| SHA1 | 56b5060c0cba5748dd8c73a9e140c4f81f737549 |
| SHA256 | 776adee95eadb88fbd1fcef963b355fb1b939b8d90d5264f9f3784fe268b478f |
| SHA512 | 07df9ec72d805ac67899e35126139939d6908c9a241d282a1e6f0222d3b4c5bdf5b1f70c22819967c9c2398fd7a7d779bd66ab8de8680678e535c9e04a212a4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d2d55f8057f8b03c94a81f3839b348b9 |
| SHA1 | 37c399584539734ff679e3c66309498c8b2dd4d9 |
| SHA256 | 6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c |
| SHA512 | 7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 88680fb89f9210ec416b2da239b58b5b |
| SHA1 | d0e7034c4ce7a100ebfba6f5ae73d2cfc5cf01db |
| SHA256 | f3e85184b9da403ef7277231046f43fcfe9d08f2bc21bf09967c43576d6a66ff |
| SHA512 | fb9e301ac1e7990a2f4c2f109e135c78a275d6feb07ad8aa7765ad3a5e8fd5c77085334ff1b3bab4222090bba6cf4b6b9b3a1e5da3bbf8958d64ed7143d31b39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | b48e876e91ec89fbaaef68677fac8058 |
| SHA1 | 90d1ec84f062ed577f423c44dc8bf04bde44d514 |
| SHA256 | 41b601617afa569c0a42d592341bdbc062b2480bc61f6ab89d85c43c1b2987ac |
| SHA512 | 2d07f78ffdb9ed12e560c9ebf64fdccc4ddf89b7866d28f5c8ccb862ddd56977d2aed1e82158f6f7f444664b4417e96a7923994c51052acc8ca1d6739f7ab5d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8cd2b95e66c9a9dcebc537f8023711cb |
| SHA1 | 54bcff4c5d0aa543ae5a8511d71f58b6ecffca7d |
| SHA256 | e624702baf37e7c73e5e24e59b086d784bb1a06682fea02ca05275a431a66fdb |
| SHA512 | 8067b3c73efd9b7a239cd9bfaeea3bdd591a5f2dd2733f0c27010399d39429d6f298866f12695402990af95580371c500152709c372f0a749af126354cea2edf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | df46eb1fe5d54a0521d9965203a4a9da |
| SHA1 | e977aae1bb82f3d57267ead3b91df3d82d6d50c6 |
| SHA256 | 6076a9ea8f52f5ad109fbe29f955ee052f626b22ee45366bfa83f70706744b1d |
| SHA512 | 5bc5f8d247ba164f1af6f4ae902906568a4e9baf05c9782d999e537730d8cfe443daac6f44aa246f27e9678237a4b57a7e8411e3c4fbe88e943525cdb2ae239e |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | b11a15baac2a74995ae6f353e63723ad |
| SHA1 | a64d549fa00962953eede6bb877caa60862cfbf3 |
| SHA256 | 69e2381681ce85f320660228583f2ed1604b1dbfa90a69dde1a4853aca900778 |
| SHA512 | 3406cdb89d03d3dc114637d8469f265d25857538e52f6f76ebd6272d4c79d51fbbb6c711e04605fb9ed1875ef870cd0ef5f18cf8accc5ace2a3ead72a3dfb8b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2111fa86d34f434afa2a2d0d7595cfd0 |
| SHA1 | 4f723273cd89582407e62080a92351761fb913c9 |
| SHA256 | c1bf0227fdf2f8e67813d1bf594b82f64dde42e3346d971208e422e2da112960 |
| SHA512 | d19db4ff1fd1a269bc86ad949ee52205e23f57b1ac7bab316fc3dcbc86bbc9f26a8a13fed4636409ffa5c3ed7f130ed5a918dac2fc33d521b2f0940df641e066 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 61e0c82afc8c0dfdecd7475302c3c72c |
| SHA1 | c1066e82005396bdc1f211238669c8a625fa07a3 |
| SHA256 | 3b8766c0d665432e32a1cbffec0844790b6bdd4a63cd2eadda34920d1373c023 |
| SHA512 | b2c6c4d73893eb3834ce75212410db0c8a8c515ac7d2d0079b1328f28fa72c47780e3d7fefc2d2d88bf00c9b7f485b73ffc8f59d63530734cea60e05cdf97d4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 322d8f5618e9460395fba11b014e7add |
| SHA1 | 41ff4247ffe36119af6010a2a83b64788f0d5dd7 |
| SHA256 | 73485a92edba20b21026ad92cdfc7a97676978419b5e8baf7d85a9dbfb442745 |
| SHA512 | bbaf0228fb5e09501ef39b27e240e83d74955a706dab62308ed1044ef1de20481798b2378050f8e9ede27484ad6408772ae7160d489d7772f46ff5203b237597 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 08cf519cd2ba19646b33672d126368d9 |
| SHA1 | b10f22d761cbb55adf560b337979c10791766544 |
| SHA256 | 40ad73babdb8f6279969dfddf772aa41572539ec4c94f8f6a1fdfc0756c251a0 |
| SHA512 | 4b0923a9e1473e7d2e537581bb242b2ba2af34bfceb0da8ddc716c725dbc2f0ea7f942a1611a336b9381f7a775168f1a225870c02ac0dc32814b10f6becb6a4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587d59.TMP
| MD5 | 960ec7fdc3160669e95028df41b24b29 |
| SHA1 | d08045d9712bc2c69074c7480a784984dd6d8a20 |
| SHA256 | 9b83f34d035daebb2ac4cc54fa009017ef5356a9cd1de8ad6ca802d64f80f30d |
| SHA512 | 9ceb6d24994018730079f00d0bc10e9cac7c9c83971d644707a0890942f19c33764b21465ceb678c703f868255328615faa7b43817a34ef1e046b331f5d87aab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8f10a9cd38ef149d21404a36b1cc2875 |
| SHA1 | c3d27fdcb8b1af005926d9b6cf5d98ce9359dcc7 |
| SHA256 | 8df59366f2c0c45c22e0118c69e13fa58321a5604275040eb65e89396e76b6a4 |
| SHA512 | a331a8c62d6d8a939ceb763da9fc869241f5c74e303cd2f4c8e139734f7de587275f343b7bad31963cca5f94991c1b933a4b78b96de642dc93d9f8d355aedc15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5180691ec79f3cbc2dfe4f76a4560107 |
| SHA1 | 97be844f3717fdfea00adc51916a313df1966bb4 |
| SHA256 | 5e95e11fba41b751edd5c5545727779b842c7753c31b787cdb590559087d1671 |
| SHA512 | fd4f3d5fe34ff25baefa367d9d69511a3b26d7c320a77c4d4b17162c5c64363a0939ce81a1bb40b2551010fec0873d610e6e0d2793f5e4ebe71892ca9da8870e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 3cd0f2f60ab620c7be0c2c3dbf2cda97 |
| SHA1 | 47fad82bfa9a32d578c0c84aed2840c55bd27bfb |
| SHA256 | 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b |
| SHA512 | ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | bc9faa8bb6aae687766b2db2e055a494 |
| SHA1 | 34b2395d1b6908afcd60f92cdd8e7153939191e4 |
| SHA256 | 4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed |
| SHA512 | 621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 33454332291cf5dea421e413560f0b86 |
| SHA1 | b53995d4b092d1baffc4a1ab48145238605ad14e |
| SHA256 | c2b6a86fb58883d89e2d5e57a5a0e53d72815d60a108f59609594fcf6c0e692c |
| SHA512 | 38f70f4759c48d0e877fb80c0d03b578d1cf6342b543db3c0445ab55f8cb8729109dfe9861eba7be3c4778baac939539c784854529c45120cfbdabda7683e1d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c67f499335052657e73e2ba9bbbf10b0 |
| SHA1 | d327484aec89390433a17c5849b7299ebcc38517 |
| SHA256 | ab1c07381130f1caa327954d276b82b327714f65f95f3adbaed26a6d84af07e5 |
| SHA512 | 8a03e6782bb891a3e9f6b62d626f08a66b2deb0c8bca45e742fe47c67d184097c2d1784689eb31d104c43c47e761ca3c40a73899448dad1eb15a4b7eed896847 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 98f50844eedeaaa080ece49e521e3ec4 |
| SHA1 | 57df529338d1b20c6445141eb157bad64c74c332 |
| SHA256 | 762381531e3d3629aefcfb1fd6b5f2b023b4c9012c97c7642efba5a85f0926fc |
| SHA512 | 2c2b56394de93d5064b3f77a4c68c3dd060a1cbf7a1f545fa7c3a4680be2373cc23fd3325e8f33103048a566675f4f1c215b5510211ae404ac59dd32b0d4c3a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6fd558987c23e5ede47137f469e8f148 |
| SHA1 | 44760a8a0e13b16c4b2eceb764b234e0d5311e31 |
| SHA256 | b2b5dd6fa49e8f554ae1d04ca4bf3c24e4249f55dc3eb45012af9208979fc723 |
| SHA512 | d6159b1c8cfa7c41f0bc9734a9bbf2d4ea77e5ec39aacb1ef6ae95dbf27bce25a0d239c01c755f2f0e67f55721e87835955455e29a2d6ceb2c1bbcb831021a39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a4c6ecb86246cb8bfa2199c3e0820a6d |
| SHA1 | d320bd5c618d9fe7fb11c55da780824a0a549551 |
| SHA256 | f8cd4f0e417367f818af03ae44c46fad957ffdc1fba0cab7d75a6c041ab2604b |
| SHA512 | 7c9d1a13de93dc27ac4a3a74de3e93e7849ff9f5bd8228ab9dab6e62a772371126a2f12d2816ccf4b1106142d96fa74d08a6b443e62fbead9506fb7d3068a0cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 06454478928832673b94453783ead4a7 |
| SHA1 | 1e76e30eb2c0734c4f1206e569e2bc08ddc76583 |
| SHA256 | 2ab6a80afe798f24b0bc0fd8326655feeceabe3163a7f5bc8b84b16b9d69dc72 |
| SHA512 | 114faa4fb25c29a513d883532a7edfa237075fc22cea36a68f55db283ffbf85c8c82d18ccbcf8bef27d5594b2fa03f22e2d413dfe788e21dd00feae74747ebf0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d4f3367d0c47a15383a11d21e636a45d |
| SHA1 | 5a8c20abbc223b10cb49dc8529446accd1fbf486 |
| SHA256 | 869286c27eb7f2a193fa4e6a5c5cb44ffb860ad4eb627b725aa67dfcc5fea737 |
| SHA512 | 9a64b0d2ad82305c87dfc58242778c98fd9a1904ea78d523d56309c0117484becb6e999c1de42c2b7420ac9c61475cb6e8c0e9a043a56ff8eaa881ce8cc42c88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\032a982be73b7ccc_0
| MD5 | f61ab9c4f556ba770ee8747ef7be86fc |
| SHA1 | 77f542c97a1ceee16dee5127e55f2119b5fff2b8 |
| SHA256 | 82bf98a2a61e5560e4e400316739b1b4683cd2715e71a849fe60833d94503b58 |
| SHA512 | 33cf9a86a0eae56ab82b8effed9c518bac8736dd35e192c53a4af7753fb1eeda50cf5db32635808d2e697de7757557cbc059e5198e5b4489f92e144139e148a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0
| MD5 | 68e1b95b8ff9b505b0e1e99a323cdc0c |
| SHA1 | c4e594b574df7d3ecf199487af826ea1708cd951 |
| SHA256 | 4459311b9cacba4b819e57054224a8e8ae5ed08e78a182cc3c116125534bf689 |
| SHA512 | adb6164b2740e8b3852590763ac86f23adb9f78af8d19fc6d488c16fb3a8169383e608c79071fbcacefe6a7edf4c8af2de5d7ce0648d6f6c8f33d4910a47d085 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\295f5e2112efe00a_0
| MD5 | 10f8d22913b174754c8c9a98b15ebd57 |
| SHA1 | 372ef0a84f81b9e64bd4dac838485ec1a47e72ee |
| SHA256 | 55ad10b70d0c10f761a6c725d7d79f562056713ad2aecec369d14eaf6f6c516a |
| SHA512 | 77e9bf99e82e9ff25230699e24a5156a237ebb71e284e20e50e5bac55e307743647caf108547d053fda87f91bad07e3fe10816961145ca79f4ff24e27efed0ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0
| MD5 | 065d9d4adac8aa948eed5dc2086d791c |
| SHA1 | 701547bec6b8dba5aa60e0e74c0419f99a666c10 |
| SHA256 | be8f62f5ba3ed8a01f71f84a54140146c352c30163bb50c8db1053f0fc4faced |
| SHA512 | 175c52a6d3e5ba90af9e44d51bcbb69065942f9bd4cf333fb377d78bb398e0c43c0dbfa5b674ab7404453e5500c9a6ce9c1255451101be878deddb037ffbe311 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0
| MD5 | 2359becf91a08251ad939ede71d48252 |
| SHA1 | a28fe16c8c4cd7fcd462da0db3a3e41bd62591e2 |
| SHA256 | 564ae534923b61cbb4d6fa0a1150a029309c9d4dee16fcacd1a3adfaa23b8341 |
| SHA512 | 25246e3849acc6b385c08992135adb2208a0b313261b958170be457612dc094bca474386d16e55c661fee035f5bd051cff9113df832cf29f16cf485ec5faa1af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eca62bfb933a40504f30459e649816b8 |
| SHA1 | c7dc20b801a1463fc5d626091a84f69d7db0a1bc |
| SHA256 | d9083484001ee2911b26c7468519a4f9cb2835b9d356dd2ad09450de3a1a5a6e |
| SHA512 | 4450d64b69591ee4737df92ed9b89da47ae59ccc4f2d7caaccfa04364df0152479e058a5f1625d8e16b63f6a4b2a0298f32b74dbb59bc93bf4eac94c80b2948e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6c315dfbbed4dcfb514de729b46fa84 |
| SHA1 | 8d78f3c429d5c05eade144f7bd09e882179f0830 |
| SHA256 | 1ba3197ece3ba3b2cea979cd67b76e91a0dd52a8027b13e74b83ae625d336c8c |
| SHA512 | 3211bfcece19b3674d77b6800b8d83f767eded4d9df977e4fec81ff636464a50438daaf62039e2ca7ba8ca935d469b47aa8f53371eb46409a06fc5c7ed9f9a40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94ebe1630900d094_0
| MD5 | 5f92776b5bf7174e2eb8c6aead791513 |
| SHA1 | b03a82af01dd0315434107289c82817934a9de80 |
| SHA256 | 62e43717b79b0d6a1ee0777d4f30bc7f762453dd31212d1b0fe5078f36d8ecfd |
| SHA512 | 9c7177347f04a22566137be3aeb04dccc95d4ea9c945d2c9ba4545fde898508ea284520836f923109c8231ee472477d55ddcb23529b5e7ee4662564d1111679f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5c81c6b31626f37_0
| MD5 | 13eefaf371d0a43a39711bcc05e4aa0d |
| SHA1 | 8a59a77fde67cc18ce5681e7b9fa77d1380fdf71 |
| SHA256 | 73ff8672766f15f95685352b2ac87c88a30c26a76e8545d056587b06b3e1d1ed |
| SHA512 | 98b3fbe33865218d6f9d26dfc311d90112fc12954385918eefdd5d8f281db0cfc290f41c06022d953354e921826637fc4a219b2d502ee7be807d2065b9d9dbbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | aa389c0ecf499170753e99cfeeefd2dc |
| SHA1 | 4c032d7e67b2fbaec2f07daf1932a2e87075851c |
| SHA256 | 2de1a18f43348329e4fef08b8e40cd2e9b4c814e387cc36d0680dcdf34fd48d0 |
| SHA512 | 5148becc4318560aa39c3e7c0a148ccf28843d8361d0ad33731d1517f4ad7425dc0c67e2534a12098a5c81fc02af981379f1b73396488d33ce5e83605adbfc12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f05d59e6df9a390_0
| MD5 | 2a8356f89e189a83cb6eb1fd1b3fc672 |
| SHA1 | 566ef5384f4495b08a7c1f6f812350ac0d293b8a |
| SHA256 | 32d7134b7bcc795878c4d7056d3dcc5ddc02140723d11a98611f8280067364de |
| SHA512 | e3838fc13715fc11de8b75b9a61543d1306b3d9b4a24acda8e5b2d79def13640b47f5a1b28b754c01ecef4029f70a8732705662895c8b1ba5041a247713e4cc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\205cea46eec07758_0
| MD5 | e657ae620439db782ae5e23ef46f94f7 |
| SHA1 | 9d1a24c173d7d205e91ab0e9f546ca99589bdd62 |
| SHA256 | efe0a346f647197d6b78ea5abaf87c420ed260c06ffd53a136649ca008a0ca2b |
| SHA512 | 4bee268340a78efbcf18c496f3b30df706f330a396d0687f038ba8408b8450f882a2b4a9f0cb9a3f73dd92fa9df34403e174b38c17a10b19b0f9a616bc5c8c88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02b1a637dfc4493e_0
| MD5 | 8ccc9c7fe514a469f1b187fbfefaeae3 |
| SHA1 | f4940aba33e4d9fee0e794104807cee60aa560d5 |
| SHA256 | 0b33cbfd7a13fb2be1f09833ac90d33d4a940098fe65dc64d690bc632a6a4b59 |
| SHA512 | 68ba828fd3bcae7a4a35afa13242d8f87ecf1c750bfef975c6323ad0136247a79e4b0877f60f2f8a6972e15fadfe4f26698e5a361bec94ee21df686d4034445b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 2a48bb33d98101a69d54ffced7820c54 |
| SHA1 | 948dcf6848a2addb11790d8c5f57bd095a1a2750 |
| SHA256 | 95fa8f994e727bbad71c2601ce9f1e7c18d80f013bcd72fb5d1009b5e3a9d031 |
| SHA512 | 2882244e944557c505aa455a32bf3101364caf619b13f12775a4c60969c2c89a769029032dda813a7c38d98da676e83796decb2d49e83cc3a758cd9e09e21f31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | d74b4ed2d4f0d1b376b72d0b91d413b3 |
| SHA1 | 6cf30acda99f7e712bfa1956dfa37400fdcd474c |
| SHA256 | 613dec7dabacd9d6e8884122b294df6cf752c6a9602f0fe0ea6bd70dcf454544 |
| SHA512 | 98762e0281bcacf584904942c182cf14606311b693d28d1cd9059af65bbbdd26a2366022f04839edcc0d61da777901f7a16b2e65a824800b4f7b072c665a38a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 9b3df33d086c094e0fb0be829130fc8e |
| SHA1 | a2c9577d12388e821648195ead430f8afd5846f0 |
| SHA256 | e7fcb5e47521c55b1cd7f793601c1b9cffc6695d08329693e3fb72d4a3388bd2 |
| SHA512 | c95dd88b33780eeaf1228d89ee4b06043f6ad1f30d0f2964a81e51f1941c28fb036005b0fa48d70e6628ebd7bcaf7a533d310f585895ec3f282c6038cc045f56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | cc11fe45f2444d3225342251488e8af7 |
| SHA1 | c006af474492f61cb182bc984e10872a4e342872 |
| SHA256 | 7f4b3ea84b12d46d329f19f3f529a0bc33bef77eb6fc646e43bc493a0520b7a8 |
| SHA512 | 582d3429b908837035bf40d3e649f62a37b5dd3b68e01862b67c1123f50599b363aa2b5bf622c640e6217abb739fdb1c686e6ec7d233ed31b12e3358a3bfe931 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 3a60ad65924ee6907adda33286e702bb |
| SHA1 | 7cf74b6eb0291bc7564b4ead9f24b771375f10f9 |
| SHA256 | 8d88ec274e59fdb41a67526dc0513a3a83e3dfa1dd0b5aee1289fd08b11674af |
| SHA512 | 873c921277c496ae31f3ac570ab58e0911b1854629ce60370e59e6c283e210d5317b69f0c57a05959fc2bc6fa6a4652f572c6434b5cd488b0a40b934cf265480 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | b16dd322d7b925233ee4c857eacebcd8 |
| SHA1 | cd4ecc047d0f86e1a53721d9ed6d7caef6dea1f0 |
| SHA256 | ad08e76c404c8f3524c5cb805947aea6c92fbe3852afbf584eed4877cf5cf1b9 |
| SHA512 | f0b1c7c4349e687cfa32b2513be73aacbdf75d9dd362fe3f78766c8cb72e2bb6b5b5d4d01a10d9460c7542c6ed7ad91561b915a0015083d891af2318d8963c33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c035c55e661cf4e0_0
| MD5 | af5cf1968754c60dfb9845e2ea665429 |
| SHA1 | 4ea9786ae2b95dd2cabd79e0b92806d1b9171135 |
| SHA256 | ce8ac5452a551873e8f25f9167b699593c72a7b4df4ba455183dbbeeb77f6a75 |
| SHA512 | babbae181e621c45d0e87aad07e145c84a8c12763e9c06c913e47fd760e0a5ebf9d76b956698cbf157ed993ce24a3465350fa12dfcf97d100a62017c76c9f098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | a81ff51c390e3003ddbbe0b81e3f01e1 |
| SHA1 | c12e6bc59d828a6c805a11d39ebe59671ab6655b |
| SHA256 | 9a5def0b13a0a532867e27d537428054a39836969f111330c3d60bb038b82bf4 |
| SHA512 | 244e2993a539e68b244acf40a898477cc8b3db6ae2fdb69aa73610206edc65f858d647ca0b2ef5634a3e4e0cdda882d7c70ef0e1cc1c20009ba6901d34618978 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 8c187c628c0cf83d0062f6774ce70e42 |
| SHA1 | 083430b873261dc4cefac5399260a8f934fe2e7e |
| SHA256 | 70b0c74c709cad1bb0f23e8c4f699209980aabbe0013ca656586ead1b1609709 |
| SHA512 | 18138ac25f34368c40fa80775949c6db8457e31305b05724c7b787a81688f54cca1a7b06a0b7f411397c185acc10fa82a206f9d3ced72b57c8da0434f5df0fde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0
| MD5 | 6d7a66942a2eed04e9c5781ad2c11b69 |
| SHA1 | 30f23a9cf635e214437bb354b4f06aa614bc4785 |
| SHA256 | 335b1ded2bec1130f76b232fa96a43be25e6c9520f18a9a30172e65c670427ed |
| SHA512 | 5505327ab1796299b6b3cecce4cd349926e0d83d0d1000b0edd64b2af37173d25318fb42d3bbbf9e611d3495dddde7f25671e9b8ae9a5ef7e046ebd8c297092d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | a1ab486c8c88cfd0a17f64cdede547f4 |
| SHA1 | e75756bd8162f6b8aaf82e9053bbce548eedb3aa |
| SHA256 | 963d90eaf178965887086bff620ba6b2a4fd14bf25fa491ed0f8e652e2c0a3c4 |
| SHA512 | c8b82cec3ef16bb76309482e5a4b7707a3ff0fec1f14a3f67590029ff83e86de0e4b26068d7c53eded374ca5678f9ba6979e803a05c6a9532b8240f0edb5668f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0
| MD5 | 0470385af7e1d39c40f798b03b5e5fb5 |
| SHA1 | 94e3eb4985dcc40465b654cbda52e94296c7a006 |
| SHA256 | 29b5b11ed96810afa8611c95601f281492bb11aeda522aebb97e5deb3f01c197 |
| SHA512 | 52df4d298a8cb2307e6aeb039fa61826142d1f80b2336539b57fd480845784ef0e5b4dc54720a393268dad134995b67bb4235329a9971c194784b6a23816ae32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc1566e62c03bfd07dbe5a427e1f732d |
| SHA1 | 70084ba25cfb31f76536c724b1292617bb7ab0a3 |
| SHA256 | 607fbecf22e5adcf9b2a7a7d931db1c272bf520f17fb3f5b8aa862832b040396 |
| SHA512 | 56c6524c3161d959c29655b09aacaa14d0a00815768cb72743bdbb61173f0ccb20117b9bb5f518a2cd303cf9296d843a7bedd7557be952a24f419a93b56c5160 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | ddcffefac58f205ea194e1612e7c22a7 |
| SHA1 | 4db6276eccafc0030490f970824b55dc327bfebd |
| SHA256 | 5f12968474e2995c485a2c256a9819dde04e78b6a13aacadfba935ed7970234a |
| SHA512 | 4b8561f2bbc596382e9c22515354b94df9613844a2c6b6736dd7c1f6c51305e235c58160d8e5b3d6f5fa289dc55f6fd675332e4a13d07fd35282d61e227adc13 |
C:\Users\Admin\Downloads\Start11v2-setup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7fbf8609cbe8f5395455df52ef6a93f8 |
| SHA1 | 57e56ed560d097a7a7190a6b1ee9e46b5de86c7e |
| SHA256 | 7e5f1113446d23e5d5e7a3ec5f7d8c78cb08472162f70d6a63490db7bec0ceb9 |
| SHA512 | 863f3033172cde1d377ed1767525110c6ddf263bc8f19337884a9560f2279957298d2e82cf7de201f0755c7652bc4e3706e5fb21d0232b9c5dee2139f486e869 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d45862f29daa34703448884c21a297c8 |
| SHA1 | 4c2990a70e1f74d92924d15d392ea72e3f0ba7b0 |
| SHA256 | d364385ade39446502a845fac6bbca259b88ae06d6ebd210c1539faaecba3a3f |
| SHA512 | edb8e3861db807360a0ff462114be00b707580fe94d0d1877de58b2950510007b5795d4c22c2b2b145ab5b5b7aedf6a809bfa08a94545bff04633ee20faeff7f |
C:\Users\Admin\Downloads\StartAllBack_3.7.10_setup.exe
| MD5 | 447f5152bebe496efb94599a5a335b83 |
| SHA1 | 7c0d17a90cbec429f27effe351ede51d77bf6016 |
| SHA256 | 1ba1f1236ad8d317312b155b5d854d7e7846183171f78c084a3dbe04cd67b123 |
| SHA512 | 7ebea7c83777f8ebf4fe1e297c2f8ade48a0d891a911f0a62d97934a6e9cbf2887ebc33eb0339c5a0e8f114e5cd2bbe8d032a067d617a33a179fa3f788c3821d |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackCfg.exe
| MD5 | 25a56bd5f7b9dfe5ee8b369823a2cd17 |
| SHA1 | 3349402df7a6e444475a4e36f2edeb5bded766a6 |
| SHA256 | acec383f9ff734610abb72230770a2daf9bdb7948b5adb91fae9729766dc9ac1 |
| SHA512 | ecda1cf12eca6e6758645f213528e0ade66949e0f7897aa14dae35eb9ba45943f552b9b3a6f8d2b3b283cd7ab9a580e95c72e95b518bc0f3027f6aabcc1c0e01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d036f86d1303b5f7acf1ed03fd1517d7 |
| SHA1 | 09690b12fc5a7f82bedcea69e3ef7f137bf2e29b |
| SHA256 | 5a08e691c28ea7c113ea9bb2e76ea89561c240a4874d1a28d9048c32fff99f4a |
| SHA512 | 615c2bdec711d59ffade1211b03071ec08b0fa34494513bb681ca46a7a0d11df98abb76543763225167a993ca8ae05fa1068189a492aa374ca58f013824e03b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 045bf974fdbf28680d9ba7be1bff2f3c |
| SHA1 | 92316f165a62d4b2e3f7dbcca19635f2e93b8e94 |
| SHA256 | 1974727d0e40ad90cd648b7aca4ba1da216bfbde082c57c4450627b2aba9b329 |
| SHA512 | 1bd2c0e308f5e1739e36759045d5fe61d0c3c0ee5f1e1bd83632c16f0cafc284160aa5b85d7242c1204ef1c63ab3a42ebd77e7e46b689b0f15499f653283942e |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.BC7FD11C\StartAllBackX64.dll
| MD5 | 5f0c33f429eb1b5eacb15e2d70252070 |
| SHA1 | 666cd708e0c162f7abe23586378b7f155bd981bf |
| SHA256 | b7c063cf2e9e327e7b0471ef42473ef0e21672553b0e206d2632e567e76bbf9d |
| SHA512 | a38c3e12848598bdff0c068fbab48673a6b00a9d47a48a8a4d3b96d5383b8d6c9e9966cfa1d0eaf3cbc693b67777c11086511db16225fb4c8c137bb5d5f1aaf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | daa6928a5bf2374838235322446a5a7e |
| SHA1 | b2be4f5939b5e69c1116c098eeaed2ca5fb27332 |
| SHA256 | e43f20a31ba96be93dbf497fd7f74e99f9ee1f74abe87cfd1dfe0ef4d5313baa |
| SHA512 | e1c88a40a2daaba6793921d2651ab88653a91cbe3bd2678cea199d9aa9a1d87b010d330bb0db9e722283112fe25aa0ff27c82d403626d7f5887ba5f38c62fe2c |
memory/1416-1870-0x0000000000400000-0x000000000075B000-memory.dmp
memory/1572-1871-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | cbcca41edb8c3da19706c3f1645cb36a |
| SHA1 | adb5869f5eeae5434f2c10e7a7290575e5b716e0 |
| SHA256 | 1b951af712d51e9ca9ee57382996935d31da32460215c576345119d65cd00a43 |
| SHA512 | ec06aa28ea1c77fcce040f1a4605164ea7e2e05cf077bd1ffcbeaf1dc4bca9cb9ebec0d2f7923817511fd05e0f067157412d700bdf2b6951bd6ac0054390efee |
memory/4792-1879-0x0000000002D40000-0x0000000002D41000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ab48d27255b6e1e280635128b12063c |
| SHA1 | 0ed1d23015e2727c61bd9e318ea9855e90db7cdb |
| SHA256 | 027f715641c90951f34fc9be915efe9ffe1ed6eb7162e3a5e78bc5ac0ed93f4d |
| SHA512 | 7431062e8efca63b0d062933844072cf5b97854444af4af1b6098dfe11ca9696d36231fd87e782811555bd3c8dbff79eae2bfc843f0456e4484623c9744afc84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b127d53f4f98602644f6abcb548cd2df |
| SHA1 | 9f060576e6ea48b5dd10789e90a0a8f8d9301e97 |
| SHA256 | 19acf272cd509f08c676fa816e06af1976d8ea37c511ce1254e5f2884b7168a9 |
| SHA512 | 3b78b820fc18bdbb5ad8043749d0db9e443a9e9a2e019951108687c7c4c9eeb4fe0b89092e7c831c7ac405a7b51e3100765d4c8b7c676aa1bd259795e0a9c178 |
memory/1640-1977-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\UpdateCheck.exe
| MD5 | 8a16bb232345316e4cb1c6377cb04e62 |
| SHA1 | 13bbe91f45fffa4487e333cf0aa02a660a36841e |
| SHA256 | e9034ad4636ca1d287ac376e51a2019562563a50a98ece75807bb30ef0f40555 |
| SHA512 | c4aa7b39c1cb1a7486264d017fe7e465e93b562059c1e87943050d7227160c42eb12c003641b3c125b4a50159ee9679e9aa355cdf91bd011fa8f86a77da40689 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Orbs\e1evenorb-pr.png
| MD5 | e5ecad423623a327b850919bd8a41bd4 |
| SHA1 | a25e38296db28d28d4e50042c84600b35d091f0a |
| SHA256 | 6e451fe2d887698c4290b830aec1a4a196de22eb3bcf6734b567521bf2d6edf2 |
| SHA512 | ef8252abd127f5f1179b828a1d156b2ee4b6781e97a4afa3685418b2e4a94061554e5d23cee3713df18b32337dd2de0fe55841501210f8dfeff0086966bd77a0 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Orbs\w8logo.svg
| MD5 | f13738b41b7a2042c53dd228601639e0 |
| SHA1 | fa746d221f52d39cd3eb9aecfd2911a2f1b47cbe |
| SHA256 | c75684410793a98a051a1cf95395709c73e9589037d47be3f6277b4ac355b7fb |
| SHA512 | 1d890663a981ecb4794abfb22575bb54f74fea76123d6c9969281e36ef8864c33f77e41986481c386c867a3c6c1a4bb826d20257576d0fbabd1de6264f350291 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Orbs\clover.svg
| MD5 | 47b9be5d069d6873cc9bfc3fc7c3b9b2 |
| SHA1 | 481a3689dc871d2286ae51412439d877ca5a5201 |
| SHA256 | 1e0e1ea6149fffe9a6d09a77b404fe17db7d455d1036faebdc168b1ce5869282 |
| SHA512 | 3c8e67f8ff198dc97c76acb8e910e130455ad5bb596a805a08a25ed8fdd78ac8820d97d9cc82a72096cc5d4914f1eff7afb1b03405a8a87688d54aaecfd89b64 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\easyaccess.svg
| MD5 | b0dbcbb94384185aa810405152782157 |
| SHA1 | 2448bec63e385fd475466178a17b68167ec30398 |
| SHA256 | 6cebc92632e26a4fea23d3e95e3590912f0037f2500ebe576e6d0af54abd4c79 |
| SHA512 | c0fff2be0a62c0c154e071a07aa061ad502fe2916939ebd2fcf64de62d368782c99fac2869e4c5e4c904d2773251d23e1f863e7a4fb1d39e07ebd45f9794f618 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.SystemProperties.svg
| MD5 | 14d22222ec2d2f20fba16893756ea5d4 |
| SHA1 | b642b876676c1342c6b67ffdb98896a6b02df2a3 |
| SHA256 | e99475d76b50f34ec3b1e4346677237d6737fa78bb572b9b7c7fb6837d8a0662 |
| SHA512 | dac7b0d0c64903fcf1c775e89035709af858fa04667ff046820f5cd7b30658b173c4906fcfc0ff85310d98fcde717fd55f51a92b03c96363dc99a3996b04a14d |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.edit.svg
| MD5 | 14c11b2296c00db335bbd269c13d6c88 |
| SHA1 | 331b1f70491c6a271eed972a43a256c025b7ca1b |
| SHA256 | 1e69d480542ecf89010e0947c100605423ec60a92bd87702c72513952065b3b8 |
| SHA512 | 7bbaa9985676b0b7898ef889107ef9294dbc1bb3ac7dc0211c13b481b2eba449233f0bc54bc969fd65d8533bee15113570f470df4ee77b85a41cb98cc2b91977 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.troubleshoot.svg
| MD5 | 093bbd8b65d76465b2c034441f0ac188 |
| SHA1 | acd1e990254e61df8f80749575ad5586528419ff |
| SHA256 | d019f486cc06d5083dda9ac166d538357471ba4076ff0a332ad5a9c048947513 |
| SHA512 | 8029290faeac2bb3ba70c5cc6e9f5c1cbeddf623e5506b33f5d812dcac6fa994bb9d9634a0867e3a389e53fc718f995aa1c54b714536644114105ca580325c95 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Styles\Windows 7.msstyles
| MD5 | 5bcd1f14702ed1c521a13cec168770c7 |
| SHA1 | 60d9b2740ae59e32cb843ae9171db90d24212884 |
| SHA256 | 5d7d0f58359bc0017da66b3b893515435add2908f3c10920e0cad2febd3e0e62 |
| SHA512 | ccd3df8072768e42c607d372c35c5e484c51a3ed24545ae29cad8aab61a1cdd2e9c8c33dfed41406566b31ed775c0ffc56859f97d8dd2859f4899af1a670b752 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Styles\Plain8.msstyles
| MD5 | 509fd060516d1971da8d0c2173748358 |
| SHA1 | 67ccd63914312b1f491467bec42232916df109c7 |
| SHA256 | 43c7016d950248f52f9512c9e7393c38d61a3ba2235e5fb6deed83564d8e9442 |
| SHA512 | de3d87b7e0a518ffbb10ccd400dbf5f9596177b75dd7aa4785855d36f007ef0417b88b2eb3aa6af7e52fb3670c021f714bcf87a33551ffc4536444d5204aa7e6 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.SystemProperties.svg
| MD5 | 41f4d4bff29ad862ba7b8c8ba9dfa2ec |
| SHA1 | f1290462632aad2a3c32b005c8a9699e6647f778 |
| SHA256 | 1808bf21c47237f8bb8cde2d014d79281cc41ab8bbffefd929b4d64fdecc2204 |
| SHA512 | e6eca2533f02042fb294b2477c513577759bc5403b8c02a82258143e62a59e06e9dcb68cf1a67f77280abffc4ce29e4bf2e3711cb1574ed987f22b78e4adcd50 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.slideshow.svg
| MD5 | 69b0feba9de26f8a460c519f4699951c |
| SHA1 | ea7bf9dc8127cfae43050eda38871ce377074c89 |
| SHA256 | b24b24932cc2156d51f7ee5365656f83b358d894860ba921eb353f1664dc22fd |
| SHA512 | 26ce95a2dc56a0348b44359b9bf191290373e4837f0b152012c7a8c9ce909aad16f1d3e98ef950ac9c3a1761c7ad6a352ef7591440d8c7e250c78e5fd7ac88bc |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.shareprivate.svg
| MD5 | 71f2d59747a3f434e644dcc2d9ae5cf8 |
| SHA1 | 8e355281310095907caddb5505dde9493845991c |
| SHA256 | c3537a0c281a6332ac2a7eb35285b3bc7ec9bda291442d482b98a45b01eed7c7 |
| SHA512 | 016b1fc3c52dc1e83d26daf3d8a2339843291d895f0225331397c80c00c779bbd8284f53cf1d4899d16068b1eeade8426bca66ad2de5ede5495c17d5dae08cf3 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.RibbonPermissionsDialog.svg
| MD5 | e04891b2f5d2a3f7d820874069efbef0 |
| SHA1 | 6a0fd5094b970112bbc059bdfff30e98e38a630b |
| SHA256 | 1fb69fbf893a9c105ef34a722e7bf2bf52cd152f1f5c16d10a5551f9cc3bcfae |
| SHA512 | c06c846faca627d3eb9e28fe2d54c34785139cf8db3e1bbc0c5f600fbe0693dac9b1909e2f7cb5821d2eca60810bdc53ac287f174f8a86893093df217cceb40f |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.removeproperties.svg
| MD5 | aa7a1f8653ca76f4aa3a6ee5e578a30f |
| SHA1 | 24da64a7c889016fc62721a37650e7c890f8540e |
| SHA256 | 7f7424bc7c1580d0c6fa842fc0c08ad9a4aad1f2100bd314170a81f242a13e2d |
| SHA512 | d52b1c0f26754910cf86f1367c79e780a7baf713a2037d3fd4556747c595f5d7e31dca3f04165a7bf7d09d903e06e356e004974ec3bc555ef87b6f4fa8b7afc4 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.pastelink.svg
| MD5 | c166ab708a47bcfd4c9a4db9d49b116c |
| SHA1 | 672873c5f1ae795ad6d6cf79d48916bfefacec13 |
| SHA256 | 7508b21509f19d080ca825c15d3ef4314dc35920f8aff7ffe4ea896f3e384872 |
| SHA512 | 55ec0cf124820386e411868a7ff590cfdd238cb1fb93555943de0587669ef02eb128487ae58c3151b629c8fb82ad1bbebd36a8de592a52e3d083c6b28438c618 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.openControlPanel.svg
| MD5 | a7a6d780d544651856596d0a038225f5 |
| SHA1 | 4a1275178521d9949631cd171826298591a07b9e |
| SHA256 | 942cf1dbbc4b72975e512dca10160d0e0c14bbab067b3a2c50bf9d33b8e22fd1 |
| SHA512 | 8f466aa606c743e114c77d8409725cd3f4b831fbc72278959712104c4b7aff140a22d0ae184ac39bf8f3e0b53bb1bcb649fa8fca867c9e1212b1f613ab0afde7 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.open.svg
| MD5 | d88f7146f06864129fcee20421c9cad6 |
| SHA1 | f7c359d52db709fd691b2de3594dfcc2c9b5f133 |
| SHA256 | 644d576f3f86307b5f9448b88dce9f53e4fd40e14fd00317c37efc70f8a6c3b5 |
| SHA512 | 73b055d1c273ed4410f8785a9a4e221992a3db860eb3fb684ae4894ddc25c1d1c3df36a690633f57cc20ae1db19acc1e7b08181839b341deb1c7b48ebbacbff6 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.MultiVerb.cmdPromptAsAdministrator.svg
| MD5 | 82c31602416e4be22531b6daa5339ef5 |
| SHA1 | b066f34a2df875b62c7ae81d425d2c92db0cceed |
| SHA256 | 48ee93c6978fb0bf08e2de11ffccb52e190d9325f7889c9c21442b97167fef1e |
| SHA512 | 0683bc5044628cd49ee69fff640b336f60165b387a44d9d4f53552362fd4374c4bb77560b178cb4a279f35f8edea6d479a7a6e839a32cbe7cd89d2aea64c7667 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.MultiVerb.cmd.svg
| MD5 | 950e13db1fc393ea7444f5139e0698c2 |
| SHA1 | 456dcc1c7a494b4fa0aa7d17029cd11ba235926e |
| SHA256 | 118e3fd996a8eaa8406d0e98fb76e8224b23e32210543993c71da993e07c368f |
| SHA512 | 975c7c4c104e4b7935a5e4b7a0bae5da5cc96e02627b6db4565bf8e434d7ea146447a1171538e286886ee83b902ed038a920790dd9284410df69c23e4bfca8f5 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.MoveToMenu.svg
| MD5 | 64a35fc57fb167888db1fc08ae4517cb |
| SHA1 | ef0677fdfdc73684dee13fd10cc37281d5a1654f |
| SHA256 | bf8458615d4d28a96091627aafc0cf6853aaaf93e87bda52e3edc62baff9c5f9 |
| SHA512 | a7aee19efd2c8b019cfb051d88ae458e0fdf0220ce03f634d55e54dec53b8df4d8d255749f3dd06621b9d9b1ac8845f357145810977e542d6d5aded4e33ee7ee |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.layout.svg
| MD5 | 12dba44c3a22a457c5b75f19a0526100 |
| SHA1 | 617f700da8af1239c27291176a8316619006a43c |
| SHA256 | 9b2c371947eec1f36cf20096e33a32aec971a1148646451863aee8a868df6dab |
| SHA512 | 7c5614de250201375a3f52981a2abc570b2a133880cd40d77ee7d0f50d938ecc3b94466c086f0b4cea0da8c78e9cffe1b48a6a42a8d02933474cf6d2c607f097 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.hideSelected.svg
| MD5 | 969f2a95d9f8f53871ec2915b7f899e4 |
| SHA1 | d70d953d5b162503877917d7c388b83cd7533a17 |
| SHA256 | 5cb0408302a93efe9dc8cab07f2f6d450945026f844a5ce7728d2e830d0eeae1 |
| SHA512 | c1cd140e670609b7247605f0dadffe3bd7922403d97fde3335fdbbe60195a4a66530a96b39d8842f469a30d30c5f6e6bce74dd70221a36c1d8544c2bffa4f7a0 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.help.svg
| MD5 | d2eaed105868254a169000bc4f8e01b0 |
| SHA1 | 3bf8727922d9362f99ae1513e1337fdb34378d6b |
| SHA256 | 5cff4abe766fa2c18a0e69d5be21388ddbd90e47ff7316090ba2279ccdf19b6f |
| SHA512 | 5cee6dcda5e731d179d5a1194e194047440bdd560850698e165c30ddb7bf6f18827ec815b3df1bd18b0d5727c22a96c05fa5af53798c62f32715b6a78e9a4bb1 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.folderoptions.svg
| MD5 | b06dadd8a262cb69caa45a0fc1d2e8e1 |
| SHA1 | e9807e96344a0961115eaf759bb718d8bacd6497 |
| SHA256 | 1b0fbca9b1dad3bd78494ef75632d54f977e22c6835788d00e179af2bc23bafd |
| SHA512 | be626b15478772bc67817034e8133834949da0e91796c1d2f51ef0f830284f76b69eda8137104e28d426b9864e2ded0cef689572d5eceea4f58c56124c323525 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\windows.email.svg
| MD5 | e257e78118c790a46596520e85e550ce |
| SHA1 | 9d38ae7247cabab3d34b10f49589bb73fc4dc51c |
| SHA256 | 3568a00a810d5984b8c71df89157bed7a34466ae72ac743e2020e8c29fe3df57 |
| SHA512 | 8de7dc8f3c2bc4a9b725c1c2a45c8d6a5b4f92c46798ed52592b35c7701c3391aa6416f447f2887cc15795f389abcefea2014311d7d94b255a3ed1c6eb2e9b16 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.CopyToMenu.svg
| MD5 | fbc42d74506b01301daaa4ed713e59c3 |
| SHA1 | 6cbfcb87d0447c00680c9710dde8d8ff2cd77216 |
| SHA256 | 9d81e9391ee6e6515a573dce662d0d50d4938f81ff640051873667c93c6ac469 |
| SHA512 | 146028277f96039af0c19154ec44f402c560896bbc44cbf9cdac3c4d8fbc8c153169f38d5b8cfcab47144095b688e41345528be049f04621d2673cc0532f13c5 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.Computer.Manage.svg
| MD5 | 8987c299c5fbac9f68136bb012e1eb4b |
| SHA1 | 6878a2a158a7be4e3bfa899763c42a057782d4fb |
| SHA256 | 24ab22832e298877665641631c70ded68e5f9fc750d5e15f59b65cce06d8b4b2 |
| SHA512 | 1564e7e74bbd3dc94dcb51c4cda29718e5caab86bf877084b72338a712f762eb4525424a7acdc0e866b775157064fb6025df2c2276daf83fe12b2aad2b348af0 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\Windows.AddRemovePrograms.svg
| MD5 | 80ea667b88a6337c38b2177f2ae84423 |
| SHA1 | 89f24a1562d96eea28d8d3ea821042f9d177641d |
| SHA256 | c118dfe2cca3abbe108b9ca2c664305f79e7b348cb142f504e826d04381bf143 |
| SHA512 | 431d2ebc64e14c291d80d4bc8faff585e4337fb4f2318d6c775b6296967679ffa054dfb7fa41f4586392e9921d64c6dd76b45d6c6dae16255a4005e091e7e3c2 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\easyaccess.svg
| MD5 | bd71ae5561063094ecdbb18d0f38d474 |
| SHA1 | e2eee62bfd715d2bb807ff1daf354f2954f93efc |
| SHA256 | 3a58ece9da8a88a997fb95b0ed8d81f223218f2e089192b451df8a451fcc9800 |
| SHA512 | f9c39d0a4c438402ae71eba7fce031db76c9616ec9b88592fc6f7d80b73b57d6333f567844ea13209afa662e1f879812cb0dfd0a40772d9a94be210c5cedff29 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-light\accessmedia.svg
| MD5 | c5e59d922cc9a14408ee01a473de2051 |
| SHA1 | 6eaf109c422b2ebfc632f5c70e66b91f90d53f7c |
| SHA256 | dc2ab9af2b1cd24b11acd4f0ca0e55cbb65d2eac5228a411c2698d0827ffad7c |
| SHA512 | 9efd45be57ba0727058fb8439794ec62a0b0728a886aafd8069fa8bfa0b23fcc2c011838e29a8268872508875ff1d6ec874cec6b991ac09167784c3b6495681f |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.troubleshoot.svg
| MD5 | cddcc9583650cc486eb4cdef5a9b5b98 |
| SHA1 | c37f053ffb211a8889639e52a9ac0767c1b8058a |
| SHA256 | f720372e65c2882f142712338aaeded555129dd4853dd2ccd432613d74707616 |
| SHA512 | abfb7d54dffef751559ce4d3ba7a79c9ac0cf023147c6ea8624df4953090aef489968cebab0c5c633b1a095205cd5e2671a609b2914eb03685ffc3724ee17404 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.slideshow.svg
| MD5 | 1ac51ba1373596a8d1f06bc083f4a399 |
| SHA1 | 8ac25f224311ce855dd56614730da461d6bac52c |
| SHA256 | d384130da33fa213933956306d7ee8bb8377f8dfd3bc4aee588fb453d2b34fd5 |
| SHA512 | 0a9031ccf4b29444ef460f4df2b63b64bd880b5d79c32343c63a04dbf31af09b7547210bc975bc3c5d2389cec2ba20684205e1465753adfa9733912d97bc5bf7 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.shareprivate.svg
| MD5 | f330543683bd4ae04f346f54507d22e3 |
| SHA1 | 98fe7d1542a3ebbaaa9c24238fc1f48cadd046df |
| SHA256 | ebfceadfeac8434c464713ec411e1b9059a743ef0e7b676adaba78b005bb877e |
| SHA512 | 4752ca2f4b32b8db793cb746a67a918eb52f46490246179dfccf441a1cb5ae23b95929e766a9ba7200b0c84ef6361051a6efa461ba1175f448126c521fdec5e9 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.RibbonPermissionsDialog.svg
| MD5 | f0e4bf42cb74c5dd771f24c743f868e0 |
| SHA1 | 65bbc97217ca22ea7228b25b9848d3919b3a502a |
| SHA256 | 2b9a7c378e0160ac8e5843f1ced91021802b677776dcf9ffa71524adbefa1800 |
| SHA512 | d2e4143b52fcac95423966ca78b4bc3c9634eac01f6ea17125125b47d77fb4e68c3c3458fd48c33b10ed9024b18a4c1c66cc466592e47832403f1d20828409d2 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.removeproperties.svg
| MD5 | 3f8ca186cb7ddd7894eb556e4b5fb44d |
| SHA1 | e9f8be66944d1476e672d07e2e807579b2fd1563 |
| SHA256 | a6a11b85c515027090396db56e7f41036861f3fc00f518e23885566d629b44b5 |
| SHA512 | bbefdfeef896ab0878359387584cb7908fcce27726831acaad975d867d1c5b9a70d67ec1f6dbc03ec0fe7955aae95d1ad251e57730ba9598441e18d366452841 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.pastelink.svg
| MD5 | 9529c8cf62cb8d41191701e0fae024bb |
| SHA1 | c526c95ee6a643414789b56acb99de703db8c8ea |
| SHA256 | 2e6c18304704c1ae4885abfe8b002c429a4ca7676f0a0cf8e168950d63f7a218 |
| SHA512 | 7c5061848719d99eebfd5ddef0152c1d591033c3bf1a9162fa2984ffe030d29fec0f0957f3b1d4bbb3d5b8227f8774f74e4832b1d545cfecc09c86ad1eab9cbb |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.opencontrolpanel.svg
| MD5 | 643dbb3b6ee4756762b5f54f655e39c0 |
| SHA1 | ea7ee9230092f5fdb7906128e553b70dc5c64fc3 |
| SHA256 | bd0c11262c33d08d2f3030d256ae7c16fad62d0050dfc568e9057871db3b5b5a |
| SHA512 | b63981deff805fbc128d6d6a8be6a53d70fd80ba6dd4c017d6e8866202431c0b3968d1cf3326c5336deeef89e1f7a60251d9874293e7a975cbc340e643f367c1 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.open.svg
| MD5 | 536711aa27aaf290c2410dcda8e2b591 |
| SHA1 | c1a681b60f9c58379aa36854081154819e252fdf |
| SHA256 | 412a37d3e1856910f22c2c35071eae274e3d83047e7a33339f31f501cc5579b2 |
| SHA512 | b45f5b5cc062e961d9152ad76be81b6c0c2d95bde7619ac231cc583c064db2454ca9b4a642778a517021a09563ae004428007d52ee89a0cd9ae5a736f2c3f3d8 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.MultiVerb.cmdPromptAsAdministrator.svg
| MD5 | 6c377e6d5bd170f014b2352c0ab7421a |
| SHA1 | f96a1db407f92341dd47ebe432de32913de4a45e |
| SHA256 | 8e4de3dfc33b3b3edc2d3b37e95669c9794d98cefefdc50bb6ba02f0937d606c |
| SHA512 | 8218d88c6cbf6c3277f36556f54c4b533502b135c58bb24a2efbcabc2125bc39dc38e51cf130b320b8dc8edc08d04aeb4cedb9472966e907981f19adfa3589ef |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.MultiVerb.cmd.svg
| MD5 | 836de6af228e5d47f4a5eedbe79d9172 |
| SHA1 | 866f1d4825c6e8fc93f2e4284850bd054dfc39cd |
| SHA256 | e642c6fa1611e1e937a31bce4b61d1951d6783e3ff633729f86096b67cfe6228 |
| SHA512 | b022f7ec8acd5c80ce03fcb58ab3d551b2760f93b9bb8770e5f034416738cc87e3c633527939fec584deef38dc25db203844f8cd76856bd24a90694a0ce2edda |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.MoveToMenu.svg
| MD5 | 7beacb39451ca90854d81dc79b25f579 |
| SHA1 | 2fbe3c7c118d0799ced08f530274d04c4530ea99 |
| SHA256 | 40f70db8f7814acf922e25411f82f9d9b9420d30e34f5c6199b8488e260ca13f |
| SHA512 | c66850bf3d41bccdf49859244dd38797e57cc7af8acf774d578f799a769ba7296108252dee262bde7d8268ffd90c2985392a7544f9087e551b519e8ca2293fa0 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.layout.svg
| MD5 | 2105ff4f8f0fefefa00b5ddd93ed9d79 |
| SHA1 | 45f452e56c9aebda14d057e1f1797e20887ef5df |
| SHA256 | f39d73c1cd814615aa74ce9fc04a4b7f4c83156b2173875134eaa3f60fb70c7e |
| SHA512 | fbce0a5606cdeca22f3c53de7b966a9a00cc1ff40bb5af59d25eea7870a2fec140908c086b91760d16674a6d65c90c47d392dd7319ab507b7ea70a5a437bf89c |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Orbs\Windows 7.orb
| MD5 | 85328e698e8a74852b4061a683915dc8 |
| SHA1 | b898267f8574a34e6d605e541e5234c27dd53f5d |
| SHA256 | e5b74e9e7bd6758a0154b11462ae3328edd143190865198104d8bd53b9af7275 |
| SHA512 | 03945c487c6e697f7b352374a989bfe41d1de7d00624461d2b97fb2027b26d36b35035d5e78ea622c31372087dae647c5d3591c7f9a27941c009993e719ee28f |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.hideSelected.svg
| MD5 | aea15430def6cfda52866c7acce670cb |
| SHA1 | 6fb41dc83d8eb9f14c42bfdc734f22aaadf57a51 |
| SHA256 | 931320e31e415b420aa1985d2b7305d4f3b1d2f1d8ffddb18c01690aa84f3d20 |
| SHA512 | d97bd0f7fb7ed1e40ab550e9103eace9139de44a0c4bffe7745b1f99edfd799f07379ef19889cd4a838bdeea99c726ea977539a4de0246eed36fa00c403ff48e |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.help.svg
| MD5 | 613988bed41860a9cd8716e840f1b43a |
| SHA1 | 805710d924cd714e84e29b1ad8b19f8166708502 |
| SHA256 | 2aed30dcca71f8d120cffc6b01c318bf1898e62615045fea5e33e1552f289e93 |
| SHA512 | ead70f060366fd23309939e6aff86e394d3ae9517e22147bd1f57c6981004c2b2c01a6624eafd6a80454c1233f85b4d02de7b3eb5618c3bd743540360d931e35 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\windows.folderoptions.svg
| MD5 | fb052ee6b0d4eb3a0ac028075e212e49 |
| SHA1 | 19c6c4b06055ae70c9a35c3c0e4fc51df18a9fcf |
| SHA256 | 3615ad11593e0fa41c9fcebe32b9e96865cf13a27640f87802aa3c33730a05eb |
| SHA512 | c2eea0be65b7b1f325991f671523a34c8383f10a049726ff2b52b270697f9bb29ea1936590dc94e84b02b39449d0a2fbd31104d4670324216248cbdb6116cc72 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.CopyToMenu.svg
| MD5 | 719b1c337f9362d872c788c1b8a443f2 |
| SHA1 | bf435a2671443a3aa54342219ec7a8413f3fc638 |
| SHA256 | 0d4efb27e6c7b774206155dd6abddd2cc85635a467c869c7675da196869a5e2b |
| SHA512 | b60a9d72d669a41e961849c7d5acd02b03fe043b551c97ba2661d94a39644c3871a137b6bc62c6e8b45919861adbc3e220f54131e4e877ed30ba82d5e998dabd |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.Computer.Manage.svg
| MD5 | 107fe8d57a6d6821321648484ea41333 |
| SHA1 | 98df047cc084171b3485bd2ce8abe287f9487f55 |
| SHA256 | 11b72939689a479cbda2bf96a64774d2ac605c7054cf23deba0663ed4dc11d6c |
| SHA512 | 9de0802330eaca6ae4849c9472decbc97af7dacdd91665f55b43c54c7981e9afa362365da5ae49e30b0a182d5d86d6f863d94e37b8fb92756de857dfdd15b4ad |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\Windows.AddRemovePrograms.svg
| MD5 | e0f7ef3d2f36317931a42dddd494c9c2 |
| SHA1 | c6b916609b96d81bbf803a3eaeed1b088b69109b |
| SHA256 | f51c5b5b68f6bc5104188a93f145ca2d6e57d94636fda34e41599bae0e5ec682 |
| SHA512 | d7722dc17345fd4245834f247249b8f9e7595728ea3c176d7349d39d90b8b57df47f2c2eb430366cc1d38df04f2567783976d3ea424bf013ea9e296679f23344 |
C:\Users\Admin\AppData\Local\Temp\SIBSFX.B94C120C\Ribbon\theme-dark\accessmedia.svg
| MD5 | 87549bfacb19ac7eea47dfdddca9ea80 |
| SHA1 | bec2cd7951d75ef20f9bf8379f61e8121eca8775 |
| SHA256 | a14b44b414971fae445df013a5de357ff625e4a509bfead3b0c01a74844aa515 |
| SHA512 | c0f36410598e26a9783dec3b1fed11fa3dfa563bef210385ec213dc1f49d53637d5fb6ff4405c852bcd150e951b162a1d856151aa2512c15b9ee68ca43d42304 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ba74364993c6f2875818987c89811a52 |
| SHA1 | 3227702832904c0b9ce30ada2dae74d7382043cc |
| SHA256 | ba72ed87b82fa521d764b6ce8a91f3a00153e244f5afc33c4fdb6293829053d9 |
| SHA512 | c8c907d3daae268945ca30de512ad7229374bc69c6cd75dfc083f696f59e061d0c5956fce1d4bfde9038dc9c9d410760b499c625d8c00cf171d9778a4e261fb8 |
memory/2696-2064-0x000001CC18B90000-0x000001CC18C90000-memory.dmp
memory/2696-2065-0x000001CC18B90000-0x000001CC18C90000-memory.dmp
memory/3780-2095-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\StartAllBack\Cache\ribbon-theme-light-16
| MD5 | c4103f122d27677c9db144cae1394a66 |
| SHA1 | 1489f923c4dca729178b3e3233458550d8dddf29 |
| SHA256 | 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7 |
| SHA512 | 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54 |
memory/3780-2102-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5032715d5d104169_0
| MD5 | ec8c575f27884a2d881accb1d3e4fbb0 |
| SHA1 | 0c8ba1130b8ac928abab490055cd3d9328bc341d |
| SHA256 | 4a396d7277a11e5265b4616a6444d9bcc25de85c0af82afbbcce469d8b0793d5 |
| SHA512 | 2604857eecd7401d7d05643647170a7e929d8fb9305057efe38fc99c337fc429beea40697ce023c579f171bd5bc972c56e69bf606484c9fa66687d2bc5757cca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af48edbd3578ee3b_0
| MD5 | a8e6f6d98f54cd1c80abb816b848913b |
| SHA1 | 37b267eb3ceba720ddfaa039d34da9bfec45a9d6 |
| SHA256 | 40405e5dc1aeb3c9b43facbfb82124c74e5eb928aac90c3cba5250b49436b0d0 |
| SHA512 | 6113f9190a232881efd1e53f75a1bfe0646cdf68d91faf24545b3195fa55652f721e7c7024f09dcf7c0312be4b3b3acdd3c6db9b3c0e17407b329d676d5ca953 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | bb4f5193806862a8386f08db3a107122 |
| SHA1 | 7d28097da0d4716123ce575bd1f0a51126e14cbe |
| SHA256 | 28965c5a187e5b9c85b77dbfe1d4142200b40a1d10debf3a069e78557b7f7685 |
| SHA512 | 91eccff582043b573e9b1a0a0958f51b0535e989c029a8ff66e22216023deaa357cad6d208b79640c3fcc9c784e7992c07263aef37ce5b67000a5d5a607dc9be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eafdef011b18f148_0
| MD5 | 03eb07c9a31cc42d50132df011de07f1 |
| SHA1 | 9b48c9ad4128c3cf77c5a4f4afe83a686bb5a9cc |
| SHA256 | cba75849f938780c67d330c75da85d5244fa5f277b446d7212bd93ebbd85aa7a |
| SHA512 | 55ce3577ba6319715a23542b2eb9cc29c202680d757b7463a12b2a24b1c1db431dd44283d75cfcca7a5537e96d9581b8ab327e3da59c9c8545a7d31c2c2e74f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 87210e635aefc92f35f51368ef151eff |
| SHA1 | 3291a3d64e4b8e7fe2b384780bfda89555768ac6 |
| SHA256 | a7cdcee2f63fa48b65f5347505b19a6944dda85177a3d86daac1464dfc8ab642 |
| SHA512 | c58445ff64b4721f0a380d955a1dd1dbcd5bb07dc75ac79a25e49ac81cd44649a277ee25ea35807930edcf81022c928bd6f740580d869585f39b027c237c49bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | f9b370832e8c4095d613e73090adcb2e |
| SHA1 | fefd28d397e52ad1074407cec1e37b71ac883ba5 |
| SHA256 | a396032ac1d94e90e21b99416685efc9f89a5c06ce509dc2e0e23255e6adb209 |
| SHA512 | 4a19848ef29c585c3eccbc1561507785861bca1ed1e0cb4a1069ca9bb1625ceb1671eb714e9752461549d10165d1517d937c6e1936a5c57cca5b76650a0bcf53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7752aa13b5c922d2_0
| MD5 | 9456e5375c5212abb47081657f056c1f |
| SHA1 | 5fa0d7c164afa1c62a9c8a815d7157da06461862 |
| SHA256 | fbcdf162367d12290d521e8a4fb1ce444250f4704b00405b9e189ca6b6d0e168 |
| SHA512 | cd6225cff1e7ca89dfdd72ce29886b7e4237971d1a958f2ae6358c09b711d22c23675026ab7bb9aabda90875b52be15fc353736edd96567798d23f595dbfbc38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | d1774e426bfc8fcbea4e99699a1e904e |
| SHA1 | 4f320b049529c49b3279b00cb152399a9309e002 |
| SHA256 | a3340b316fd387f059cee59484b31fe0fe6db7c47044c5e8fffc068346579619 |
| SHA512 | da26f9d5ebfae34abcb0d88dd9e9ab4ecbfc1833e86c05edbcb52e961ff3ec30b98c1fbc5960ec34a77c9d85d517cd5a07833d635bbc73be29a8c268ea90ef0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 2247e1dbabf586c951ac5a291bfeb678 |
| SHA1 | e08d1bca38f07ff64e6ed62db6ed0e7e9ca4d860 |
| SHA256 | f10d30a108a84ce8e3b1de03ce620971844d34f535321823493a5b3acc3f8519 |
| SHA512 | d193bc1f25d8d881365272aa68e02b752d18ee4cd994a6ced65f743f15781bd81308bc124a07f867373ffda6f39fcb32356c0aced06262573f9c60ca1e2790b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0
| MD5 | b4b1188bdfe044912e993616b4bbde35 |
| SHA1 | 3bff63da2e5423627d83e6a8f589f8ba4106517e |
| SHA256 | 6691553615f22089b1547c0e4df914d4e2401886537270afb76fb32e70b1618c |
| SHA512 | 20e059f43dc8ce64a7514739e945fd4c9a715238e525a20403cea5dddbe12b85ec4202a01fc7fc8cbca163b7d6b5672ddc103ad7b3cb9c6dcb1c56786f1d661d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0
| MD5 | 3ae0262c3787a01cc1118063f6a0b9c6 |
| SHA1 | 99f1bc1652f85722c7a26c599839244db7c4d58c |
| SHA256 | 0886b6b39dc87a3b8d38424dbc3492381cf57a6209a86318674e64b6f1e516ba |
| SHA512 | 9d0002fed37f9477dd71ef6541ca89a0b6558a62f2732fd379124b22cbecdcd9160ccb8d087db044286d973315bd7c46db826afa08d42a0a840c1d27b26c2916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b64a062e7f1399e1_0
| MD5 | 681f1b3cc3d29a80eb8c6d5f6ac9a9ab |
| SHA1 | 107b6ada72f1c3e9a7468c49832df4376c66a086 |
| SHA256 | 0d848f85c4a8aa224012384886d41f6eb78e51a18da1911baf67204e3ff643d0 |
| SHA512 | d0cbd19ce23ff32b236a39fb24a55223ff6d0e5c2442f5df5cd7035890614352d6d56d63a4b6c4ace7bb265ba13f05e86b750bf9db01bd61fa19a5592de19753 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ad8760711f2bb72_0
| MD5 | 0c985fb3f2a19a4ac6060ef76e0f6695 |
| SHA1 | 40e28a66915c184a50e80473adba0839694e411b |
| SHA256 | 4c2b824fa8f5b1acd7c935c363c340860a931db6b167ca5ce58b57275f8eff25 |
| SHA512 | 29ca2b73e123f4066b8eeeb9cd607b510e2a7387c57070393d81b85ba894f7e036cb4cd81839f0a8a8665964c5455e0cb0be3b0d696371614ccb6628abf353e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\deb6de7f847d3fbe_0
| MD5 | f898826715d6f903022fbeb1f92ef11c |
| SHA1 | 70476b69a9d0ecaa3964f196b1e73e423acd58dd |
| SHA256 | 7410e80559a5d61aa4896f6673f71a49ad801a932caeff99e20f62c4fb4f5297 |
| SHA512 | 3b948a7727f0780353ab8f3b0172d6dd9622a147a337821646e95c616aed4d7e4602b0f538ef924cc80d9b2161ac8dcd0813dfbe67abf51acc7dd35df408ba31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\225e74b324ef355d_0
| MD5 | 722ca580d401046b4b9d5a2ae4e74940 |
| SHA1 | f0be541541926aeeceb6aa6aaab467210b729f35 |
| SHA256 | 672a1c7a8438d2d60bd8fa86d78b7f9893017ab7932ce8ed81c877c7c8416b08 |
| SHA512 | 614333776417da3bc22493a164ddba5ee2c9194ae1b87f48455347ee575cd0a70f9012e083f724cea12219638615ceb1cf75fd5c913ac15da556f998943aea06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cde33f9b86a824e_0
| MD5 | f2e76a9d25bdcb44182105c90f024411 |
| SHA1 | 840ec4213b1842d461684717e71f1dc6c2bfea42 |
| SHA256 | dd9a7496a55eff37180cb4e50adae168f2e99cc51f08377a1d584928ec0a1628 |
| SHA512 | 71080d49ae28e7b2e60b0e6aab958d0317f09de032c850a91cdd679d280cb5557796fd71efedcd1f19b50112be47796db97bccc6d97a11742c611058afe460d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0
| MD5 | a167b28003d44499c9ce2c5a2a88e074 |
| SHA1 | 4012fd48557dad12e29e41dfabb8105982114849 |
| SHA256 | a86ae3b3b86cd96f987871df53323db91af4ba61c114156300213a52d23edfc1 |
| SHA512 | a07e90ed45fcdafd0b61194f221e0861ac0896d93b6043d4e4ec1c054a2e21150dd7f2fabd2960e1a053b991e245d19c2d97828bf4b07e43c4bebc9187f0c017 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0
| MD5 | 9b145f586be3f32a759d3c0f672c342f |
| SHA1 | 2599bdbc7369a2e96c521b58068abfb6020b0ca5 |
| SHA256 | 01db76788f63a5adcd8e52b56e11e67925bbaf1944589fbb55caf4afb31aac81 |
| SHA512 | e6a5a1c7530371e54c9328ee976a156cbcd40fb14dc3e350f4f552a06c71a075cde44da1f3d1efcac68a8968bdaee4c782f5041a636e460c3360aec39f072992 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\046526f7d2c92b1d_0
| MD5 | 30b6d25a91426c326d4a0c408ddc34e9 |
| SHA1 | bf2e688264ccac7191de04153f8b7f22d2c7d8f2 |
| SHA256 | 72c98b562fbeb5c45d914a589520442d21b23fe56b681c3cc80d9649465b2075 |
| SHA512 | 35fdeb97fff4bd69d121ad2392191360d36a3359a79c47bb6fabfaa73afd4829398418d0179994994ecaf6db6406043213f7a7d56c4358660f80a660f527e1f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0
| MD5 | 78b68c29f984d42ca8883469e7853f97 |
| SHA1 | f571215235610fc3e1795942d9523be8c76d5649 |
| SHA256 | 4ffa9f0e45085e70e32c7ad9ac7d73ad817a84c6a3687b8bd612ec4171c17500 |
| SHA512 | f8c5362b695f0fe740de13f84978741cae02ebe446130ac763a7ebfb72edbe442b7fb3a7def602866e631ac9e964b4d151949149802a0ab3ae05dc8d87b69bdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0
| MD5 | 92adfdf4b9eb42a3675d58785b91595e |
| SHA1 | 7c2572d8f817c0aa6255a4f7fe335b163f825f5c |
| SHA256 | dc754f9cb0e6bc3664f1afd2b9990f55de957315161e91855906c78e5853c7fd |
| SHA512 | 11bc517f2ef4e21f54f2567115e6b48051ed391363411dd19a29b9d1041d5045a5d58fc0b05ff5e92f958110536f017d8e87fab1246772b588484f2f993fd9db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9eb49b832d016644_0
| MD5 | 1c35fe533172b593da169885ed6d75a7 |
| SHA1 | 7c5970d3aeb52b20685bad713479ee71420efeef |
| SHA256 | 0df057c4668a7eb6d1a61786f5c42192836c3f72c9d6b834b8024a5e8e367db7 |
| SHA512 | 628301559828f466fee3465117be27e2bc2c65d8610ff2fb60806d4494bd8fead9bfa9d4b23ae6229df5f5f9e3b4f52e9d709eed526fb75eff54735dc5cb6121 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0
| MD5 | 449ae2dad2ad931093dac1cdc166d317 |
| SHA1 | 21ee1c79251b730b8cc73c37fed2e47afdc1a150 |
| SHA256 | ffdef41de32479bec7c290a30a38a20f7c39fe1a42af4e1e4797a51801084ddf |
| SHA512 | fc78943ec368703a44c555a4bb878ab41e22ef74231b04129c750d09f044637ebe01aaf0ef2673b160704d72a5376b7cb379c7eeb427f1571d0fa93e80a22947 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2811d061eed19ed2_0
| MD5 | e01dac7e4c7345b8564e58cde19700f6 |
| SHA1 | 1f413cf55801fe27ebe707b1dd4697caaa8b6f5f |
| SHA256 | 7de8e3eb88ccf5be9efc918d09b2c9b255e8dc480eadafbc31161b97ad7074dd |
| SHA512 | fe43d5d03dab3ac98bef96eb5b32ce8de91bbd4deb984030bcd65b16200023c6a9bcfc38c404947bd92337c074736304b3ad117c03774e77ec88c7f8f355498b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e52ae3fb759a78f0_0
| MD5 | f4db6ad7285403e28ba31cbc17c72280 |
| SHA1 | 67dc70386e76a958c60270dee59a3ef3caee788f |
| SHA256 | 1ab10dc27c6ab1f811c5788af81ad8b6ba4d55e416b8b2bc3ab7945bc673f8be |
| SHA512 | 09c09374dd2b115f6914734e18a5b2625a259cf36b6b5d545c255351156398479c8582ea5846aa54ef1e676566ce2cfe1ce020dc4a751a74813578533aec6230 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c55eb8382350e55_0
| MD5 | 06b634900b607666ad64c9e31156be2e |
| SHA1 | b423838c02279bd56fe82a3ec6c6154c33aa3b80 |
| SHA256 | a72fa75eb81e0d8b48bbfffcec3d47c64c2ceb1390cfd0fccfc1b67559bfb42d |
| SHA512 | ccffc5060e08da632feb3602dd3948897406a9a4850a19c157e70fc0f31ff58d80b34e65556b12142c36cee7227a3ac16dc71acbb3a08e9c88d81704aec8e76b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | 384f0d85bb6714c6e3be6a81416834e5 |
| SHA1 | 2ea6c3fb56006f16ac75059c1b95e9a95220b22f |
| SHA256 | 26bc04531a648e2b8731a75d3020d81de124bc23206bd411beace51d0ba45a55 |
| SHA512 | 10dc86e09e52c20a2d0c36261ddbea67311b14b5c748f4bbdae3a8e6215e16b8281a4299fe0904a374595bcbf749426ff3c735f08eb4798bf3e057ab7096bb73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | 38a2ad1f5f22bcec7acaae586e62cd84 |
| SHA1 | c43ee53bda04f303604ef2fee62e824e281dc37b |
| SHA256 | 47eab0ee1afd81fa0dba0711c2275564ee62c0ee724d11956e748075f9dea80b |
| SHA512 | 6a0cc688a89884183cd58cf61a48c97209139f41b7fdda285fbfae2add2ae2be23362a72d5ee22ad2356b3422311885e78088dff53ddd241bd8d8e22075336ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64fa70d4ab69732e_0
| MD5 | 32a7b98ddadfce1cf98799d1fc1a8872 |
| SHA1 | 237ccafd134d82ae3d4893a69ae5fcf2277522f3 |
| SHA256 | c8d864671057bdc16f6464fd59b8f309d87881ef8e32fe57a9d77a8581a9eb65 |
| SHA512 | a64e6930aad154badd3b2abf88fed545865fa4bdd8824b4b91f0cb23555dc52b12602c992a98cba9d2f64a2b0ba26c4c5a2a3d5ab9e4b10f6b7687863d07e945 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 6422a17c7c17e678f0f0ebdb03a0170c |
| SHA1 | a7dbf03af4e9f24db7f32823c50819be9565903a |
| SHA256 | 5662b39973309a37fcc3dd1255b12975164cd495d16248d78aca4cf71d015974 |
| SHA512 | 7dc797716fe33101246443ceb5ded6a4328cc9bbe9bec193b19a73f6f2a5d1a3273a75531844a3bde42b460c3b50fb23b62cbe1444fe85912cd387ac8109ee0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0
| MD5 | deeaf477ea6a328e5adbc637b420dbac |
| SHA1 | 5871a70cf85074a3371672e2366eb2f4435c4e6a |
| SHA256 | 26c7c74dc73c415dba415453085e4de1d39ce180d6d643c2ed574b6c52f9d65c |
| SHA512 | 5b37136fb6e00e32642ee5f3ba8ac1fd568ce3542c6ec447c60958af96e71ebfc8b50a7c6d12258394b300a2bbb5a65726b3a6bf93e1f36f660db60fc508149d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0
| MD5 | 39808325afbe4a02e8c83391c0114ad6 |
| SHA1 | 5261e1b85a9736fcf24cdfd030501dd0e2a377fa |
| SHA256 | 3a756e62c7a2fcdf2fc1c1035ed19b78d8b48ec0d8d8dc03e8377188fed52a07 |
| SHA512 | 09da33a71ab1cc26aeecf62beab954a7989430d7f6fb7d3b024ff31402443331307a87a28acc5b977ff0b01fa86cc9a7bbe670572757069c6c10ab58ff8c416d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 0429c30e7d45190bdd6148b0a707a443 |
| SHA1 | a0ee4eab69518b81009fe7738b2360d6ceaaed8b |
| SHA256 | 9c0dc5610dd6381d4f22eff9f84b1030b08c0cabc6bba505dbf7061d8f24a795 |
| SHA512 | 3b2b3077cf3b5fa23af3098a9f4ce949ad608ea0b2d9e90b462d1f4edc2c877470df8b67e164c93cb3b2617d27dc41090be2e09b61422166e4c71a6e07c18e91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | 34ea5e663a2bc200674e59c4c5415523 |
| SHA1 | 934bb9582d2ed7cc8ca55570f46f204666429388 |
| SHA256 | 6773a780220181bbf4510647ccb4982972a43006116e6dd800eedf31bc077eea |
| SHA512 | 77e898de9a30f7507e829516b93c1f7b74bba52190e6e7c8f028b4f937c445cf162f2eed082cfed3ff47ae83e1f09ef61335ea1e3d571572a53c95d07e2e9be9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0
| MD5 | a8105870ea210e1be5aac338ddbce525 |
| SHA1 | 405dab2e6aeb2091d42dde0a7192db2d96205e6d |
| SHA256 | cfd678276b0b9d12b91dab51e5e7aa67542282d401d4949bb5f067827af1ef9f |
| SHA512 | 50c960bc76a0bc01152459cc515327700c61935590389b1a4bcb5e83f0d173194fb7687cac68e53acbe4b6e08b34174eefc33395787cfede15817a68a82dd60d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\058cebd5a298c9b3_0
| MD5 | 3c72e8938a850d2f5cde6f0dbe068a4c |
| SHA1 | 706a8ffec6f979ccb5ca17dc1000adb16dfe5c5b |
| SHA256 | 7085cabb8c82eadb85c6ef050f56076200d32a316967c10cf57e1a8eb0621e5d |
| SHA512 | 531cae54d1418f8d1af4f4cacd33747219939f515767ac1e20b81a1f18a13e3524a6d4987e56d33755390fe6c0f6a4b076fd0d98b2d6cbd3b541474f42efa56e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0503effc8bf0d7f8_0
| MD5 | eeb4c9a79930eb578b556c32f14d15f4 |
| SHA1 | ed5113ed228996a04811a08f490f06a208e8d09d |
| SHA256 | 2d0bb11d61331f238e91460adb558223d94f434722f90a232562288b81c720a0 |
| SHA512 | 39288b4d7a855ec8c2622f715ab2c05315e714a990563a9beb70c39ea25752a397bdd46220e799a70ee1019579b17e07ed36e0a4a79c512f24f42f47bfc589dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | e3d7ce592fee2da76c04129886381079 |
| SHA1 | 4714c214d526175c9b55c0fa8baf31bcfe3f5c19 |
| SHA256 | d10cfb32701b45ce450b7fc4c31c2aa21beea8ac35ae4fe04540fcd494e7bb25 |
| SHA512 | b8d31e6c592588cda8576fd84437ab873281399faf8d0da9657378f52615d1e2c7115d72ad4e67cf5c2c48f73acac230dd3003ea474f7741e5a70ea7308ecc04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71da22abe269277d_0
| MD5 | 4d022ae3f5cb8f63ee1d28c8df8d5b2f |
| SHA1 | 0c4ee5baa7937a125a9b25740ca46a69c59926e0 |
| SHA256 | 28ca1af4b088d9cd630c83ed95df16348f228529d5250684de7e593c27a05f50 |
| SHA512 | d58d6ef1ebb23074a71b61e5ebf5e6a89ad6a2616966a23a77be0b7d1f56ba9e13468af9712b654fe509bb518bfbd4c6a031f163a1f80ea3dccce609a979ba68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3b4df2e93c57d73deb9aedb049fa4f46 |
| SHA1 | 19ab7c0ab5a4ce4bf71e569d9b097291fa1bbbe6 |
| SHA256 | 9689edd8a91b7cb51eb2ccc7f416c9c08c0e1fa93139365afea954a29a436fea |
| SHA512 | c5fc13b81e792bdf1cff9bdb3c0fd8fca905e1189d72f6fa0e7ae3433e76041487226a26f22de6efe404744cec74dd803568ee13fb4c0e6d822cf3c1d30c6833 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11704408bbc2a42c3754d25c3bde836a |
| SHA1 | 8af0a7bae98122eb46304b90afac7be2a04479cf |
| SHA256 | c289dd0d5b86f7c214a0c467a8750ba1b26b79e89c1b970906f20e190bc261c2 |
| SHA512 | 0a5bb34f81318b3b47897852eb6cb0a9a124efc697b0ae542bf4aa29244d988c3d25446574576d74a2584d9788d2aeeeb759866758d5f34851667609d4b34918 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b
| MD5 | abcdc719204b75b443849e662c50e331 |
| SHA1 | e143b1671d4e72bb249c6d14f19429fef677a6e2 |
| SHA256 | 0e5af9beefa2af0ad9e8da592b4f9de8f29cce2adda77f6bbd5b41d21ab550d3 |
| SHA512 | 0f757179eb3937f1f610e8d629d3b5263a291ce975157afe364f13283e9e34c58ee2450e80f2d27ff12f8becaa64808e7542329663ece1064a15fbde1727d2e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f31ff7aa97435a63_0
| MD5 | 33786ebb1d19f0ac1dd5b9ef23b1160c |
| SHA1 | 000be7c59616e45c6c1c5287b2529c576c6ac52b |
| SHA256 | 65e1c621a89031b13a8b2632b7e009d2135352452e90302e4890fe3badadf76e |
| SHA512 | 1b031fd81d4873a0863ccd982ec6dc073249fec26720b41d45b20d3948ea873eb7e63a3d567e062be2b454992c6fce4a7d93a03d06ef27f0837201e49d308e7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bf4f41a4083c34fe8cf2c90023eaae1b |
| SHA1 | ccdfbb80c9f0f02355aef968f7443254cfc9d168 |
| SHA256 | 6ec26b98010a4bb509d4c0f5370c01d87c2f47abffae1cdf9bdacf1dd0d5fe44 |
| SHA512 | 170a2d1fa8847ec5e4452443a84515c52a0d0ff529d09e622d5ac39cc2dceb5c0d20e5d29c17cbc6f20e3697b00534f5e0e535400c9a69fb2bb6e43e5c5b67d8 |
C:\Users\Admin\Downloads\02819449-0a7f-4d7b-b5ac-05ce8e139d35.tmp
| MD5 | d4d8f4ddd6f5027daa136db211bacdd7 |
| SHA1 | be736bb8b784c03c46e71d9b7bf6f858d371e4c8 |
| SHA256 | da522a1fda400f019b847e9710885091cbbc945a57701aeb3f9f23eba86c529e |
| SHA512 | 640f791c090abed53e84c4014104aaef2947cb2065f443281033d5b844b7f37ad7a64fd7cf00ce193cebd9665fb64b055d8bdc92b0d1916ccf9af121ea76b6d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d140f357d3ecde029e2a7d7fc2d392ad |
| SHA1 | e443448815f97932ad44c5e7568ace953c587656 |
| SHA256 | 29f929f0f43a87b5e647dd119e6e9ad506f0056d610494511b41819da17600d1 |
| SHA512 | 9301ed165e327179af283f8418d9e740e3667832eced4d660725f265c499b09184e33a63ae1cfb008f54e5074349fb678a61de9ff30abdbde8b18b97ef10b174 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4ed63e1fdc3b13e1ff99edb22b36fb8b |
| SHA1 | cec890138727b35984181f397a766652fedc4849 |
| SHA256 | 5d6843284ef6d5f9e4e3dab17b0629ba0efd53972c40bf5901a9faea08df61ab |
| SHA512 | 3d3d7fa6e2f251410d583dfe0425160b7ed5e5564163dabb35506b8a7d339bcae49eca6a0568750862e25b95fe29220ed4df1028d177c292338d3f4d59f5ad68 |
memory/3780-2532-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0b0330febf0e81572d8a3751af5c44a7 |
| SHA1 | 1c57d912455f5d173e0bbda1172cbf088fdb8322 |
| SHA256 | 4189982b4f58431879d3760164300d9adbf1817b699d2e83d289e03792b191f1 |
| SHA512 | 02fc232e0de0dd29764d6c5ce8ed56d49c3d8e821c00bd61fb9db4e59bdc7226752ed7abc95d1f408bdcda1beb497c1ce177f40f9136f61b842f6fadee03b032 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 07aa57d4076942c48cb1b1a368177c4f |
| SHA1 | c3d33a196a3b1fcd5b60e6b60055a1e76de5be97 |
| SHA256 | cdc94c01f8077c9e571d9f34af15056ea3e10f2e4697dcc8aa15d8f98016fa6b |
| SHA512 | 529109d1ec67f3329b6e452dfba25e07d44b1b3390ba854331128f8674344965d6904d55d1a956ea24b641144fff3876f340795b4869cc7d3ada551d426519c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8f8d1618f73adfda_0
| MD5 | 2a5ad4a0e46ef0cba8337b01a7af5ad7 |
| SHA1 | 718613a284726ea570c0d1b6d90b210f6462e68e |
| SHA256 | 82dc841339eeea7ca8334dd6ca9d63ee92796f415fdf09715a708f5175487de9 |
| SHA512 | fe974e00bb0a3f2504421330f6d8b0077ce24795e4f952905e22916e314f97f73c4b849ec740b92ee817b925873f6aa1ed7275fbfb4ca42dee4b303e3b063ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 82f0056e911812db17dd644da1e1af73 |
| SHA1 | 4965798c9c3d38dc6b330f2c3c677864fd60bdb7 |
| SHA256 | 061da48c5700d1dfe6065eaefe02f914979d3558c441c57aed34aa64d415ca7b |
| SHA512 | fdf4745233514ef95c96c6259fd56909bbcedf7e47e411d3b59aa0bb0e08cfd74dd3a85d6633980ba40b7a2bd36dc8561d431103a40c914cefd3187da0b1f606 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 3f8b5577dc3a7e3e39d36e5df5fb5a68 |
| SHA1 | d28ebaf2e735c83c5a4fb84bb4851c533bf9a329 |
| SHA256 | 205a62b3095b1702b2195c0b507f826da10d7352247874b218ff7b1bd5aa39e1 |
| SHA512 | 816cb9cdbb38bbaa77a5e86372c08cb11f2a135625f4ddf952488e6ffdbc721a9cb119385384a8a88f08fc99746ce979380b0641b3a25e06afabfb2ca767e13f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 083f2c5b78df149d1f5124f140ac5f8e |
| SHA1 | 3606a32284e32fbf71bc6a3898a14c595e7907e8 |
| SHA256 | 575e5283aad8d65a42f8ef345aeb46488446e05626aa58b6e4deea759de33a48 |
| SHA512 | 7bc094a6c3b2fde6df579e0449adf8e9b96a2ef847ef092b3c26c85b07c521bd23e4981a1e2f89b414c13285accb161196b356c601bc4f6dcfafedbf06985077 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a37ad9a49149528a_0
| MD5 | 366094b5229ce73de0a0ac06d648060a |
| SHA1 | a64f0b5e36024861e7aa05a4a6debfb1e1f690e7 |
| SHA256 | ebe5bdb7ed342c21866642b93814deae33e5789adc6c91094dab232796c1dbeb |
| SHA512 | 242cef164fc4380ec791a69aeec8347b4518fccd63cf8363b12f10ebecab868a6291e2ca1aff37c3f74626433a80ee8c2c17a064104115ccfe48bd940022660b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | 2b4c36cfaa55ad6c01fa796f0957cad2 |
| SHA1 | d270f1db074da138054fb25257f7922fe066c9da |
| SHA256 | 0d82181680dbb15386ebc98ad4d31b2341d8fe9ee24ed0cd42548864788ae330 |
| SHA512 | b527dab238d74a3ca6689198dde5d5eab8947345fa4c7c263bc6f222ee7b93670cec058962e7a8752e60776fdb3b82c86d03b2d63f48aae204000e4f03128a4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 724dcb54370984f5faa8b8863aa43c2d |
| SHA1 | 8ed89d2dac363d8d420da4f370e8a0edde99ef39 |
| SHA256 | 6e4edb6c393901fa357c4d229f030f827f581f6ff44a9ebceb4dc0556b43bf94 |
| SHA512 | cdb8900a9f775799302dd1a7b1091839734b738fb1afd3914418ed26c6e8336054a4a86058a3cb8e3c78e8b673f2ec9df131ebea12d3b2a62c9f1fd24dc6ef17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59fc8adf66a76ab9_0
| MD5 | f9333edb62dc31cbfa02ee15f73677b0 |
| SHA1 | 70b9236a0619c4c7ac7dc10949551c9083bc2c82 |
| SHA256 | 8b953dfb6ea8ad4e83ed8db2d0c6c30af63853dc611c62d94f329b7b1b68ddf5 |
| SHA512 | cac7f7051aa4a76549299bd0965d47f988c86d378d5a4cb320bc5c7098d937fe48cbf8a17155ed582635382c6af1084fd79910bbc16ea912b47f446a1f06a6d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0
| MD5 | 42f2023a0089d2743f7509e9587d8ffa |
| SHA1 | 2ce66472abc160155f992aa4ce32659efab11065 |
| SHA256 | adbafb120cf72f4a9645e9402090e5c13705cc484e56056a34348f64f32311ec |
| SHA512 | a6abd3646214cbbf479a2357884f543c7c03761e84905aee15267a67b18403186b024b10bc874e29ae5c9592f397598233a334fcb208b3777be85a8fdbcbb931 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99110e9a19c3c06d_0
| MD5 | 54572bee179d2c217f2a84de637c6efb |
| SHA1 | a96c32af63fa90bccd4d37197457103fb0f28a1b |
| SHA256 | bcde2bdb666bb0947e65a96b20e0a122d1da2114930056eaccc1a3ec00aa4f1d |
| SHA512 | a8097e6afad06a668dd1b6a43abf2fa3f5bfc89465433d5970507ee5daf8b7b7ae86d764ce75431c36bbb7751c5f5348603e3ef8374edfacc707400e7aa99b7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | 84aa12330b1e6d176a45bb15c632eb07 |
| SHA1 | 1d50e904d1c29ca0f8bdec57f16c691a61d95e86 |
| SHA256 | e251c642f285ac0f745b11250660a660497cd2865f4090505e6abf228a114627 |
| SHA512 | 8ed92dcf7230a3c518555102522f79c4c94d75dfb1089cb172021a68225df87845411a67cb8964b489fc524b0b21ca156da98c06e3c519ae4dcc3c91b0fef84c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94f93ada55bda7c3_0
| MD5 | f39d175e070cf7bc1e95dc8d038d5c8d |
| SHA1 | 0ac11e9fbf0db3e7833c05072d7037fe3295041d |
| SHA256 | f3e3eb06f44a4bea861111c350553c067f3412669e8122c5b6b8e1a2147f0ba1 |
| SHA512 | 46d4e0149bb6870190acc9fab935b05c3f40cc3af03ecb8a30d6456a5777757265f611107ce90f2d0aedf6eed2d349a5e0f209ceb6abf059d80055ac3dbe3086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3d18be5d494e38e_0
| MD5 | 4e798a5ccf0045a34494e8c8e3e54d0e |
| SHA1 | 2151348bbf450dde9e12586b17dae301f9e59c29 |
| SHA256 | 99a8b4ff418040f7c0dd186ac949025f28af143b7fe1befe5bfd0d81843b08e8 |
| SHA512 | bfb208870ad02981a61c3b5b85551e44ef33a83a80985773c25c865a9951632d994a4029c88b2493ac346164e52194914923d882424d070a7f20c1de5c78c06c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\960f838b42b585c9_0
| MD5 | fd1efc0d51203dd8c8abe7cc79062ca3 |
| SHA1 | 445bfce136bef2c642841f063eac977ff8a747a6 |
| SHA256 | 1d2a6344bc1f5131dd423c6223dd239cc9c7d4d724479bc73829bbab77fc871b |
| SHA512 | 0c1dd276339717d18765bbe6bd3ca545df0c9a2375d50476a0d20d2bdce0ef9190b84e723ca739d130d74fa83ac33dfb82b54eff822a4a3fdf37b4352730d1dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0
| MD5 | 6793c3288ea5b45d6ea8fcdc6b194534 |
| SHA1 | 8d29062fbe73cad4e1c7d786d25241a0d980b226 |
| SHA256 | cecb0f103a38729b6276dc9fa70e2fca472767a5abe6d7ea97e97b3238389443 |
| SHA512 | c1e93a878a971137e257e5d3743f8ca0b894b0ac41e822ca4f1c8de6182fb596edd062873604bcf1e4a2da3a248b3fb38d32dae6a2a1e9c9e9d3c01dbec368e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e372ed831f9bddcd_0
| MD5 | 6ac5d89b0c30b54de51e59d2a384f90c |
| SHA1 | 2a80c76309b96324bd707f7bf4c8a4b5450feb54 |
| SHA256 | 8e76d59be65af88a12e2f9be4f3b314861d510719d1b5b15cc42549f9ec586ab |
| SHA512 | 015046a33a0dcda03110018bf5f3395cd946a7404a0d67fb5b610ca865585c1959f3213633994d181f8f1573af6c79fcad50500f15d9bbbc80e079381e551147 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbbc3b076556d40d_0
| MD5 | 60ed31e0bff02790ab9d1edcd605fc15 |
| SHA1 | 7e8db6adfe8ea2b3cfa38ebfa2dce28be78456be |
| SHA256 | 5678e459ed2ef3b09c147db602ff68cd2fc321a562cba9793cf3fa165103c633 |
| SHA512 | 976bbb0d04c2caecec101e13446812f92465efee48860f27b93800ccff31957fdf446809e941af9f87fa22bfe85c7f5c331da58305ebafc48dce06be3cd22375 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\62f20db8aae8f96d_0
| MD5 | cc3eecc98ee019e24bd8617d9be83c40 |
| SHA1 | 1cbf772ce69bd60d4e0ce3ad8fbf9871b9b03935 |
| SHA256 | c8d843fa21a310da034e629d5932a9268349a81877039e0e2f658e2767ef6fcc |
| SHA512 | cd3e8fd950a5c307a07675270bfdf8b26b7722933ae6bf5c9bb897229f4b5e7eb007c62ed21475b3c45bb7cda83f5886b94fbc6d31ef2fe910976cf6e3bd5fb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0
| MD5 | ab6397c4defc6bbf501a98a49d5208e2 |
| SHA1 | f2fe9a3f094cbc95748d2a83e468db7bd14c8af9 |
| SHA256 | 2aa71e97ecdf328628df669d71f602288a2513fd5e4e4beb61fd055a7ed6aef7 |
| SHA512 | 945d223e28d9530e6f65d6ffaf90fc627f7d8f172eaf367c480661dd8ceb26c123ee4fd14f3eacc99b27199bb546ad63f611fe230be4733ce6c8e6ba11b895e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65a17db215bfc27c_0
| MD5 | c543ee9bfe4aea63c7f72fa92dc7fe63 |
| SHA1 | e653c293749bd3713ab5d435c7ea86afa7aca729 |
| SHA256 | c196d010fabfe02805cbd859951b7d947c3d7ba5e4f434288e9dba432ec5177f |
| SHA512 | d23a79a45d26a9521160615396849fbee5caac49b7ec41a82040169f909d83097c0f49d22f948dcec019b504d4c9bdf07abee14f823aa05f90f0e09e863bb631 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ac673f66e12ce14_0
| MD5 | e5531ee422c2541560e1091208b1752a |
| SHA1 | d980e744fb7f47506a8783dc2f32ee108d7e9773 |
| SHA256 | b28dc72c64c16641f470c9b0517f53eab631131c30ac63bedb4aa557cd47bf30 |
| SHA512 | 157bcf6998b4f873b855966ab30429622e420c4ffcc921100a163737b48795be0f087defb76b6c4a1a18e233f5305d7699a566261856b75689840e936a82dc62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\632e260441be7404_0
| MD5 | ad90f510eb3ff3020f76b36ff77c96ea |
| SHA1 | 3b2894cc7e3bba603031b2ed4c36a3aa4ce7cc64 |
| SHA256 | 56590b9f1d5dd87fff3d30aa56b207efb0ce97e80687d9dd62b8423147b00539 |
| SHA512 | f6ef46218e1244ff9b964508c81fc4ad0cc5297caf9a5e33fcaccf62054bbcd2ed0e8ca41400191858d3058458d99efdfe75962d9b978cbfca9a4b285f3564b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90baabe8c48de89a_0
| MD5 | 46fc8df3618d2a5f5650636b91cce268 |
| SHA1 | 9517eca436b97d4539001f0c655f798600ec8011 |
| SHA256 | 4602224f9bb33818d65795d6f41fbe5370b4e9ab92276234fcadadea55e08be2 |
| SHA512 | dc5a225b4fb2529cfdd237364e85a40a576ebc0810cb1631aaab21cfd74450e89347b7aeef84a172ff537d8eb4e07f2f6f5d67c35fc98e6353d80a0dfadeaed7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0
| MD5 | 1d375d8cba7492717bfd7cdf9d4533ae |
| SHA1 | 30eefc3e6edef836fcc0b5defaa23748d261921e |
| SHA256 | da4bc176493afa19e0bb647545998667bbe4959eaae9a8627ef4ef5bd4dc2888 |
| SHA512 | 7bf5e4b09b7a74839ead91251932500a85cc339bf2e482e36f8a1e615bb7d7672a601a0cd636c294f40cf021650a739b7ce71af8e7d15181e5f42ed3d98d772c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 188c6b6931887c479d51181b87d9f91e |
| SHA1 | f9c0d9d1a71f1207002987179236a670ae7e19bc |
| SHA256 | 476140e13ecddde05431745de3a0392c8cda9e7b35ed23da8ef7237662f477d3 |
| SHA512 | a04230c7fe23fd06a1c2790b337a10e92c8ed02c5a624e09adf7a35bbeffd9541414cb9d4c33300ae440f22d12dc3bc6f65beecc5b239813b29327a7532000cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fb270254d25b9bde32904b3cbd9364e9 |
| SHA1 | 5df9eb1cd8fa8ac94d6e135c279cbe7d34e208bb |
| SHA256 | c3e3f9a2a9dd6ec62a73d345f6784439383090d93a4b20b2a152a32a9c00022b |
| SHA512 | 2ad6d8095ad5e9755ce1090105a4dfaae3e06212a17fe07690d0e7b36c880dfa8fb12ec035c5815354f6c77bab308313fee5081059b218aa3b6d5b6ccd2a7262 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a7b1e36a3def5454e5e6793b6b203e66 |
| SHA1 | a0e832833d4114ae785a42e85178e535d423f1a3 |
| SHA256 | 7c7f7b9f5e5c41aaafd93bfe66f50366271cd15b80f02b6157d17e79a1e978ea |
| SHA512 | f193a76872fcbaa7feaff4b02f12d924a66a9a13aebff76b5147c7a3c3cf14f4f7fd4f196efbade5e7a131a66826ab63c17304c285927a9f2f59f4eb26e68c9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3ff3c990390fa01061f633b3814b1efd |
| SHA1 | c46d040ec8deee02d8eacec8c7c3a861501913d6 |
| SHA256 | 71bd4e85cc5eabfd42964f6fa9d50715bf4f725f0ac26c4ab3d0f71004c4975a |
| SHA512 | e67eb51af41bac75364eb3bdc878a9ea0e9f5076bd4615d45961f1ed90614993fd844b71cfbeebdc6df375902172a96fe411ce22dc7022508c2ba31ebf617c38 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6343e0e230e39b38c3387509d061b3d2 |
| SHA1 | d8fa3f9db582f7316f843d95963e194e500e67a4 |
| SHA256 | 44c3d708dd2447f7abd3d8e2126b4fb6024e10da07155efba94c1a1c57a1e461 |
| SHA512 | 949ba734df8a771b0882392703b1b0c547350996d800158d885f40907f1aa75d42906ae472cae4cbdabec7e904da97a6e822227df2a627b6ae8dcb6f3de4777b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cc2f0fedd3e9608a_0
| MD5 | 71be54c6c1ca1b0f44177e3f0c23f989 |
| SHA1 | 9940d76579822e149d98975c1c892e7ca1c46e58 |
| SHA256 | 2cba6f73a402e72128ddae33c62701d19304bf6391fd4e0585f12ebafaca5d0f |
| SHA512 | 514888d0a6c8354196bcc085076920989f7ff356a86b2195e12fe79aab39757d94f5943d41924555e32755b49f0e8a4f2cce7fde03ae418a1c7abc1ecbb1482e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 09d2eeb8b5e0bad5cb430aec61c6969f |
| SHA1 | a308fb1310b5a3ebd1f1eba08f72708477b04487 |
| SHA256 | 34f1dd8588600bd8fc53e5fedeb2f5954daf4b6d863da72ce3609b3196da59d8 |
| SHA512 | 1c4f10c3127d5dfb7c0564f15a345201f0bac0a246fc63b052bbb25086c918aae164b4b94295fda00f23b5df1b3b31874fc0b381a292510359b205bfbaca485b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a99e5c892715cfb6523fa6c5fbe88a6 |
| SHA1 | b3428306e29bb93f99b5eb030e03c3d63b6c6c45 |
| SHA256 | bb83abb41bfebe89f21f9fb913b9936be303566ac90a483787d228cdddb94c94 |
| SHA512 | c76b22fd1fc75301bebf285469a619ee81fbbe98ff1a8890fe8b7cb7f6a71a58d4f5b03508913bb2bf6458e70fc0d7ac00113171f216919a995dd58f3139ad15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d28b0a37725d279b232684bdc7b0ad0e |
| SHA1 | 5250ebd84247d4ad51d84ac680c3117211e0f6aa |
| SHA256 | 92fbdccad3f3acc0384e43733e8633a7cdd2727a83d95995f47f07a3b3b11764 |
| SHA512 | 4b2a5430828c2acbf05cbf926d7ac1c94b3abfab6e61ce8b2f774ca6b200bb94982523a42edd148c15be96849e20ab4e0a4cf3cd896d90a58e205e0353150703 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87e1ffb07d850b0f_0
| MD5 | adcd5a3199987f053535b5aab54cb341 |
| SHA1 | 175af424e762b36ad75ba03de1666c374c980a23 |
| SHA256 | 58c4928401cf04f6b6e45ed4aa5a81cacd13a20471c79a3129fb31a21f88f502 |
| SHA512 | a8dea23e73bcd00581a6994edc808b0117310866a494c449ab1dd56ec7911104a12b18fb12b8827602d54264e9fdd454c95ca0ad70bd3f80da00f578eeb3487e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5666b24e92933f3_0
| MD5 | e55c65ee52ee4d3b78e1aa3673737430 |
| SHA1 | 96b1af46420b7cd15f6d75de4d4875e3f4bc2ac1 |
| SHA256 | ce11535071dd5d11655787ca262a28098c70f5d2a614a6760ff1c8169fc009ea |
| SHA512 | 0de4f28bbe20fb16c68a94f485efc90601966e0107e03d8495b1afdce0bde2609a854f89cbf70b87fc7dba007be746792a1b6d5c3d1fa5913342f29adc7a4719 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fc174c61328ee54c_0
| MD5 | e82f3b11f8cf4835217727b89d12648f |
| SHA1 | e5927d243f0a3bdf03560a3bedba187ab4fc4b31 |
| SHA256 | 956c0618cbfb8a83e84973061386fa375c6e2f9044a8144a96a044908f17fb0a |
| SHA512 | 44939b0365ca7203ef43880853941d9ebf5a68a1b22dc2a16d01b48112b0800f1120a2d1c2f9e966ec7a25f05454edf59d03968946e8e0cee4b662a08c822673 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dc5c2ad0f7f7f332_0
| MD5 | a3a1793c3a55cc7c4434007436a1b8c9 |
| SHA1 | c8ad96182ce10669be598f1b00ac08dba10d4a02 |
| SHA256 | f66f3fb308ef55c60724b13f33f2c9f3ba312ef756f5fbbb70082cdfa05ceabd |
| SHA512 | 86f2b4061d9d7d068a6b1acf9553886a0804bd0104770fe56c7fce00c9fae1c1a876ff03a9150a3046eb0ec195a1216ce7f3e09bcb1c98b1331fb66282cb555d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f38a3b47cfbe4f9_0
| MD5 | d5cb94fe6f32fec9286cc6e8b2cc0304 |
| SHA1 | b76aa89065d6e9a4fe222d3ad32d43b1b873a19e |
| SHA256 | b8e956734a2981e1ca7f43c3053356239a126b8d025426ab83ed94419ca8401b |
| SHA512 | 870576f9bd1c05bd441941c9cc56c6e6b33a94017af05b53850f66e25221329088b36f76b5f9f1a19d2ce1aa365b4cfbde5001beb80dce65be4d39ff2533c574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 71dd2798ac5e90f1b654cb8e5fdab58b |
| SHA1 | f293e32c70493a1bf461ad5ca58738c595a18c78 |
| SHA256 | 8afc03691087b8bfb52425554bcf5a9d27d0943506b1264452a084458d7f3537 |
| SHA512 | 016d6852a523c5fad482c25a334214bf90e106e0aaec836070f1ea4ab7f978c073e9e4eccb276e76d647e06ccba7301fc7090916c6cfd8a02e0dd4b42c29dc45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 740833b47ad406fbd415fa9c7da79445 |
| SHA1 | edafe70c1451c5ebb28bdc6ac131988c99befcf2 |
| SHA256 | 5fb14eb72614e55ece8332ff65f98c35abe2807d1a336f93ac0c1ab1687885de |
| SHA512 | 6a550f34210a86f5f0d394ae87ccad095bd75a66defa1a90fe301bbedf2e9e5f55455ca76067cbfab02cae08241c82de228874e8b9076d68230fe78d1d01349d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | d1eeb64412bd3dec21dccedad1d618ba |
| SHA1 | d69a5b2c90aefe6af091c34a2cca3a93f1b20275 |
| SHA256 | ac809c583672e1dc8d2ef12bd2e14c3f56ac462dd105d894eea70c247bdfbe84 |
| SHA512 | a5408b8dfe5f43ce0839e71cbcc944b3f917ecb3bd1c8ac94cb6fb35bffd8e04ce10f19d9e202d7a5d26ba8080767c351f9855b8cffe462c9d14a7f8b7be88c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9bb012a5d3bc411a7cfd95070d319d2d |
| SHA1 | 293e6ea42823e26f6b27aad3ac557196cf6f6681 |
| SHA256 | dbd13107e64d0594d9a379b72bf2ec08bc6a79d126e4659b3ff87251b3dc2ee5 |
| SHA512 | db74fb431ffd33f3622bfc12c84fae41b72ee09defdcefa2056206cc98246a8734dbc1ed8b96c3256d94df700fb6fd99ae05d366a812823e2df53ab474ecb25a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 563b6c93137d556822cceffb74868de5 |
| SHA1 | 3e532164b521e8f0081ed312210685a6e2180b9b |
| SHA256 | 9c55277ec2fc288d2996e6089fcfc0435b091d3233ed43ddfb360293bc0e70de |
| SHA512 | 89e0220aa4d38eb914e4f7e4e791cc7ecac0016f125c2c6f5e428c28add1ea522aca69015b3cc479c7fbe7016b838456ede9abaaa82d875341ed9e3e799612a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3656f7ddf0d78d64_0
| MD5 | 5a832ce2b4b8b9926bd4a57b58393c2b |
| SHA1 | 3f21d480ff59dc620fdecd96155d2c4c01f0899a |
| SHA256 | 8fb2144140cffd41f13542114fa4772622ae69e9ed77d1f078afe2e563b5a4c7 |
| SHA512 | 221fea247eb37157292c767cceb171c94568b9a22a918ba46579405b3545d2caa070407f3a4a27dfdc5a5748ec5bad5f174d075b4bc8be41db8c7ab39a339da9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6920e62dddcebea96f697c916b0e1a07 |
| SHA1 | 37b4496e31186964226679fc61253a164043db69 |
| SHA256 | 3e50a90a76b03d2caa6a09773115dc6ecd218fa6cdf30302fa9e8f094e688373 |
| SHA512 | 3721d97788bb8d61f3af5c72e958304a5335a4dcabeac6a4945a6e3b43a1fccc92a36f3f23f992207b068994201ab960f87d04db8a255380368997c8768eb624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 41b03d11125923fc8be6806086f6721e |
| SHA1 | 0f790d1b3a4b13ca1b6b20084efaabbad9748dca |
| SHA256 | adf32b8bc965213f01f1022743c0eaf9a8ab0d935103ff5ae5eee92fbd2a723b |
| SHA512 | c3f1839d3229495c8078d67472771e9f4bd9d209a0a903f55bed8979727aa5b0235909faf5667cfc5f1e15b0f2d0d04f0ec6716ce1b5fb2b7bd882e8a41a84e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0
| MD5 | 6789f7465c0763cee1dcab27baacf036 |
| SHA1 | da313952f92d977cb81a4b6d7931c220e7d84008 |
| SHA256 | 2b706fdbddffa2657a5ffa8639a08b9570c4a0ad2238891cc7faa2fcfadbc9d7 |
| SHA512 | 4223c655fbb568a8a5e1f4520b2b66670b232ff05e537b145211ece50a3dbef420f5700bf98e4bb460ca15320b8fcc35f31f1179484c3b4b8b3febf6543c6868 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5deeb7b1f2610a5244c574fc5e63cb2e |
| SHA1 | df715b8fcb1a21a618cb1f058395f7bdcc8653ec |
| SHA256 | 117fac56314d43155009a511bc9d2047abb410b771cb35ba8b2336ac381fa6f1 |
| SHA512 | b0b24d9e6af44d60ceb0eca7420e2390379381f789979cff46e74e13c914d8a914941a84b5ecf2000a639fe3e681f3f5edfea6c7819e3ad2e151c1ea70dea759 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1dd9462904af6d2d1c35076b7991fa76 |
| SHA1 | 9fd70f7ddf55479e5f1d1a378b076c172ea7f2f4 |
| SHA256 | 8c0e9deb1022dbdc789b0801ff02709fcbf877390fbf4e45d97084c9cd9db437 |
| SHA512 | d686cf7630224cc72324db0b5720b19f61becfc69412b83bd037683139015a7560aa6b79deec6d41ec8881205727d11ed0d1ed5b1f33bf38fd123a48a1558184 |
memory/3780-3793-0x0000000000400000-0x000000000075B000-memory.dmp
memory/3780-3813-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8bd3c318cedd2c27d5d32d553fb7696 |
| SHA1 | 7e8146ec1c4da334ce60cedfd1043b5639d24940 |
| SHA256 | 88567e7f03183d38a5794bca23ed352dd565cf0586e47fb1737cb50ee28b3a36 |
| SHA512 | d65dcd303a2d0df22752f848e06ded09bc4af51d3c7652a964084dcca7bddab4fca353834593f91f86f05c1653ea5cb3fd27b6809fc3cc385c52a59a1c5a2c67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a290b4182e12c6adb1caa4de0c70e1a9 |
| SHA1 | b74b7b488b8e42a524301cecfebaf3b66548846a |
| SHA256 | 7a79319819d75a94be14db3bef91c5eef6ac6e54d05e7b45a62c9586a78a7c5a |
| SHA512 | 5ba9c16b4704c5d07733ef05623d2bf9c1141d284d985427302f984a6611fbaeb860bccce2f35fb52ed2ca25cae13809e14bcfa3e3dc76896572e1fc98a39c11 |
memory/3780-3866-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3c5280c0b58d2a37f42bef9838ac4387 |
| SHA1 | a6d7a3caf49fcce84f666b0ae413dde7bd50fa6c |
| SHA256 | 8b4a023e0bb00a87cb779c750873e2325a25d6ac7d841a126a2961c5f1b1aed3 |
| SHA512 | 0b1de806b1a3bf70c37a2224786443848a05fc4de6e987ed6f7697922b0642f030a210f8b23b49e6dfaef4d343d740c9f785c4982be4ebc4be4cba482c604f92 |
memory/3780-3885-0x0000000000400000-0x000000000075B000-memory.dmp
memory/3780-3886-0x0000000000400000-0x000000000075B000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
| MD5 | 2c00bbfdea92879677a02f000982bdc9 |
| SHA1 | 52cbd5c1ed710dc77174156d0ad4a6c4c7c64321 |
| SHA256 | 8fd2ece0578fa7319112a9978cdf3ae3216290b77a1b68d60356477f9f473c43 |
| SHA512 | d4d84a4568ac12fcbef3dbcffb508c4d087dc0243fd74a9384a229c4932ddd399263f6ae8ab06b69c765c411f7911f3fc5a5e127c7577c9bc3b4d564c24baa16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bcaf60e7f7958412122016c743033fc4 |
| SHA1 | 37037dac3fb3b3444dc9aa38c809fdceecb5e692 |
| SHA256 | be67b6d576e81da76f7f1c1c247873cdade000e61f941e4279cc3d5fb1dc7cd9 |
| SHA512 | 749b047a420ac1054e30984d981ea02087d8e6dd109762621eac6abec7ee7ab62f756aef47708fd0d3eb0cfde8df4f2b9b96925cbec18b21fa210bc179739f7c |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
| MD5 | 68ac216f38a5f7c823712c216ca4b060 |
| SHA1 | f6ad96e91103c40eb33fd3f1324d99093e5d014e |
| SHA256 | 748d48d246526e2a79edcde87255ffa5387e3bcc94f6ca5e59589e07e683cd80 |
| SHA512 | 9b7dce4ed6e2caee1cdb33e490e7062344d95d27ba48e96f66094a3413da27fb32680dd2e9a5b2091489780929c27fe36914210793fbef81dfb5b4fb1a9b469b |
memory/2684-3933-0x0000000000D20000-0x0000000001108000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\eula.txt
| MD5 | 1f286ee31c288e8aae5200acc5b519b4 |
| SHA1 | fe76c325ca8a55e5354021b416ffe3b78c625fd9 |
| SHA256 | 2896108090c277cbdb24b5fa6c87e6aa77bf4ed986f4b3ae4da0720c8de61ed2 |
| SHA512 | 45062a327efcd0fe051940b950388ff58f5363a128c43b85fac3c9352b918707accaafa346292d62fe6f02be6d0366eade2954fb867fa48b3a50b510d72c12c0 |
memory/2684-3964-0x0000000010000000-0x0000000010144000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\REGCE0F.tmp
| MD5 | c6247e9f51d328f2d7d1bcf2dde15ae9 |
| SHA1 | 66428b3d3a9789b980c7a820fb72ffb31e200f8b |
| SHA256 | 8540a5e828472342d208efce8a59cb130f735331eaaac4dda3a5ba8b4dbc17fd |
| SHA512 | e093d2d3c1826afcac9158e9b5c98faa03c3a1d5642ea4f97cd93a8755d3f5be594651f3c9fbddd4df07850c13158fc84bc7541ebb84a501086f3916244523fc |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\GetMachineSID.exe
| MD5 | 55bbf335f75f2a2fe0a5daf603964d41 |
| SHA1 | f1b9686e8a9f10682722fc5e08c02c016b597804 |
| SHA256 | 723adae0e69127a6bfbc65c5ef552a351264205ea5e2bc3b80e505feaa5d0e43 |
| SHA512 | af49055234cb4a0ddbc68212db094c7a7a1058ccf6a1a5830238fe3ff96fa35390d242322436839d6d7e419bd9e4ad8962e213222470625cffb46423dec44db6 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG1.JPG
| MD5 | 3220a6aefb4fc719cc8849f060859169 |
| SHA1 | 85f624debcefd45fdfdf559ac2510a7d1501b412 |
| SHA256 | 988cf422cbf400d41c48fbe491b425a827a1b70691f483679c1df02fb9352765 |
| SHA512 | 5c45ea8f64b3cdfb262c642bd36b08c822427150d28977af33c9021a6316b6efed83f3172c16343fd703d351af3966b06926e5b33630d51b723709712689881d |
C:\Program Files (x86)\Stardock\Start11\Uninstall\uninstall.xml
| MD5 | 1cfbd068da3cb74f1fda9562fc3d14e1 |
| SHA1 | 50a21af418d4285e3d4749421a0b823b728e6066 |
| SHA256 | 4ad2811754d467c6e5142a2c7d38b15acc8e732e7080476fddfbf17e850e6ad8 |
| SHA512 | 9d416b01c1b232f9842db70d5478796729dddc41a4e24861f387e84b61424b040d2bf61359c04ef31f640533313e2143d005950d2837fa737421257d07b99c8c |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Encoding.lmd
| MD5 | 6eec47ab86d212fe3ed0f56985c8e817 |
| SHA1 | 06da90bcc06c73ce2c7e112818af65f66fcae6c3 |
| SHA256 | d0b2fa60e707982899ecd8c4dc462721c82491245b26721a7c0e840c5f557aed |
| SHA512 | 36d6ef8a3fecb2c423079cadbfcbe2b044095f641c9a6ce0f9d0e96c6400f00a089aa26cc9d361bfdbcfdc3a8487d18d64956b36f39320648d1ddb565221a9cb |
C:\Program Files (x86)\Stardock\Start11\Uninstall\uninstall.xml
| MD5 | 9ff7c1c95a84bbfc6ac11d220f4e0c80 |
| SHA1 | fd2a92b9eb7fd2abfcdc0202f925393099fe874d |
| SHA256 | 4ca857a063b29b9270721f4ff710c73b30af6e49f8046a2f05d2189745c95182 |
| SHA512 | 3b63f0c1e15d38b0da6f0bea4c1eb8b72af81444745565aff2580fd03c99b2cb242a4ecd2cb9453cd6b19016c18b0267fdf1add20f5283040e9a0ff5096e9094 |
C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
| MD5 | f70fbcc9916e38d414157a0deab1c4ef |
| SHA1 | e7da005c8fbc1d309b28902cd2fa3d11022f42bf |
| SHA256 | 915737d623601c90fb63745a2ce2086b0b6c9551ff3e4b0156d705d8452cb95b |
| SHA512 | 50ca193c257a4c2b47d024cd9a002473aa69b64378097677b1265d456716292aa8d27d780082227aef2629970f11de3c4bd5d2c5073fe3c25972d06ecf5b52ed |
C:\Users\Admin\AppData\Local\Temp\Start11 Setup Log.txt
| MD5 | 29967b4b541e85dba3fe9199e3b73985 |
| SHA1 | 9858780bcf57858f483064a5b61991001b6506f3 |
| SHA256 | 6493258175ecd1668e3c865d2c0ef98319ccfc2720e75db8b6cdc219da3807cd |
| SHA512 | 4fa474fb6fef287d219bea0cbd704065a99de06938c04c21b170046840e473a27738157747b9707498a9ab6cbfe2124784229c28674cb39afb035dc58418a56a |
memory/2684-4702-0x0000000000D20000-0x0000000001108000-memory.dmp
memory/5788-4704-0x0000000000F20000-0x0000000000F34000-memory.dmp
memory/5788-4705-0x00000000058E0000-0x00000000058EE000-memory.dmp
memory/5788-4706-0x0000000006430000-0x00000000069D6000-memory.dmp
memory/5788-4709-0x00000000060A0000-0x0000000006132000-memory.dmp
memory/5788-4710-0x0000000006080000-0x000000000608A000-memory.dmp
memory/5788-4711-0x0000000009430000-0x0000000009BD6000-memory.dmp
memory/5788-4712-0x0000000009BE0000-0x000000000A10C000-memory.dmp
memory/4020-4714-0x0000000000E80000-0x0000000001268000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\suf105.tmp
| MD5 | a79c6ba303e65c657e7ef11d136e7601 |
| SHA1 | eebdff8a440480d37c99936d9d2a77655c9b5a5e |
| SHA256 | 9ac8acce76781c55051eab409e7cfd39fb34b344171ee6ed69c85199b0081329 |
| SHA512 | 26c640b0bcc48f7be633289f8de0420c0678fb1e036450ac40e5d0223a9d42f7033fe35718022038651d193c0aba8412562d2b7d31b5c076979cd575cbc6b322 |
memory/4020-4719-0x0000000010000000-0x0000000010144000-memory.dmp
memory/4020-4723-0x0000000000E80000-0x0000000001268000-memory.dmp
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
memory/1556-4754-0x0000000000E80000-0x0000000001268000-memory.dmp
memory/1556-4759-0x0000000010000000-0x0000000010144000-memory.dmp
memory/1556-4764-0x0000000000E80000-0x0000000001268000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc56022ea08e67d5882f92e98f59f3f1 |
| SHA1 | b7c2326c5d42eb2b8c20016b098427d2d195f338 |
| SHA256 | f99ed54162639bd13255a7ba901df7b2d86caa485dc5c8f8dfd0800be4cb8b29 |
| SHA512 | 5f602ee3c8be65534e56f14e397a5b50e2c213505711aa4478c09b76c0bef92f219f00d88484f974f484e51f0f9390c7ef15de1916747764d36a79d1f6305cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6304fd6f9e3c8050_0
| MD5 | 9b47e0307470c0b9b75e17e85d65b9ed |
| SHA1 | 9eef7186a317cc30a4d13f4b3190e1789f67b2b4 |
| SHA256 | b1e29f81fbf1042e5e0dd3859b4ab8ac5cb083c0fb08c894a37896b3701245af |
| SHA512 | 33d2d80ea847982fb0a5b4adfcb03fa4757840aa3f1e554eb17d5538e5881e0c58a1186a9d58504d627ce9aec2cd3d8859929edcfb839c9328ccfde039a3d1cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5de9f44e801f6134_0
| MD5 | b2144667baa33a28ddfaa75e55f2b522 |
| SHA1 | a42a5a9a9cfd6348da7f1a6a98aa3705aceca8f8 |
| SHA256 | d73d4bc6d2b283d9dd01cf5572afbc281b6f48d31a913cd3fdb3e8ae012ef51d |
| SHA512 | f42f7932c9ea7ef1c76e43447405a735e78d860c1e20c6e87dd581c5e78f824cd0cae9fca2618e9cdffc8bf492bf3358218033e16c701f487ec20fa523ed9e90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | db957687f1998ff62e72f727797ff2a5 |
| SHA1 | a970271747934bead4b4c4517dc847fbc1cf3d19 |
| SHA256 | 74c839f823f52a7a966a4930b8da76175d3f64c5f21418450c144562842cfada |
| SHA512 | 3af05f3b92e515f37d9ac9c0df55586d7c29b4cd50e7cf69d8b11a9e5b3539fc3ea9155f7eaee92425a4cf3e50bef64d90bfd83bbbd81ad3bfa883f5bb9122c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c4f65df5f9a3960c5779266a90395d8 |
| SHA1 | 3449416c7829b816b95814ee9c9e1ef90428b17f |
| SHA256 | e053455593fee0be988017750c144cd33727788293a562eea99cdc437e7262e8 |
| SHA512 | 5daa7cc516ab1371511967a0aae958916d9a8c55974ff200d839954b2f52313aee1938c4a026e20840b83b0d7d03f9e4c27c9481c65fcc59bcd353c7067665c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6fdff8cc23715d3d7f117bddf1859c5e |
| SHA1 | 91f80c2703bbcfa241a4b71d1b25971016624c45 |
| SHA256 | 3f586ba1e35ebe274270a5fb7321645bc4f7f3f29612a7c63a26d9bb9fd5194c |
| SHA512 | 7b05ce66449eabc4081988b221e4a7ae8f27d5fddcd9800c4d61742a71b270f67f8d00ba26bb7ba5c995867ad4660ed13ea3147c221b12e93a9b6e2e1f7f944c |
C:\$Recycle.Bin\S-1-5-21-3433428765-2473475212-4279855560-1000\$I13B9FI.dxf
| MD5 | f1418fbc851fa1f28acf2aa0a83abaf5 |
| SHA1 | 2a432e5af6804fb809fead659435d70691981a7f |
| SHA256 | 5e3b61b24977d33b6214dd9c54713c17e1c276aa31f143455027e6b45d9ffdb4 |
| SHA512 | b9ed7859e1b664fbb97e9f8ea0d61401d71b6a43e6f8561215ee52711038321a9cd5e596e04f10409c6c554efd9565b1bd7135ce55d3997cc5a174d9c4fb2fda |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
| MD5 | 4c5525f4ffb204342f557c5499ddfd50 |
| SHA1 | 9dbfe67cab26057603068368eac89f3bec8b9c0b |
| SHA256 | cffd2984e86134bc6d88af5f92169709276584205fa52d1498e44581f99d8bec |
| SHA512 | 8ece002c9c5cf1d91f6fc91b405c875bf16b5118dff78d9a6e415e2374782570de0b1a66cde7a634bb636d7553b31d7f4c103304b6205db853b5274c022237c0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
| MD5 | 58f6859f35b846bdf57df9ccc199d5ef |
| SHA1 | 1f25c7907ee2d2660396aa04a68c61e358ba205c |
| SHA256 | 4a2a774a7cb1183709067d5bc3b2bf7ef18696f4fec6d4f4be2ec47bfea4c325 |
| SHA512 | c1ed2ea3afc730d92ca427b55afe10cf495ac8f512a5f73ec20e74397ad9b7c254589ed59418c5b5243f3377b1461020b2057dae6f2b4a0542a89e173b81b694 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dcc865fe4a497acb4f8166d20639a98b |
| SHA1 | 5dd910b765b0e8d3be51a17d3ace7026561e04c5 |
| SHA256 | e801a8c803539d33855ff303202bbdd480b626609517474dfb585e2b26497a3a |
| SHA512 | ff45e6c7cbb279fa45e9ac15f73c112d6607f6bdc1b86a6a3eb6952a59575508efa87e233440ba00892b19879953f80418a8725d0a41d0307e36028fb5225263 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a93a5af80c0c9ac_0
| MD5 | 19af1d897ae4abd3687d09b801bad312 |
| SHA1 | 0c53a634de5c21327690e5de54bc9cbc11fbf970 |
| SHA256 | ab61c0d5a122f90b8f1b73a2e599a809ee8ee2a8872119355d66d37f2c799b68 |
| SHA512 | 714e7ed0161a5d2ecbbd2c2853e667b6d3bda3f3e4982f1804496772fa8cad2feb17c0fb0719bed4a09a54fe13969874152fde78658b780be5409d0997d00648 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | c0b23ab60efb763d27f9f92b50b6728f |
| SHA1 | 259f669d1089469b1485ab4c07942c8f32431267 |
| SHA256 | c066161623da6821af1d38fb2fc8b5026e89caf02416be88d9543d1a0d337f1f |
| SHA512 | 0a43c9a501a2b462b19abca689815b4a8ddab19b1abef51072f86686fe6c20f555b9d4edc62cc41d3dff6f364269507a75da6d43ec11eec129d28a44857bb717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
| MD5 | 02ca8f29e0cae5cdeb870ead3b0a4f28 |
| SHA1 | f2c5bc583e6b4e9cd4ba148ebb6667aebd8ef21d |
| SHA256 | cacaab676e2b13a658f322dda15ecf2853308c45282acc0da0929cd9395b9e43 |
| SHA512 | 856fd99c752cd05d2584d229ad281f2e701bfbbcc51e21c8bd5c99c8f0b7e04c1ac33cd6e0971bfd5cbc3c0a30d538697d7c9b86475a83989dcbd4500b906d44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 5d0e354e98734f75eee79829eb7b9039 |
| SHA1 | 86ffc126d8b7473568a4bb04d49021959a892b3a |
| SHA256 | 1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e |
| SHA512 | 4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3219b3b62daa3ebd_0
| MD5 | 8c48fb1bef3904d8b4fb34dcd8ac6992 |
| SHA1 | de88405019f6c6256bdc022ce7e3e955d6a9b1e7 |
| SHA256 | de7a735c81f521c9e08e0e883e1ac510a0569428839b63e6cf5d161313e7e15f |
| SHA512 | 97514cc2659d3f604703309c5c91aae7f69d4c1636c3989923079d0b86b280c770bd00a9f9d68a655362fc858de58ece597eeb95e41e62624202e0a3bc2424d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48c950b191f01ec5_0
| MD5 | ee06535fc125a0674c6638f4ba908d62 |
| SHA1 | bcb5807e11f551137790bfc9fbd18ab2dc697f9f |
| SHA256 | 4dd105bb5c3a15ea9e241524296df7491c513c61e28eb2acfea39f6b9802c09c |
| SHA512 | 7c7cc1f7b48bb4e3c7253cfea23cfe3f52563bd5a59ed919f2aed801f38d675b569830f789d08c7364bcc71ad9efce88b60ab941ade1606f2a5bbf9fe2df217a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee
| MD5 | b57514c3c366608351e9217a76d416a8 |
| SHA1 | 80596d76a85d6d2ef16ae856b97ddcfa859a79f7 |
| SHA256 | d3e1cf91f6f164e919d20804f6fac2820f95f091521f905f94889e5156268233 |
| SHA512 | c195fc4b8b5f81308a0a9ba80234b341a3c0ab92da1b9c034e7028801babf592ec083f8c1777cbb3d56fdfbc76e8c2705ddb8320d1ee60ddd6039c8a1341e9b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f05ec4f6c1339fed4f24e6184d897cec |
| SHA1 | d6f790336be42984da97c4c00e3c7689c5a29139 |
| SHA256 | 5dec6396bfdb433b029b1021ad4ec76c533b97f1f23c11ff162191c1943d707a |
| SHA512 | d1de4c1435948efc472789262353b6550fd3b8caee2aea262b4dd8ed23a81640f4c62b3c199f39555e30fd5bc1cbada5d3e4348c5cc665ed4426e44eb39515bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 252825f3046fb740ccf0b1c364a81c71 |
| SHA1 | 07adab61deb5998c50dbf4de868f0c32e8a3dff6 |
| SHA256 | 7a5797d7d128c009b1c96d91ffdb7b463b39990d4e3c3f873bad8d706c5cf87d |
| SHA512 | bfa781a77d94437ad77ebe430aa2a6ab38b2b67b7bf87cb3b40404f2bebf93f3d13c59e093d33a21b2c621824fdfc0cdbb7f651843b961df1708e27a41b707e5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
| MD5 | aef9e44ef09e8658f8bdc9a486f23d1d |
| SHA1 | ef74d116ab6ebb507d2a5e8d4648d79166d525cd |
| SHA256 | 47d22c56ea22c37b360b7b5712865be4b68fed64a5611d53fd2c8bce9d9fa084 |
| SHA512 | 46d3218ab6f7aaee24874574877a2caa39dd2586891f7af27663a1616cd6db3a0ff04f7bc47062b9c03e3e8058d61384d2666775fa538db64d71164e74b5394d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1280_720_POS4.jpg
| MD5 | c514efdfa14e2203895e563aa04e3391 |
| SHA1 | 8bcda293223c7699d820d38e7e28dd7b044da5c8 |
| SHA256 | 28fb09757e93627fb427c88243687744c2f9affca63e9a996dbf89a1e6204ff1 |
| SHA512 | ba49dc720aa13108216ec102f67d3bd3c0e3a2d6617d26f1560619f3770013564f688fbc2f25e5ffaab523ab6333c83945585af7fa7704be682250d0663ced02 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
| MD5 | 17b715e726fbb743354e2cf51d2687d5 |
| SHA1 | a4cdfa21c59070668edcb0aeddf6b6392bc281ec |
| SHA256 | 58d58d936f134276bf249108c5b80510112736ef2b3611e7deffb89a33616654 |
| SHA512 | 1155beffe5c933d99f6e01c93af1865c7a1e7d39784004b42945bafc1a921c18e0b5b0b649a6e1e82307f283a3f9d95f6a47b834073d536f7ac4feee60d0dcb0 |
C:\$Recycle.Bin\S-1-5-21-3433428765-2473475212-4279855560-1000\$I02XV2C.png
| MD5 | ef5ed4d72bb31d6ce6592567b376c701 |
| SHA1 | 93cada5a7498c97c3fba6c399bfdbbfd10e2c475 |
| SHA256 | c73c31335215ecc48ee131f494ce0cbb83e771ceb119fc560d48bea9bbb76689 |
| SHA512 | 726463326c05539e418bd70e35ea14e17561d03453eee280de88657c6edb4069154febd5ecf3464d8e8a3862ddcbaf206742b56838f65786568cd0aecc8673c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 38f47d05d9bb94514091b4cfa93efb96 |
| SHA1 | 253ab15bc1a86dd0ae2315b7b034a75d0d0bfb80 |
| SHA256 | 44a676d6accd1cedaf4722cec5e981440ad3ed8ee10ed5f3c7a0aa4eea16c900 |
| SHA512 | 8a2344217194c237ed0a44a77d87c600dd903b63a9801983eee0ed4c2608e7b9863a36373cca9c946e587675a50b5986bc767631f61cf92c714ab2323df9754c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2af955ee21fd7199616d222b94f8e092 |
| SHA1 | 13741439efc16357066ecdd90f2ab03193a7bb5e |
| SHA256 | 1f74d90cf9e8363850c1db87e5af97d337c0e08ee81d48270dff1ea314f29fda |
| SHA512 | e1d880da30adba66138a08045971456de74f7c28c226cbb42c007c6cd0025be9e866196762ea5ea942289d9ed653f4f2ead488f07ea9ca5bc9dde8fa1bd0a091 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b69da6fe59e2cd3a8e4c28bd824d302f |
| SHA1 | 3e04dd119f64b6ea73aa490222e9f91dda1555ff |
| SHA256 | a1565d1a0b789ceccb739c84c62390dcc6b6e5a28c29356bec34eec02b39066b |
| SHA512 | 75a57cf2cfd5729d4962ebf90f34a6dbce51a80c619f76ebe7e73f5d7dc410a2bbac3bd7fe670c02a67c49bb3c87f71707b8f0876c4a110af1bd26659aadf68a |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\odc.officeapps.live.com\2B2ADE9E-BB4A-492D-980A-3BB1BC0E9FCC
| MD5 | 2f82426450332b558a61ae9ca551abd9 |
| SHA1 | abdbf8f8bdd7572bcdefbd1e0b7da8d3cf17144d |
| SHA256 | 57d6315a8f1f11aaa111a9956ddd0d560f791f757c379ed77bbb5a1b5b577f52 |
| SHA512 | dbc43dab6cbde98647c5a88cd508a1528ef79c030286cf82cb4cb03c4af81930ad1c3b2644ead9eceea27cd5772324f42a51f04f1693102254567205a6abf0b5 |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\odc.officeapps.live.com\3A6ACF8A-0D04-4541-9A74-0884B64DF635
| MD5 | 85ad173999ed440af6120f3b4fd436fa |
| SHA1 | eebe3bae40b0c82db581b905e2a4c4a90055c9b3 |
| SHA256 | 2fb3e7ca57b5ec8657ff2b909c74dee246e7ed2b30abd60dec96fc4fb88bd165 |
| SHA512 | 3c506252a27bc4a3d718fc2ad89036850ee3c9d5fd79966fc5e28debe1844d96e8d2777e160e8537034129fd8109dff027bf5eb4a082c99d0db93730ec31427e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WIQKD42H0XH4SBOOL5AH.temp
| MD5 | 4fcb2a3ee025e4a10d21e1b154873fe2 |
| SHA1 | 57658e2fa594b7d0b99d02e041d0f3418e58856b |
| SHA256 | 90bf6baa6f968a285f88620fbf91e1f5aa3e66e2bad50fd16f37913280ad8228 |
| SHA512 | 4e85d48db8c0ee5c4dd4149ab01d33e4224456c3f3e3b0101544a5ca87a0d74b3ccd8c0509650008e2abed65efd1e140b1e65ae5215ab32de6f6a49c9d3ec3ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fd25918e0ef5054a_0
| MD5 | 87b8bff20d8ca0e8cdfd6d22c2d83978 |
| SHA1 | 078557519703d1c9e9f436b6efae841dd9e33745 |
| SHA256 | aa59203b1aa2c384addc61ed932df984f30a5f944715e3df63cb3ac0dd31e500 |
| SHA512 | fe0989eedca88d8b9fdcb7300f05c4fe20f669d090cf57d06d641c92197544ccd5c7f6fc7459c17f1fd7ada027d73cf270a861efbfa8003993463a785b5b69fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e2a0ac7b83788ee3ab904e7a5f10aca1 |
| SHA1 | e329305a35e58b5c56f67edcee9791bfed9877ed |
| SHA256 | cf8a1597938451ab557789ab1eff43b3fded3d4d990c6993156a5ba5f1632a2d |
| SHA512 | 3573b9574238fa4cd537aeaa54d0e82edec3375158c740125da69e0a96ab1c37e9d99372c6d60b678c6bd4b494e79a0b1c8dfc19e0974f201f6245baa8a2f92b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c5a92be24ec5577a63626143fbf0b92 |
| SHA1 | 995380d807bd1529351b189aab1adf6a98664e4e |
| SHA256 | f5f07c7b1782bb84e1b119adda80497205fe1480837fb3bceebe13fcd029c9fa |
| SHA512 | 169bfb4d837b56f8e31db6fcf30f4eb7e2c2cb85206335b1feccea88150c1a20a2e29d7e84f0fab139c4d9d7de69f95a3c085fe5c98499dae128adb7317e00f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f7324a7df2c525dcddccc6161bc13d02 |
| SHA1 | ad50653088b05afc294bbbc125d3842960ab1994 |
| SHA256 | 883ddbe0482b74fedfa3dc4c95f92b24f83f4188fe3edbb304ce737cf09375a5 |
| SHA512 | 7486197560e7486b268ff668cadabe2466e04d5eba9a2673b066999b303221e8e85a7c6c8b2c13d06549f382f8588015c3ef4df1fb085fc6cb867598b6aa5eb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa2166fa5fc1203fc2e60f40852472e9 |
| SHA1 | 55729f0d64fe551d792ad9adc68b4823fb507bef |
| SHA256 | f1b3fc231722f7dee5f5c1073bf164de4cbb8e1c5784e448cb86542ed1cb4f0f |
| SHA512 | 9398f8eb725474a3b84c2349789a2c2b0d8f22d0c43cb404f6d5d6acf4a7d92f9b986e5d6db1f772c6edc4023e78767aa7b45b0859705870ae318793ecf0c2b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010a
| MD5 | 357dbcf091aefc23129a7f7ef3653fb8 |
| SHA1 | 1ceb53402cbd188fb541d60f3d058039d140e791 |
| SHA256 | d2bd7c32ee6d99d6a81b86eeaf043803284a869004a7ddcf3296a1864211b3d2 |
| SHA512 | a2060de2b1d6e42d2158d34108cda4ff7d67135c943cac1b845d5aab853991c39dac89803be8791bb37ac485ccdd4f4de8e17853074dd6eb16c126e13d1bd3b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9398a55df68268d497a7c49920426627 |
| SHA1 | 89ea437afd38f368718e5729a0e16c97833a3168 |
| SHA256 | 64d98744bc976dc060f286db8a9354c099650b8bbe5905d3a2f01e30e2821491 |
| SHA512 | 19d7fa7d102f2d602a196399246cdac2f035864483ab6d625dcaa706220fe8bd46059108a5c82743e0d1b1544c2240b57eef3b24cb6be19c9898365e31a2fc8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2cbf47ce61a32951a800fe945cf70f41 |
| SHA1 | 44c0605cb8d7732a65a46895e57ecc52d662a41a |
| SHA256 | 5fa44f7859f2a4f9539ccda8faf61e8c2da143b6dbf2b6c0088bbaf1ff33433e |
| SHA512 | 1229c76857320312f16e303ae44cb770ae287878ccb618dfee8c12eac65269cba2cf8b5a1000df766f832e2fea6c8091b799925ec8965caed940d34d6735ed23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000127
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000124
| MD5 | 339e7abff6944b974a4da98ec5c444ac |
| SHA1 | 2f1160cf12f350dc2262defb91d93e7a47c6da4b |
| SHA256 | 329a1e0ef7ba84a67a9033d34b5525fc339da7563faef9176afd61da307986cb |
| SHA512 | 69f8df5852b8f07d98b1fa287e1b9f69c9af1ba181bbbef1e64b05351d54d76b5137fad06a1b338fae2e985bdb9689aa3d64598bc9e952b461b12cf58b33afb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00016d
| MD5 | 8b37bb42b1577b08892393df19f534c8 |
| SHA1 | e12eaa944bff9ccd0687ac54811a3ada4a5d21e9 |
| SHA256 | 6cc9e87df3ba27d6dd288a0593a4f70a17ecb0bf5cac0a591ff72f355a9f454b |
| SHA512 | 9dba0d070832cecab4c2aa922bd07395b7493845926a5bed5c5f86d61c3b2fff1f6fa12069b7b7abe4f15cd58775ffa238aa36c47e100d7ca544abb3bc1a29b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9e964f8f66ed2298c043c1319217a586 |
| SHA1 | 664d6f923c15818e6403393bc0f5ad7494b1aea1 |
| SHA256 | f99b00ae57e96974f17420bac9ae408af0b60b576cd12051348bb0768f93f740 |
| SHA512 | 85e5d4863ce3929a83e693b56e9040a07ad4af5733315ee71cf50abd30b5a3abd3ef7539780705289e33cfeb99ec1d65ee7051d68df37e5c667caf20b046a0ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61eaff53f1ab79e6_0
| MD5 | e72ea2dffa14c92cc46e9f3148e7a9d2 |
| SHA1 | 0b5123dfacc6c401e1e96c7fc87f805273e1bf49 |
| SHA256 | 81b3068f45beda8d17bd378e96cf9c8556a22d770e2bd3a420a215848b3c68ff |
| SHA512 | 4fbabf59ea060897d2ce80d562472725b56d0c50da37a7740e42c1fac59ff7924253cacfab158fb563c1a7ff7bfe02aa098a775b5a0a43645417fe84165928a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000166
| MD5 | 34b8eafe7999d7080fdd5902f7754a9b |
| SHA1 | d070c338cd62a80523198b3135f6b6e1a9e1b7c3 |
| SHA256 | ea2861af6046769bda8f778b66058aa3ade2584279377b6f4ae6ec5f1b8df43a |
| SHA512 | 43368f863c9f9a92b8af4b49fd731355ed17947d90e9c8df6fffbb289ee54cb9d9111cabbd8671c34104ac371de921074acaaa2edca204b9752dfcd6839f66fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6299f92ec0062084_0
| MD5 | e8680bf3e25044fd58fe693cbcca9060 |
| SHA1 | 1a6a24e3f8efb8cfd13546bb91efc918d9e043b5 |
| SHA256 | 41760d0bef99cd6876e51872e322cca62c2bc4390730de4967b44c6f6f4f1d37 |
| SHA512 | 0cb40eb9b93bbbfe12824435375c30e04ca40d0b7e0a9110c7f1be0a7b63615dfd01c657a9615a8852e9fe639fee6f4e60a1daaf52d57717b9a6c15959c9124e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000165
| MD5 | dc618e061d68cfabe140b8be708ecd63 |
| SHA1 | 7f80fde042b5cf118546da35cbdf17ddc3d6cc46 |
| SHA256 | c514b3244a116be900dc4aee0007634771898b955af033687c2d6f2273ecbe3b |
| SHA512 | 2e41eeb182bbeec6eadacd33732e6da6a015aabe00142adfe3ff6a5be6b0cce6e68da78db6c6bb9b112c65bf935a8ebe645f341a3bd5f05716add5dde63c2275 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000159
| MD5 | 0a90fd68a5305517dfe6cbf13cf770f2 |
| SHA1 | 467cad46062282703001414308fbae4ba2f20f5b |
| SHA256 | 6d1b232fda33fbb7b6bc56ad67a8d94812de5f7152907c8c9dc5d65e1ebfdcd6 |
| SHA512 | 9b7fb6a2902e5af45f1f872cb278750aed26210a2011af23e5726317ef8a2bf05228cdd1bd3f4a32f0027c4ce18a48c56d56b5b9600a523b4fb81f5f269057ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5065cb8508fe6d1d_0
| MD5 | 955e2d9fb225b9873dfac4b8fcd9d42e |
| SHA1 | deed4c54f8a24c3b1c50f7c8e304e0667fe8b949 |
| SHA256 | eda2b737433d077219d71d28423e794388a76fc08144eecf7cba1663a6c62953 |
| SHA512 | 33f8a9ea5c34a79ce345fa214bf1ed22d0fbd6b96ea086bc769c4d3a7b9d6037507b2cfdf45110d9b56ef3ecaf93534c177d09b442d872c15ad6d98fdcb44597 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df1be14ff08b52f6_0
| MD5 | abb44fc3f311bea4b37dc9d5e1683478 |
| SHA1 | 12e3924765a64ce9fe7390b092aaf65e5c6c961e |
| SHA256 | d574f2411523ecf35bd1dd3d7d24f80bbf696548225451203bee66473e121948 |
| SHA512 | a02ac2335f96d5f70eefa3bda9a55bae1993ae3c9e456d4f798602b5698fea8f2a82e5a8f9ee826e749bae5d7ce6df5e6edb2255618983de9d1074282cec62b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015c
| MD5 | ce1093c800c0933d7c9674eda75790d8 |
| SHA1 | 371c2dcde092f51b18852e2617bc6c0c176f5873 |
| SHA256 | 57781a723db9a2483067bcbc89d1f30f7e2f22ae2d18aab1e45ad894d8cdab89 |
| SHA512 | fdbb31c607cc9a4bd75c42cbc552fb40d82e53804d156244ed2daa124c75e1680b908589f7a3ad8888b9b03ebfd1f4b3e83e19f84e3a746cf210d0b8a1678533 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd5142d48ff4f35a427cbee754cb00b5 |
| SHA1 | 2672165d8713cf724b3b20d2bdf6ff23d1294bcd |
| SHA256 | 1879ec6d5a9afe683125a9ceb690bc6b8d5a35550342c9613edbcf123b1f55b5 |
| SHA512 | ce2ffe170b16b95a24f28f3a345ff4da4dc8ed22016e2b32c9fd776f5cffd6d047a0d67cb7fad6a6ddfa87cc4e8867c1f930e8550135d8401742bc25beed2ecf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1b915c4ccf847cd54afaf74ecc34c149 |
| SHA1 | ce899408dfc730848cc7da151a8ee10889a6d4bc |
| SHA256 | d18cd6d57489eb778755357a074d56f750da42ab7acd5550c1bbd8dbe498cd2a |
| SHA512 | 540977e22ae54a7f506f734720d821f911a694d5fccefa0db48cf4ba10e1d535d348a976076741316278b24202bc94b5a8ed357bf255fc36a6db3d56bd2c47c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000169
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61eaff53f1ab79e6_0
| MD5 | f2485cbb5782aa3161cca600ec9a2be5 |
| SHA1 | 3fb8f1a2d38079df649e46cb1198d1b9f8dad718 |
| SHA256 | 9e20b8ae6aa5b7997135d11cc9686939352227a8ec3a7afac8d6c3eae0311f5a |
| SHA512 | 3a69bc07f25576938ad5ff2859ef01496732e10fe322b350c68744c9ade061a41a28cc83fed45ff3030fca37f294ede605125d7c4906c70a09f8e9e67538c7b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f6998196a734d7f0_0
| MD5 | c5a686e5975202a44d7645954293ca1d |
| SHA1 | 8c4b053cfc6eea6f4f9a61bce208c8da3631f5e1 |
| SHA256 | 6c9f98df2b5d4380260c78570ce332a3fc7f60a61d2dfcd8a113cba651bf5be3 |
| SHA512 | cbe51eea3ad0e4fe76f0a401027f416a56e1d6bf76885cd38ff553b10258d38f524da61cc4f03ab8b4ca1230ee6e45ba665eb757f0daa4d251b4d248e4fed086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8fa5135e6749d650_0
| MD5 | 21bd1af05cd5312575a4c6f077bc1166 |
| SHA1 | 0d0d32eb954d454583e09e19c6f0e76e2b879504 |
| SHA256 | 5faccee755669732e596b2da976d41ebe325d1ba03ac6a882bc420a24f310bca |
| SHA512 | e89ee117d81857474a3fdf3b1e84bca3d9527c99a096d98470f488a9b30a150c58c2e2b148909f41d3fef61542ae55a2b128708f8b60e60ed0048faaed69017d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | 83f1d5d053ba642677e95e1a11aa4a16 |
| SHA1 | c30a441bd828771df0b3f9bfd7d4094d62649280 |
| SHA256 | b56040e47673d60a421dd42b8ddcf6b0f98d9d775907748bfd5a120b081ad309 |
| SHA512 | f0dc849e67e8dbead01f41f8e9d1b28934e8abd15d51db603a68e1fea7e37b4c969f4e2a8aa3b7a2f4fd22d087ba5ced06cb60ae76e772604d2b9ddf2353b8bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f05c2b8d995be4e_0
| MD5 | fdb91053b8a69e853a84953ce7189055 |
| SHA1 | 5e422520801594a5b319008d74e5d714f8bd723e |
| SHA256 | cb566dc5566325741a995d04a4e78785cd9440253a2188107fc09a5f7138d561 |
| SHA512 | 4f555c11880483cd44b6408df1a5b9e0a52a72c0c6990001fae8d387e9b13dd111c5c1424bfc4ff17f7321b5fc80f9c2dac03e076947667aad903784f2dec39d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000188
| MD5 | d515d6bc712ab2550aa6d7131c8383ab |
| SHA1 | 0af98d7d426d6d6513dbc7a9be5e46d56449ef68 |
| SHA256 | 2a8b445262abbb4ba7712e0877acb65efa322dd8bbecf8cf18cf5ac082bc66f6 |
| SHA512 | 9bb81b56b85e5af6e75dc513ae3c0d98ef91114efb370da5b132b687de38f2d78a3c799b5f5179e8179c2ef147ac41e11f98449bd79e4c22ce9ec5e49dca294c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a44b10701ac1235d_0
| MD5 | 4f31e54e2d1387a5892456e5c7aea72b |
| SHA1 | 57245a1ab9346afc6ee4df48dc43787e1d1d8cf0 |
| SHA256 | e9be56c27e067412e5c72aff716173a70defea4b336012fc4a9910d02c2c76ef |
| SHA512 | eade4d362872c2cd2cd88113bea562fec3d80f66f7f80f0fde25f7fc08292ede2c0e509005b96cd9605afec57ce2c87aebfcb9e411517d17a451c63afc5d7f89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ac6b062da58525b492c8c704256ed1d |
| SHA1 | b5f0b249476d55ed11a725a737bf942448f0b107 |
| SHA256 | 88cbb091262544be68f03c85705604c7a89f12468faba0771bb2670f4a5ab9ff |
| SHA512 | f141d00f56aa9b33caaf4d083299ce0e84024cfc6ad8db2f4a0ebb6ac3d760da7e940aa023b931ebfa4d51fe6cccdb725bc78199ecbe0f0b62b3d0cbbcbfdce3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 9a683bcc5ae96435e4799ed1a29b34b7 |
| SHA1 | 00958a6c8066cf1d0cf6f4ec7da2754e591ba9c4 |
| SHA256 | bd344cd19914345fb4a5f70335cff91113ba9ee595dca00fd770641f406e233f |
| SHA512 | 7a83ceb3d5a8186de4f0bf509cf023646578e1ca663494b402c15da2cc91875964e84e00ed3aedfc91aa53a15de1846a18258115799a010adb2782bae17c5937 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6b08c9.TMP
| MD5 | d3684b0125aee12a51cce7ecf2db0546 |
| SHA1 | 9929d15dc7910aca4e1bf6284a3cde05efa3f833 |
| SHA256 | 0987b410a409ffad8766e5e1f42a71f46c52bdd391415e5cd79c4e0e9b9d8e4c |
| SHA512 | 84364f8756b7e5036df91d910caafcbfe5fbac984f9f797ef9be7607ea45e017defd05bb29c03acf688f0f0489e059006b3a9a166d736ea393344eee46ee4222 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 45297ecf1064de14c731c95806066bd4 |
| SHA1 | 4f883309a319421e9e1a55119c2f3fe1e1833b3a |
| SHA256 | 9d385ea608ff7a6faef2348b9f93f28d1eca863ad4f5f12fef2a988a3af444d4 |
| SHA512 | 99876993d9c4d452b04fcfedb6e4a18217745e02fb99842797496fe51733e3541a92f6cc8462ae8c2f10b770a154a334bd44d5dde96e88293603773361731cf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 693d50196f9f932ba4e10d28210ad58f |
| SHA1 | a95fb9992410c0976eaf449f5e293f217d2ddab1 |
| SHA256 | 75ce004a51aee00c3f3036522286fe9b140f2f03a6f83a40a429cf9423527a06 |
| SHA512 | 72a6c2bda58557b0ad4e2bd1177892aa56facab769a325077b7e3af21e3a4ef7625d1a69e89039bb182a7646a2d6032871b124893b13c974d51d70c58fd79aea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a6
| MD5 | 87448a8952a0e923b6df8f187873c645 |
| SHA1 | 2093c79a6d061111c991fe4df7fb36f3ecb6f71a |
| SHA256 | e98ccf54efc03b2cdd663a6ea61aebab123f703275067e8f5d726b163a770bd5 |
| SHA512 | 366a2c46c8a92f5480241a34beb5e1baadee7cc058e94479b851303f61acbbe901924e76d6084f1698e0685700e34cfb04cdb244c72228f4d9164594d991e7d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a8
| MD5 | b7d45fefde9328e6513ce4b4e9e1e9f7 |
| SHA1 | 6d1b49b7187c303f58046336126e6fa1fc186292 |
| SHA256 | d46774f6acbd74b464937111fdbe139b111173b396a8c4fe97718839d10c19e3 |
| SHA512 | 42662854923a68840f9818f4a2e9ddab1a5bdf55679660db450625ca1cedc05c3d90fafb5b467e373e63995a1d2e9147158253b057687617717dcc10d2e7ddb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001aa
| MD5 | df38323ccc9e0b0f07fffb399db84df2 |
| SHA1 | 936716ea553d9c405c45786153c8ae63c9b0d153 |
| SHA256 | 9e97dc3ea522481b0aa2318f9f5b1cd646a869f07ef9c799b5aecab6e59e2005 |
| SHA512 | a1d0e2512bb90a4c90953620fcaa128e8918bf13d59069689ab67d91421c306dff3ebe9c8a6cfcd0344f8ac4e014c1a7e8c5f5b36a2b3b599a3aad64edb347f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65a98105370b12400a742f564e3da421 |
| SHA1 | e6c965a09c509f36d8c1d663710a78de1cdde588 |
| SHA256 | 74506385789f2cefb318a658b7fd3343d58180724efdc5b9d3c96af4da815b9d |
| SHA512 | 3e71ec22110a1452bec9750bb6c284cad7f2597d38bec1d6d01706d94c13849fc887f992f49c6b547c41506628b94e6c185639e07c3f6cfb1e601db3fd6cc322 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c199117cd1197368c4e871c1f058e984 |
| SHA1 | 40add59ca48fdc91acafb30ad0570d437c5159ab |
| SHA256 | 59c6f663fb9896a1e2fd7d55c1fb2b42636e63768cbaf62a85ad1080a1318668 |
| SHA512 | c0ba090abcf2c0a9415aa5c0715b37b6e98e06f40c9b3144d76ddd100a29466fa81d7be0e158972e669df695a0576c21330f64654a5137d507a5c7dcbce10c29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 25269238c9ed849ff1c587b4c910ee23 |
| SHA1 | 28893d7aaa4b14a763625d8ac19b8c1261d646a3 |
| SHA256 | d96c3bf0e3e17be7c1f205a4e71208b5264eac19f275cb60cd79c48b551c0ec1 |
| SHA512 | ada43016877a6d1ca58e735d3116391d0a23fe2b99b6543860a2e94541b0ac46e808f498700dfe2b1ef3b66d44aec7220f4239ad1aa65a4d5d46062a6e24c47a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df1be14ff08b52f6_0
| MD5 | 571762e8f1940f583223f4a3293737ec |
| SHA1 | 2397e2ef7653e8f6c91d71d69c92a90611709630 |
| SHA256 | c73009215dfef1153f64381ad573f076f3504819a048668b01d26da271a92578 |
| SHA512 | 44385b5c15b74e8c33c78d73bbb6e4a3f6cafe840925ea52809b463b2b9aba922da50a5035ed1ff4f97b29caf137802543f01512e2e5f1b38126fa1753550dc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0cf007ad8e34b894_0
| MD5 | 3074be736cc0c4355c9b5415c57ba920 |
| SHA1 | c57de061a957fb18550f24fc605adc9d9c5dbd49 |
| SHA256 | a74c523a2de426c4c3862cc31f6ec3d07a6c8860e19cb05cb59627e0748f3e55 |
| SHA512 | e5e958947bfc2593b52e58d66170679d8fce3ae9efc9dc535419c86dbf94fe2e191bdb8fe35d91dcf80be8fa3565a2445f9f3766eb8eb50158b5049c17e98243 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9f3f48bca297c9b7563344eed121c395 |
| SHA1 | 9a58bffabafe288f1dfaf3191392fc9f8d8286f3 |
| SHA256 | 77c7d42ecd2240bbacde62bf84a47cee958833a0b344ae927440aa942d1bd644 |
| SHA512 | 647e4c28556443acf93acbc6837a23b9b1fd4e96807f14d41c5271eebb2026bcfe5ff42eab5f255981d3b65e5366416aa84d56fd5fb64e6c168f66877bff822f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a032a2b21ce67ab_0
| MD5 | 4cc746dfc285758f1d4d38d2ebf375cd |
| SHA1 | 02ccd9226295ff6c46b68d4e0dc438d314afd1b7 |
| SHA256 | 7f24c2b42da9c3de3a9304d27484f30975eb43145eae4f15d6bc14c27a2efdb8 |
| SHA512 | 04522e61cb76d368e805cd1118b191fa3f6114717ea4c9bef8c8ce6d0fd9869568b052a0f066a7219b4771102c2ad0b2fe40304a5b50fa0fa13f060c135290ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | 43e39c3d14c69c887b332956981d152c |
| SHA1 | 9fdeebbcd40401e7bef2bc77ef66e06201a815fe |
| SHA256 | 820494d54b438cbd074799413379cb0bd93ab0766a0393a63af40e09c8bc817d |
| SHA512 | 22bbf4295fd0ead581636c86c3a250db1ec3033b4b8d0859ea9cdde68f725485555746b54adb49f3e5a017713f4bab25deba65405602be32a96abdb2a9b6482a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d4c011fc4b566062411b869b87be7191 |
| SHA1 | be8e22816b083f77ccc17692498f2f7a4480d83a |
| SHA256 | 31fd6776855c3ca76fd749405b11151a5975185689e20d16f611d5b084dba54e |
| SHA512 | 314d07dd08268244391b6a84b654a75c247cd73561b3aab9e669c3136254fbdfcbe7ef90ef3c4350a308668b6de10f32aae68be1b9bff1471360df1e16e99652 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cf866986a0ac0a2873de09f8b91f186a |
| SHA1 | a98cef112e1d68c279460536a307c3f7b97c09da |
| SHA256 | 18fb4e4d898f5a0dc2f392ac5aee8ebd98def899589ec36c50af8278ddc51ee6 |
| SHA512 | 1fb0d06a52321f740603bb1e2472498b436a8d31d32b5ee54862634bcdf05a4f30013971be91da84023ba8e4426b90b8d6483ff0dd3cdcb4a67eb45420f4e739 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000180
| MD5 | 2f01f326a22ccc6a0549840544c2f806 |
| SHA1 | 6cd3173f51f8a3e4bed816e9561ab5d9e821ef60 |
| SHA256 | d12167bce5f0db7190d449bd37afd889bcb32f086723651bc5019dd9542699a0 |
| SHA512 | 928862c3f5d0fde51b606de2c9fabe5f562ebf702d4189bc82d659340e9cf40a8c94f05101f0bbc9652665152954f31d5450c35cd871a3d4c5cf024f03300dc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 991e9cfcd1e3e4869b7f11a2f8133d95 |
| SHA1 | 94240ea96de4e5a31ee68c47454aaa36bfdb1319 |
| SHA256 | 014ecf276c9f26092993b35727c371b4cb6d16570e5ffbaf2670c90279d02637 |
| SHA512 | d617ea60bb540694d073afe72edc9e833bb94578f5280dc85ef3ee494ad75811149823c88ae1d6259bbb7e6debdec446477d82e7ffaa317274b27515f9d9fa0b |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133622651373501699.txt
| MD5 | 74051eb4f4792e6f6212f2dc1138e755 |
| SHA1 | 0669b803cd42e19541dbdc8a83dc4883e749bce6 |
| SHA256 | e77f90dbe8dbaaebadec33671938e7d5f074ccba2bf0b80708a513765cbe5fe5 |
| SHA512 | 4aa7100bf84aae931b7bf048da56b6bfb669d5317dfa518a3821877c0aa2e0cb9563db4d9aa80fa6f75f2ed5be879d95c582bbd89916eb91d2f098840c6a9d47 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\HMZJ1NTW\www.bing[1].xml
| MD5 | 469a5f8c073cc441f7cc13096e8261e7 |
| SHA1 | 0e43480d329495556ab5adb06b8087814e998cc3 |
| SHA256 | 4b879439a4deec9f7168c1149d1a68dc46a093ad7a32301e87b71a0d1ab157e2 |
| SHA512 | dd85b8e083c22304e7a03167356be4e6db8411ae7e600330c96a5094746a2ec3932bec51a95869a77234ba1a79e4de708c270c4b21c97a31eee7768ae4e9923f |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\HMZJ1NTW\www.bing[1].xml
| MD5 | 92fb19e04096bce618f872f8bc6451a4 |
| SHA1 | ddb6f7db386b0e1bd0d85285f2cc677ee7c39a07 |
| SHA256 | f250458d1b10d423095948d2cbef7b900fa8ab36696b1186e56bb35630849944 |
| SHA512 | 7f3e09645ca1dc628120b5485c69094d5754f33c9af3d0a48b55756c16af4c3c3fa72c34a079ab554e232e1bad39813217d7c62beba2ee6728a61e4231b24a2c |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\HMZJ1NTW\www.bing[1].xml
| MD5 | a7fec6c3715e2f43a33efba9f6022a3a |
| SHA1 | 48be2b6d3d4801e04922229b7a816e56efef3421 |
| SHA256 | 81ecc37137661d725fa5044497f48f90ab0fc61a075be22a1b4f086facf3ba6e |
| SHA512 | cfdeafc95163132b6743863bca78ee07dc81ae924849c07e519332692f1d7ef567fa705c4f730cf71a135ce3ce1f3c67f1af58bbd9e37305c5c59659f43a7e1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fe17bb0666161af609ace57b5805a946 |
| SHA1 | dd4f10311a0def6b3772584611dc5eaf82001255 |
| SHA256 | 4b838fab8926974d05e2ddc743ddb1d453eb41d767afde17f0ebed846eb26af3 |
| SHA512 | 7c3e21569026a63254c5590bfabbe86034fc5ce9632d08a267cec9b4c6f885f9feea69135e9c6ec555e23309ca3d1c3abf33ca840689012ad9e810d92cef08f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cfa0f7ee36f1ef866162da66291d9e9a |
| SHA1 | 8c030beed8dcaa8e3ee12930c8132b886ace80e4 |
| SHA256 | a58c447516267254b98d6ad11b08c34bd7a1175d0a146e36665a3f6ef71f2296 |
| SHA512 | 8e017ce8ff8586815540f7143d81bb5a4fc07ef2fa57cd3cb193631bdd079781a95ae9f637bc7c00f4af5ba4b7ec53adc577ac8b7a5ffafa8b698acc35a95bbe |