Analysis Overview
SHA256
7e1c175a3e4709a8bfb2ca99f32e266c237a1b7970898d3dd920cb5a561dc180
Threat Level: Likely malicious
The file sample was found to be: Likely malicious.
Malicious Activity Summary
Sets file execution options in registry
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Reads user/profile data of web browsers
Registers COM server for autorun
Loads dropped DLL
Checks for any installed AV software in registry
Checks installed software on the system
Writes to the Master Boot Record (MBR)
Adds Run key to start application
Looks up external IP address via web service
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Modifies registry class
Checks SCSI registry key(s)
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Checks processor information in registry
Modifies system certificate store
Suspicious use of AdjustPrivilegeToken
Modifies Internet Explorer settings
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-09 06:49
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-09 06:49
Reported
2024-06-09 06:52
Platform
win7-20240508-en
Max time kernel
133s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000fb6e8d55a91d6ffe2372d548e131907a920e6039c157f59068a3db5982e3fbc6000000000e8000000002000020000000c3c4141de82a220e43e1f5db9c226115065ec5c2f8fda17125d34a639b6ff55390000000dfc01198ed37b757e0d7efc4b749dcb44060709be8c626ab58299aa15a7a205c23300f1a9dbcc71910cb45fe85f889d5ad0a9900577001c9b654b9f31c90d6612a54a5bcd446df2a6b31bb8b34374a47c3ade5ec8ff1c3013a5eff47d203a77bd3d708d8d2b1ae98fd9849ac296718b1340c2121580b495f1a29a2e46efbe87847f0ff20f41e88ea0a819c6fda51e3f04000000080d8daf0ec2933cabacf6ff5dbbf1e3efcc1a598890474fb50516a3406658e29ce76ef38b8cad0fdc089fec34534f94edc4454929dd8063e529a23cf38f80846 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424077648" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60fba14b39bada01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a230000000002000000000010660000000100002000000031ed552951ec03e4c6b93bbe2b2a58a3e54490003a19dda29eeb82d197a503b7000000000e8000000002000020000000514d3df4da7d9a6200bc17cb804b77ec42b0f94ad7d2cd70de048d23945888b020000000a7ee92a1c78c0ce8dc3409f72dd852c9cdd8cc4b64d207419cf8f2b045279650400000009d3f384b751932f96470f75e84f1538bcedeebf01114a94777815b42d0c45ca200998241e7bbde4e5ef8dedcfcf67be4f4884ccb6f97f58294e38b100ffcb716 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{71E9B1A1-262C-11EF-B023-6200E4292AD7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2252 wrote to memory of 2580 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2252 wrote to memory of 2580 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2252 wrote to memory of 2580 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2252 wrote to memory of 2580 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2252 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 8.8.8.8:53 | prvc.io | udp |
| US | 8.8.8.8:53 | ei.phncdn.com | udp |
| US | 8.8.8.8:53 | cdn1-smallimg.phncdn.com | udp |
| US | 8.8.8.8:53 | ei.phprcdn.com | udp |
| US | 104.21.56.52:443 | prvc.io | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| US | 104.21.56.52:443 | prvc.io | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.19:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.19:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.19:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.19:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.21:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ei.phprcdn.com | tcp |
| US | 8.8.8.8:53 | ss.phncdn.com | udp |
| GB | 64.210.156.21:443 | ss.phncdn.com | tcp |
| GB | 64.210.156.21:443 | ss.phncdn.com | tcp |
| GB | 64.210.156.18:443 | ss.phncdn.com | tcp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab1660.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar1673.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar17AD.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e4fff455303fe3271fa97d851c16f4ea |
| SHA1 | fee7ca671ba9e89c7a2bc2c36297ec82873d9691 |
| SHA256 | de8dc2d830accf14bbb6ab9b5620cad657046cf1d9d0d5e1144eb94d4c9fae46 |
| SHA512 | f0b7554dc13dc266c1d565785e9493a39652f2b20b9c447f64d948c371b066147b681fc8a38ceebcace76f4d31a6c6bddfda6762f1269488f603a47861fef48d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ab06608db07151e39dfb42f497545bed |
| SHA1 | a263aa152a58fe046666876a7a7de8bc4f088362 |
| SHA256 | af3d6e0b7069e8b9ece3209bc0c88ceb3e8a8de4fde9251e604d6a5f690086f1 |
| SHA512 | 1839479a998e12d397b7527238e27a4282c8670bc0f8f8058547008953df9fce4b480394de2678c811d79a5f59e0c8e45450b85ff1e4d6f01f09fae11ccbc424 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6b3832bbae10b705c5331964897ff624 |
| SHA1 | 307a679e79e5b6ba3659a60f4ac04e0c282b7a40 |
| SHA256 | ab995d952cbb4e9e26707fd3f1bd442d4d9593173b17228aadad2a28722982a7 |
| SHA512 | bd433e92d62bfef6a8a0bbbc5a0f88e211bbc7c60f7d023c98cde946662359a4ec29a4e56023f7651fa1cb65db2bfd4cd05acd1985aebd21e70b9f5a323fa3a7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f49f3fbf62b2c6b358881f12f68d61dc |
| SHA1 | 54c4d2a707899bba05438e9cfd7028c0dddd8497 |
| SHA256 | 1d68a455be8738515202fbb8670cbde1bc18ec2867297e4e1ab6cfb5dd700e48 |
| SHA512 | 7287415e6e20548bcaa817b2887c9c47752a26786309f8b875434d6c287a868522be3e8931c82d1411ce2e080893848976b00ae274823b0fa0b67624f65c8a93 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1cdfac254744cb074e2ee6c30469640e |
| SHA1 | ed34c58dc57138aa86651dc649c01618e303e5e3 |
| SHA256 | 6a5f441ad8e3056281c60e35758da660adcae0dfb31a8e3262873e35b0481c47 |
| SHA512 | 8e7be7b9a58d5e7a52c83c25378111ad0c94fb2ebe5137ea3985ec4d983e15e38b6c389bee48c085454dbdd8aa8338a427eec35dc7154323830bbfeca5e5cb92 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 950e1e97eceef0943b0d085a7aad26bf |
| SHA1 | 469baa1fb97056a39adc920d93d09a9ca744b283 |
| SHA256 | ff02c13e65dade49acdf28f743624fa3fb2f4f6603645126c433c3718c178a14 |
| SHA512 | 15b755669b1c944393c1ed5c1c73af2abd576e1374b1b7afd6c2a2be674ec6629ad4178ee285e1d998463c6a101811ea9a3fad359efdc1caca03086ed26b87f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df35de986100586f30afb4aad1a66e8b |
| SHA1 | 2b648d53f8cbdf449c66ebe89a138b22ce5f9c1c |
| SHA256 | 335cb076de0795dfd7cad7618bd33091d812303881fdb59ea0f62fd6cde006ff |
| SHA512 | 9a27c1ae4388944662e6ce8839ffd7d22bfa62390edbaf1065fefb0ef831af4e46dbdd47587383a73d76b81d619afced31e0151c43c08898b4023fb4b2510d55 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea66404dd774f61820bc92f16570ffa3 |
| SHA1 | 544394dc8b5c69863dca0f85f3e0cb2a7a169b9e |
| SHA256 | 356309f59202a69a009a7c073080fd03e8b29d01587d8814678d14aa91889145 |
| SHA512 | 4a28a09c9a44ec56cb5cff17fd3de6becc4ab3134750d14e87f3d7f151b43669620730df3bee14a6c165fe43631b57711c655d18cd83688164f3547abb9f7a07 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 830aee5918524736e9ac8579ce7976c5 |
| SHA1 | 39ac2f6d9c10b0c45e5db573d35cc1ec71166f72 |
| SHA256 | 393640af30284bec7e1582e21a89e6834a5fef7a0d994314f52f13ed2151fd7a |
| SHA512 | 9b1176bdc7d2ec711e431acd0effad6fbfdca15571e761e2dbcac017683111c3ca30f5d40a4f477823901a1a5652793411271fd00d147d627e1390aa58b889e9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08b1b8338e79125d32d31e8dc2f28b5d |
| SHA1 | 19ebe2ac6b5b83fba0096353ac5eea50ea9c6882 |
| SHA256 | 1776926db54a5ba02d1442655bfb908ac39698ee50f2aaeaf79c6c2e67733abc |
| SHA512 | f24168d9136bed6c021679a9a9942b81fc48bcd4f097f946754bd3638aa56f3fe6967367e96da8ae604760357242681b97b906f7da7bf0d1f95dabd995b747f2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11dd1e9b391ffa94892e604feb88eec5 |
| SHA1 | f185aebe94ed9ffe87db00ca714c3d3f77d49e26 |
| SHA256 | cb8c8be9987a4554822de7706b04093c6650adeffd0add2fc0f04eb21639c3e5 |
| SHA512 | 51e9ff00478730c0f6289fcb0e67d4779bf9f57a761a999d8d960ccb9094ac7a199c78d1356f2d142d0d3131a139b8a0d8673252c2d6dfca864cad314906951a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 72e835e41260f17138b38635e10fd203 |
| SHA1 | f3b1f2168fb80433dec7e99f3f5248d08bcede9e |
| SHA256 | c64816c738e7318ec3424019b1e24b3abed72727045704ce15806faf1c5bd65a |
| SHA512 | 6d1b51ffc1f1669728f45d66bd627f342cd330c3ec894afe62e475aa979a21ade4c57f88557f370492d034ff5c1ef06b7f08f64aecc1ba47d83d75f8ffaf7668 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 46c3bfe6ec79d32706c99a846a7a5854 |
| SHA1 | 58dd641e1e973782f9de8a9a9ad227001da91ce4 |
| SHA256 | bc18b1ceeb58acfcdd6d91da3281328d26ad3cdd36a4436a50732353952da7a3 |
| SHA512 | 866667c7403f6352f416b2fdf1cf258fa7586583745786a61f261176d5550614ef2dfb48f7ec06578a3dffe931e900594118f5f6ba2164a2a36c03cb89fde5d5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c9f14884d3386fdf9f9426d9d137377 |
| SHA1 | 7d8b0213b5c0401b3af1dec03370ba71c7d2e91e |
| SHA256 | 0a8ce3eb4adf982e6dec5b314d67dcb4f646b596751cec892a28ca7430e8d918 |
| SHA512 | d56c9d5af36274782a85ea7c51767e501f74a311b765a175829a9e52ff398434fe75c4eadf93a3fa07e5d3f2f052edc0154e949a23bc01fb94c3e9d49eebafd9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f4cf6657effb9ffc26304387d7ab6651 |
| SHA1 | 06ca39ee0add985ec072c44a918e700d4a57883e |
| SHA256 | bd588ea8982f6ceab2fdccf56584eecaed688f9dfef58b09298c82a26adc2328 |
| SHA512 | 3a9780df3f0aea7cae06679e7db4aa2265d82fd45dd9b60434b9f02bd8d18676beeaf0a6c54baa7b464b0cf60763840fec9786f2361c2d4795af83d27e1ca343 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2bee343a2597376d54a1886439064d82 |
| SHA1 | ad4fbd17022ed3f939eb9845af8ff3d45c8f09a0 |
| SHA256 | 2bc2f08f3e2fcadc9d34c9aff12c96a10865c49f51cbf7017a2cff9b653c28ec |
| SHA512 | a759160ce0a90122ceef97f17a4c3d467a0305e91519f0a3cd3899fedc2f83254e6ad11018c11a7df852a588af9aed738baf8219a915120de18bdb0fb975b917 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3f4dcaf3780febfdaccdbfecf8f222ac |
| SHA1 | 89aeebb6386ad4287b615d63e76d0bace6d2b123 |
| SHA256 | 78b117cef0c6e1f293af88b4e70ad08194c31d217ae42803093ad1b49dd18438 |
| SHA512 | 94b120b355de0d7c88b74dc21bb8f800e3b82e20c0116b0b24d759f0683b2cc75c566db7fd224f9c393f004fde366e2f67e7ba4450ef4486a64ac05199f40575 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c9a1e7733f936825358b5481e4f4afd1 |
| SHA1 | ead29f662dfc24320817c0617b7e39cba021325e |
| SHA256 | ea0bda15e74483629e4fa20923126e7883fafc7df158da11a9a8b2d6c2b9b063 |
| SHA512 | 698103d05788260acb86ae752aaf9edacf0142485428fd19274687367871b99fc60a3c258a9cd41e868952c03d928adae2c3f6695a0fc87f33fc2cd8af51c6b8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7495cf8584da6152902326a5c0710a9e |
| SHA1 | 5c17f8f3ce1d39e6a1a5f4f4e207534076d25297 |
| SHA256 | e8112a3c4746c1e64c90a8ba2bcd0e30d62a79bd4063c898479ea359d4334157 |
| SHA512 | 1bdbf610465f5345f3610e85d0afa5a1158f2b93f87bdcec2d18c22cb4de29abede3688a71c09a1e52134346ab665494861c949b9ec0b6cbc99a432913975cb2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d7f56bbb838a21d6238af6db4cfb7e30 |
| SHA1 | 2e1ca28230dcdc4a0f4b1f61389587fd9ed7b9ae |
| SHA256 | adbb8d923362f7a8f4a491b16d5ee2f1fcb0ff0f521a0eb95c8b8a7beb477bb2 |
| SHA512 | a3b99d3753c3a8205e61ed8cbafdc4dab82b41a960e90008feb7513a8fb40886548607147f7c8f163408d201113ae85221c51c7c33108982f9d58631ffeaab1d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 07269816f77078c2e3fea30f62fed181 |
| SHA1 | 2635ebed3f4f06320f64263b552f98bf8efaab24 |
| SHA256 | 372b94ede8d6977375dbe2c3478f22e83e412dba767eb151b5fceea4302f121c |
| SHA512 | 5cd2f883088128e3623a0157264d3823ecb962eb7440f8d09dcac753f377e6664aa53ebfdd684dcda50f56cc389d2cc5ba01993c33400abf763c96d7499a166d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af57960be7b31ef6659229b725ca3668 |
| SHA1 | 8d3d7110c16c63715b4c28835077c09ec0b53db9 |
| SHA256 | ca5a564380303c928a799fb765cba95df026787a0d95433b232fdc163f09da26 |
| SHA512 | 67d75106db758705ad14e92b1ae3f00103493436f9e84d723493e068443a600eef6a06e8170254c55e8aeeefda1511fb8d823f51562b4fcaf525d597804b6e6f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 711d7d24ceb6462f2029bc704082b892 |
| SHA1 | ae8902df35836c3380de028ea0655ea91e60a430 |
| SHA256 | bbc21136fa27ea507729d2d123c22ef66da5e96286eaf441cddfd9614c9d368f |
| SHA512 | 429e0cc0050a84a59d82f4a1a013b9637bb929178bb81b1674aca4bd8b3c5f9c4f929178732a0b9e7b2f8c7ec757132314b5b1706dd9ededfe48b3173326eebd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35431fa091b90a787e24a5f9f857ba1a |
| SHA1 | d246b9c7e37261bd13737d653aacc98266afbdee |
| SHA256 | 4bc5dbf19c697cf28a4cd4e1b9ff403e16dae72f53f6aaac984970ee0976b9a6 |
| SHA512 | fde3aa3910a64cbb31fd7bf9f58e5c92cd618a0141883f7a9dc716ba0527b8f4f84aace6e5cce920894448d5f525a071d05e376aee16e378194f9e1b3cd96e29 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3243abc8335803622b6f306ecd1163f8 |
| SHA1 | 51074626b26a25e84b32b55d2462ccbee1b3b4ed |
| SHA256 | 35ead7c13f485e890f1a5922c735059cc52c4c791587dc75cda6343a181affe1 |
| SHA512 | 59262f0e6757492792898a422478714cd4b485ee93db525f3a9019045625261f9e5c6bc64286a18cf49e95f2acaf8947d929e3fb0e83fc60ed3ea6aa8005e7b6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 86f2a4b615ef427615be14828a8db257 |
| SHA1 | 742badefe28b23525878c0492754c3e74100d425 |
| SHA256 | 329ba710a68d943fb54055c9cfef8ac3610d1debf6ddbd5862fbbe98bf29b529 |
| SHA512 | 0ae30509eab128bf7253d469c9099a614bfbcfe192fd1916f309cfd1e37ee48500d11a8f172ce36e849c57bd5603ac5f73858c63ba6d2918aa37e6b0696732f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3d6fb3c85128315d527066420d17133f |
| SHA1 | 2919896746579c2b7c2e1c2c0b42b53363700f7d |
| SHA256 | 925e4a4892d3138764ca92ea287f333935525ba1a1a20e673861be50e7def357 |
| SHA512 | 894751e8400c8d32762f27b436445377420a5f854006e08dba166f8a5ac6fd8c90511bc81e1b3d0a276ab9b2ddb52a532622ed2f16fecd53a20ef08cb41c9fd8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b3b4be072e798d465062480d34d34b32 |
| SHA1 | 34431cacef02a8a206c46b3e9ffabe82c60ba225 |
| SHA256 | 141d68448a1feb11db9d86fe30fd8c035f04680c5d048f583d5fcc3929bb65ad |
| SHA512 | 9b93883189c768c6ee6330f2f521dd71d8d9042cd0fee3ca2a438ddc84fd8060e76cebec6394ea2c64e5a2af61b32073b315bbeaa935f931bc07fa977b36e360 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 55cf3513ddb890a91fccf7f474ff193a |
| SHA1 | d44f4d6c47a4329e947cdd019082589796b855fd |
| SHA256 | fdb223328c3077735259a279f712f147e3c10f495ab71e3a9724c6e2aa9f5d6d |
| SHA512 | 930d6141d6d9daa2733ad73c618e22255c2b748c88ad2fe5876a122b5c56fd17dc07ffad27b0e5b007f6cc7ccffcdff834b5d788d85544ff7f268b20bdd57657 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79e295cd4341b1e7be82ef67cacec77c |
| SHA1 | f8627076e22904e26d84a9d8bb9b037feb48fcb4 |
| SHA256 | dbbb5470bf84b1daacf68c1db24aac6aac21d267cd421f3bec3cec260d1d785a |
| SHA512 | b099edd9eb55df1afcd2d4a50f0a1f38394f0ca5cec2d5ece451af0ae63b6c5de6d1b81983edcffdb7b9180edbd10219fb7b6efab0fd3b43560d09c8611350f8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6d3d85f82c68fcb75eeb825e71c0c9b5 |
| SHA1 | bb103c56f7f208670821ee3dd437b38e7c394d50 |
| SHA256 | 7fbd247e3b1c3f80f97177299df03acd2cd39cf0f33e45b00b433da1b42b3420 |
| SHA512 | eec8c4d934b2b02c1c934ca19c97e83dc6b0306fcb5b71659cdff7d55d4d32767098537455a0bc79368cb6e403a6565398fa333bd53f746e9e1c4d3534946d15 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a8428c7e90a9041830ba6423247bd64c |
| SHA1 | d5806e6eb66a2b98e30fd7ef770f8cfbd29417ca |
| SHA256 | ded51f7c6d8ce277b3d991aa7812a9b51c8c10a672e59b897a413b73dfd9d6dc |
| SHA512 | eafaea52163206cb7b0efe4578912a6b274d7c939ad4178268430b7cd5e99b2d759d6fc04794b25aa16999e4addc012ad7c6bbc20fcf9d0a0f1ef78759232d50 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 41350617dcba075018542e20c10cccce |
| SHA1 | 922bd56a1c990c786d82635f8c1523027d0432a1 |
| SHA256 | d5e5df365f262ce9e949fb4f903aa7adc67e33f35a67c4628281b79f89b40e22 |
| SHA512 | 89ded02928b31e137bc058b073f858812ab5f797af895daa341758395af5256a992537fa47e97fc92eed2c6a4b62bb3b9271ca5448fdd837422678296cb04808 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea502ffb4eee1370fdeb5bec081eff31 |
| SHA1 | a1555c5e3b25de1114b6b3d94da08e3dfd58169c |
| SHA256 | 4fb211279b619cfcd742158783155c2720c9244755da9f1e331ec9683147b1f0 |
| SHA512 | f6724d7993deb92d1be633192d0d7d3813b8fe5e3b8ac2d6083be9a3161e75b0e08cef66bda16a1f2f08df089ea58508b181a9a9d3f76df43fc8aec42ddf6e46 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11dc852e5e5eec387bd96b5b99c063d2 |
| SHA1 | 1861c06ddceeeb90cff1ebfb27d4c0101ce6749a |
| SHA256 | 3d9f2a6e4acaffe0525f3a0db3c54978b39c165b11b9d7a372804782cefc0a9e |
| SHA512 | 928e94d2fed1b17c73ecd38cb69a3a9bd73842650bb93fe0b330c2023e8ab038763455e7cc523597dc0ae92bf168ea83fb7c018a906d877f83fa31278d9432b3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 623005a0214ea72fdb24b22c418d4b60 |
| SHA1 | 360d9f413ecf21408678e21c5bbd686ec23642f0 |
| SHA256 | 50d59be162acebc29953a7f96620f5397319adf20aea22d61fc17261c7d57aec |
| SHA512 | df73cf90b68dcb05fe7667c884cb102147ec5f3af370c07cb404820407b4a6d24e96230cc0e0fa426ce418f749174334b36a6e24c8ad2621428e56347701aeb9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a827e57abce620bb240a4f0348c7bf2f |
| SHA1 | f9a51d4d3083ce383888e33146460bf7e4b28a73 |
| SHA256 | e27a105ca5a46e367a04cb87edd55924b5d55c1a9154cc662e8c8c1be0e62395 |
| SHA512 | 05f79cd6eb92ac9c7fd2082b74294269e5243e78e4cf63afeede562197e515f0b9fe9bce91b6dfd7ae36bdae8e725dfc7390696f0bf866537ced27a526c04afe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 20c1aa9335ba3406826073f96e71caa2 |
| SHA1 | a3924b43f73bfe3e4dc6322bc9233911b7a2161d |
| SHA256 | 6154c9254fbc879f00fbca0c5be11c1ff197720f4dfdf73200f8bf2fddd0cd49 |
| SHA512 | b969b98857fa6f25b51fb39618f71075abc7acbe3e819a10c54893c3df20cb10c3e099e45567493ccd367cf7bde0cb40283c30a01436954767ffcba9e4526a2e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a55f1dddf8e95ad1bd1ca3e2f3384274 |
| SHA1 | 7948116f7d1ee827f1346af0c9782dc1a48a1991 |
| SHA256 | de88e0e94a3112d9b5657969d16c6f610261be78d524329d529520bb854da145 |
| SHA512 | 8c5daf237f66998ea41be912ba25033f8304af8d91e241c2d5c0600a2448570edd245db3ea1ca03aaf2e3f057e086855d6828587e606537504cf4dd6f16c3141 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8e61f733c944107ba06616b7b7039644 |
| SHA1 | e22d8753f8b22f6fe08be9cc18102de816e81466 |
| SHA256 | f4e8b68c2d4329034005849a15dd97ac86b0a28d460e4237c711eb738207e108 |
| SHA512 | 878584b33998a211b8a9242ed7ec9b376b758b6dbed9fa7cd7af15599cc23da3abdd76c704d06c3324ab9efdbe27ae48d613144fbe8386c38b1e37f635669749 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b6ed717a140aeaf7d425db2cba208114 |
| SHA1 | b7c245515ef0ffbe24df2b73efbca9ed5b7a427a |
| SHA256 | 06aa060810ed395c943600401e250932de0c7aff933234499a11cae509df8664 |
| SHA512 | e4868b7af7c0595c3aedb46c1144ba63ca996cfa12f1e48098c232351e9377cdd35380005d7d8ef02ba3e141791db98f960acc6a7d1319b18f0ca15250e66ea1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | df6cfc161778c1df88efc62289d5080e |
| SHA1 | a0e131f2dc9ba92a7b83877d87dca3bf4333e257 |
| SHA256 | af9a3b79d60665b6bd067968214a48af011b3bceedb49ea8822f70ddf2c1556a |
| SHA512 | 5479ccfaf7c80eb4e0611c0ddf18653a58b0efad0e49ea1892c6329eb11643b5d8f2d8dc8f50a1b2d51f17a4f2252e95a6f669e106039dea643c3706d2236962 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6d14797cdfcc9c1333df98794b3b830b |
| SHA1 | 2c0da406b408015208a916675751e7dc1d9f9980 |
| SHA256 | 2d222517c3cf8e16919c4e0725cd89849663af5ce4c263c3d083e9b94c502f01 |
| SHA512 | 2bbb286db5227cbcc2d0310ede6c47c29306aaa74f05f2dfcaba084c3d5d499d5b6d0c92e1d968466ca315e86cdd2d6502342b5621dfb4d708f3ee4fa883fa15 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f8c3ac16b3210b328992707b759e08a0 |
| SHA1 | 78deaa337ce232693cc87f6b044301e0ec22fe1a |
| SHA256 | 31f0cf01759081479570c150966cd6e2ae734314bef7bfb43042e2522c614853 |
| SHA512 | 9aaffc3a5efa7d39dea50428f846a449b2c129c190c68a1d9fd078281f6edc02dd2dc26aa7151cd885cd638e2f3c2869437848796b3a20e3dbe7d8050e637cae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 323f4bf07c953734f539042afb3dd291 |
| SHA1 | 4d4ced14332da260a119c269c52ed1298219782c |
| SHA256 | 4db08c18998a388f07fd3dd69d382a6f8cf19878e116ecfb50b6f5ec519d000e |
| SHA512 | f227d8ca32296756e2381e3b683aa3cb4e1d03ee3a302df2590a9f6065618cd084ac3df77b7a8c32fb77c10e3893fac9683b29f4cc70078d24eced879e215e7a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6467fe7ed461ee93c8e82a89b01dedc0 |
| SHA1 | 9e7968909116537c586112f67689c967015d967d |
| SHA256 | cc12c47010e4955adae283d4fa98f5484d014b45efbf53111609d7fbf1389b07 |
| SHA512 | 1cc1787abe5df3ca22e7cde9fc5fa1e8c4c88bbb85d3fbc04f949864985ac140e15c198faee3282ada567942f25e41b3d0f76f6cb5d53caa66b0db41a0b576e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d191600036a5f522426c7a89d819d7d3 |
| SHA1 | 005c4c8443cb3396086cdf4ac7b2e3271e2e9005 |
| SHA256 | 8f7f21dfc535c7098573209f7faa00e544c98a5452fab1b5ce7f33902a5d7c5a |
| SHA512 | a61e0033fac464cfad3ae2f3c6ac9cc5ab02652a0ccab02aef458eb8959ceb32130f185271f679d8a51c2329be9ca3ab6cc2fc2f74d29c2be713b6db5d05d21b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b68eee06b378f611e87f397bceb5423 |
| SHA1 | 7b728cf0e396fc3e4c8eba07db5e5b0eaa919095 |
| SHA256 | 9bcba9e517c8434631ef84824a29c663b049c773ecc1eca02cc799438fb73d7b |
| SHA512 | 52b2caea6a8f8455e32af0a9e31ba1fc17c0c2842aed4f0134ab78890da045937fb91005e98e6676870db1d64f42c2e0bbe7ae54155628afa4f2445b6cc04c8e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d53af122c1c0beb1c4a14b949c1833e9 |
| SHA1 | 82ef09e3b9a1c371150a3079e58ea41a26cae97e |
| SHA256 | f50aeea0afe83208ca4efe5f5db760058e5944ecd5a0f236b734922f1cf6e122 |
| SHA512 | eb4c075ec9e1d7ee21e7301ae43339f966f6e40e6419b8b2f9fc725ec915c9c396beb0d57c49d8c9d7a6715fcb99e1db428a2d5cee0d26eafe3e3e8dfbe602af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1cd57c37d807f63d819b263b5729bd8e |
| SHA1 | 13f23d7eb8a8269913751b278a5a3e6f64aa9487 |
| SHA256 | ac3efe8cf27d30745a04146281bebc15148d6cd33f40846a89e1e36f604c5919 |
| SHA512 | 8c3037ad98ae9e69e18e3fb72744ec4b1b80430c46c0066db9d774a1250605c71a9b4ba4fbadaa66228869468b1b97d1a2c32709e6696d028bd663818a9cdb22 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5112abb0336727e8fa3912e5556d6acf |
| SHA1 | e6984aa30bac656c0f2632abaf8c01ecd7205e19 |
| SHA256 | ec2e5bb95bf4a47e23fc97b9872118b85b1ff35bbd97bd59a80825d647b88fc5 |
| SHA512 | d59bb65f887ff9004e46f8b205fc0cfc9d2201022b46b8ccf2d2b849aa611ae927ecdaaf1d879b8a0a941c39c797ab8961365477f7bc0288a8610a5def4cef94 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5abbceac803e1d611150c37f2a5d80d6 |
| SHA1 | a82e9e52669b0e5750ed7761b55629c7faa5f8ce |
| SHA256 | 0899a15751440694e2f20131985c2846cd6179e73ad0e5225c7a4254abd784bf |
| SHA512 | b1afab797dfe9436f1f7973c3f53ceec9247fb71ad251c51e41162c3457f801e72dfefa539cce3254b1a6e43e95d6f0c6543205389e31c851234675f880839aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0afe16d1c3aee3827bf2c7e104121c65 |
| SHA1 | 195c044cf215c3ed3488dc3151a768a46f799e09 |
| SHA256 | e4d9e29e6cd7386e17360b1587f1e8c5f199d0e343efe8cedfd19c5b06783af9 |
| SHA512 | 535aa81fc1a9bd9c549aa90f825cd1f5e342529d021dcbba9072dacc70f9003313a6bacee3ced91dffed0eb9d68230cedbc2efe5c7f123ffaf694490fadb7c87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9c4627f4c3200a3d4b6e3cabf52fd9b2 |
| SHA1 | c2ad8b61d5162ec9840cea755191964bab211edb |
| SHA256 | 4ee9cc8cac8f6ec52c2b90c8f5506115ea53ab3d7f66ae5d57d4c39c80afce6c |
| SHA512 | e1b98a12eb3296ae3c8dc04bcb28e12458097ceb16494cacc25645e910b8354adea39ff23728bb93497433d084db2c793dbdd8bcf28219f8f2905296d61e2cea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 709b0cd57e1956d264b04b593eb5f43e |
| SHA1 | 6899fa712f329b1572c303e89b6423ea304f7a16 |
| SHA256 | 30d89f6ff14639f77a6f7be3c6864f715ed321e258d8a9ee56e6535551ee9d8a |
| SHA512 | ee37a56528df4e771b26735f5f5af8d4265734338d7f9bfc74f5f2d402b6759432cfa13210e64633869dfe2b56a19fd6b05ed81e94b6416358f034a2d8108341 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e9899ab03a9a21d303e8b3d1d933c7b3 |
| SHA1 | cd5bb0cbc52916c43f1880407790fd973cfeb5f6 |
| SHA256 | 690aac3d1c932c9d5322c1dc02f0b305d15ab28add8d8f8eb03d4299f2d8e1bd |
| SHA512 | 3edeef967460ef5d596265a74a22900d3c7b923fa9d7c57796b6cbc78050fb81acc84e7462f654ecea0b3c1f07101e18de55d65050eaca7dd698ac75463558de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 497724f01119712e12bf742d55c59ad7 |
| SHA1 | 9f3149e1ee38c7fc551bd10d4d6a8adb8c60121b |
| SHA256 | ea364e179e734510d29b5e8a9f8a7c6553bf207974afc3cf3740751c2926014a |
| SHA512 | 6c87455741a101f28843f18e64e03bbc18dba556d1ca477f0fca50d9f2f03145b8bb460308dbbfc2fd92cbba8ff4df67d36fd4c5d3378b94108d2ec941e1ea34 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d0ed5e1c3c673b4c49325ad52305ca20 |
| SHA1 | 2151443caa49a9484304f944c4c8b89a5d60b99b |
| SHA256 | 637c49bf8d54587b1a7f09b535d9108b54795a37e0476197e43c5f58756b2641 |
| SHA512 | ed19683b943291e2402084a5e39d05ce91abd7334cddffa95ae82fd96e75660faef3b64af3a1cc799ebd9e1a3860fa2e5627a73fd4d8dd3a2f1523e3d664fb35 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c3ccf7f7fd8938a959adcd773b683e0f |
| SHA1 | 758673f4fd35919a551126f1ccb58e69b842dc52 |
| SHA256 | 0572650ad9f06cd3eabf5f726486a7718e6802eccb1cd8bf60a1823a7c1cb066 |
| SHA512 | 5574f2423210a0b783195fb81591bf30bfaa16e71684b8eef8bb8ec2b0497e0bd466b77819a87e92fc609e69f682b86eee9d292ed610f258d0daff202ac45029 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a48c7a59532ce5ee8bbc1f92be1e6dce |
| SHA1 | 53cd74ec785ff26443af6fa1013d338ccd290040 |
| SHA256 | 4178cb4fd8b3ed0c55ef923e2ee13a7cf047fa794553bffbfcfc5dd42749357c |
| SHA512 | 8ee612a5fad949475e577b314ad1f8d42c6fe1a50ca25d778da45d0bc30498c28b4d99d7767a8c20a223db406cb7649b1c7dd8c495ec5dce7f57a66cb57c7140 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 277b4a73d3ed02c05134c72928aaa64a |
| SHA1 | c2d6012d68dc19aa41ae77297dc0dd2e70b5ed6d |
| SHA256 | ec7f314cb557afa6529cb8127e8c0aca47f1585bf7c63521e896596da3a251d1 |
| SHA512 | 599c12ceb76900174e123bf8ed627994a183954baffb5095e4ad82e492ee9f09947df7d38df009d0f889af947b7272584044d98a5e69ac73645db9389f27c1bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7c10f52c8d20bcad450a98fc472aa308 |
| SHA1 | 5a55a53478da7bca67d9672d2909e239de0157a1 |
| SHA256 | 480de5cabf8ff7f2ecb47c4dddcd93fefdf45c0816f2fdafe7ee8c472e3bcc77 |
| SHA512 | 34aaf8f9675a625b48d4fc117e97cb41cd1c1639ff28045c6301b85d7bb421ea652038bcda83545450a4ead295b95e61a8d19793ed8d3ed59f358db33d31fdb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a3da4a973dc51cc36c642c800b757bd |
| SHA1 | addf0d3b192d2bc14c7d0758b5bfcd00c433448e |
| SHA256 | 843d38dab291ce193731be4e3aa312f74b8c455aefbfead20a9335f9f72d5543 |
| SHA512 | 706f189ea9deaa23e3515bfb8c23363ac74ac12f2983ad51073b53e6f5159c36397e0e4b4c0dd1985e5717dea2f44fb596b26518e6bf4520e9d2c0b82b2efbfe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f558a88bf0904d294b269cca1b74a4b4 |
| SHA1 | 5360474018513d71e591a785c3ad98d637f3c0b9 |
| SHA256 | 2c037c9a764c75fded8acceb741be50caf6167ff440a335e6e71edeb48afd47c |
| SHA512 | 41048593eb06f78e23dca44b563d6d3639be288e0572ac41388b273a17506121f7dba8332a04e17b1b8092e23936d609b1d92edef620d46811543377be58c9a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 721e004d8795a64ce5147228b9844f46 |
| SHA1 | aaaf0849bb90d5a98803c860ccb4f1a503b63936 |
| SHA256 | 31dc4df9d35b48115b3f802eb775b24d4db80ee4cf1901f8b770a7f0619e8525 |
| SHA512 | 8d899da12da93e8b9ddb81b0e4512341689f2c8e384778bf34f4aa7b28ad3b230d66c6b56eede05a992e45177d72564db460924e2bd311c4025e6451d3a4bc39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 20b4ae5f61816d7efaefdbdbde43b510 |
| SHA1 | f241ee40af45f021c60c5b9c4c451e1da1515790 |
| SHA256 | 66722706cace198aa2d469e352fd93c4c2684396c5cbe96b1dd05a020b6b07fb |
| SHA512 | 9ca9b65c2d1a8c9c3a9fcf650e6f224cd5e2c61bcf62f87c24c5d54269ae81fb32f14b9a9c7b41b30bf73db612479c2fdcca2b8efc3279fc80ce64a27e21369a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fb6a4c2a4a12cd8d05430e3a480ba777 |
| SHA1 | ba17a9d7ff0ae8a54e07a995b8f5a99d41afb66e |
| SHA256 | 37b35ffb55d55fc247aa2f58e5c88e1f58622c3d8ee4a9b35a1af29ad8cb8f52 |
| SHA512 | 45d5328e8df235ff5d4b0211d4f0d73cfb8f7c0e5535b460acfef11a328a30004c8c8f221a6b650c1a71e874fcec495c352b5e86487f255c5aef815b796e4c03 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b5bf21ed6fc29ec8df5464188ea145ca |
| SHA1 | b3eeaf3e53ba222ded7984f12274198773d79daa |
| SHA256 | 8ca928c0e43701e6693fbd5f3e7a4276a2e9d2f3524bdbecab94153025ef8595 |
| SHA512 | 6776b64d00bc5f3559b6ca7bf21d0ed42a222b7ade1e429ba70bff98fd4e4f33b4aed59c19e0d4a710eada4c89695fa919fdd9347e114af3fef8e66928d70d50 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee8b3a148b4da87e755b7069b5b8842e |
| SHA1 | 9f9980fde93b78f8c2f5b3476d88f28d8bbffeba |
| SHA256 | dfb0307868dda63aff678a1189a20a100220913b52126c254cb7b085fd0fd584 |
| SHA512 | a96b2505fb53b58b20953dcd6d0082413f560bf837700a60402204628dd3fc108453220e160b0b74d3fc06511db1c537416cce174e36a9cab48b552e177738e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 529adbbc5fbe5a9675f53b8359954431 |
| SHA1 | d83ed926231dc87788ff27562aadfc7dd0bf9c63 |
| SHA256 | 449f9882e4315696da6e16d67ad84371396cb404529e402a965235a816f59382 |
| SHA512 | 8ce405c222d2bfa780bc4089c4b5b87f5a7ca5e261b6975d62461a4cb5d951870ae4e29dc41010a4e6ad1d351513c1fec5289ff8e4de7411b8b4374a1c0e884f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 558f0212c8f5bdbdfc5a06098461312d |
| SHA1 | 6d3ab405e3a9f201c2528c7261e1d7cca36eb7e0 |
| SHA256 | 68a09853e0789a483c761a34f0e9ab2c27d49e529b369af133a1fffac0171f5b |
| SHA512 | 7f7b2abf6fb71eae5dbb94c22e7db651d778522d87b4154e225abdca91970d6fb2352e31cf041df6c7b798699596aaf7c8158c8b0303520e3f3275526602afa6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b9f3b8a80186fde2fec041e6b99bcbe1 |
| SHA1 | aef3acceaea75cab0d4cd7323940a2a0cb178f72 |
| SHA256 | 80f6078cbf89783c8f339c48392cf4790ab3d38e8ac9d74fa8a5f4e141b3a9b8 |
| SHA512 | 085427c7a1c0acd6a2a382c156904368f22cfe1da74046393657ff6e62ce9a6480abf1b912d7ce71aa13fbb7befe93091f439f63c745e64988c2ca1516966b1a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 65c9a498ba0e8c464674ed70e8b864f6 |
| SHA1 | 7e0fb722427a7848184c93d9eb6221a9a046a82f |
| SHA256 | 33aef9799158e61d67d6e025df8eac8be3e9c779f2f448c64cf6b967adc72491 |
| SHA512 | 661341c2b720b5f826042f636630da276fddafcf93faf56612149d22dab34ce75a199fb2368617b0d3ad8a08f8b7b54d4efc8d5e44c36499e856a06eb0bb0393 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 94980c960c15794ea7b85847ae855c11 |
| SHA1 | 57d8854c79895649a06b9fa5ef1e24d7b0c431ae |
| SHA256 | 4e63b38ffce3d1d8c06570eaaaef729a024d4e2c56ab5ad4fd295074ed09486c |
| SHA512 | ec4b59118d425047e4ef539041bec974c3ee30db13f16513d945307bf4aca60661b6edd13729e5383c7ac6a37b9b9d1a65e2b010b82601e18651a3bc169de136 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | faa7ae3b607b4fda91719f059dcd03e6 |
| SHA1 | 4d412a2f99172bbbdedc6a8f08fe82faae28da26 |
| SHA256 | 1ad3b1318e72edaada9f86dc67503f97414a35cf19dc978bef6916c6ee1a79d9 |
| SHA512 | e793244baf939aa8c7bad67676c077d7a922577286a99f5430148a45d599cc63064b9660cabbaa848219dec3ce69450771006212e1a535fb1adfe35e4683c17c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27943e8e8bf3ba79fa654d3dbbb0611f |
| SHA1 | d28d2073096efea234dc849edc2ffd0bcfd2dc8e |
| SHA256 | 016c94f7e262f244ba8fe0f3a7539405ae54e7c33b0e7e71314eddfe8869cbc5 |
| SHA512 | 355d13bd2015ab43024028003f1bd0d4bd56896b9beccc2018adfc696138d9cf456f737a120b1fbbeeb01ab4d728201885bcfcebab56363dfe6c3f7d1723d38c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ac85458df07f13aabdb35b03e086a010 |
| SHA1 | 8713ef4e81497a62e823e9603c6cbe2a3b2c6a17 |
| SHA256 | 158163c856693540ab0c15e8152addf69c36f32f0167ae21cd9d087aa595e39b |
| SHA512 | 80c667c15dcc14d9be13b2c7023e00368de188005d239ab8692329bf072428fcc34da5c8d1c8d762755f7985a0f682323243812b6382890f80e09438cdcb95ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2512b0c49c5bd2208d745ed344c08ab8 |
| SHA1 | 82c1a39ec48bb1c894661be5e2a61d773e1c8667 |
| SHA256 | ee2c8660668d9220d234fcc4a799e03d39b08d8d44c64ad347bcb4ab91f6c4fd |
| SHA512 | a3bec4fd18e37c3bb90b572aaf3caae3c48f39f155ccd31055e6359033285c9d15bb3c0a80af478e460c26def1900af242618b6e7aa5d7d9fa6fbaf01f72b28c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 36a448e56406451ab74f6c9b666dd5fb |
| SHA1 | ad8ce9bd6adf8751f2e670cb1d3ef3346f14982f |
| SHA256 | f63981c657d0ea1c25456eb460a928b6309f60fff5eb108f2d1925ef61de33d8 |
| SHA512 | 5912f1f38c1852108ad6327b09d726b1a57be710ea64e79a2950fa2b451090061333504754575b7b3318f82d554ff11099b828fac8e4d36d2136d2654c52cb39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2d80548afdebbf5175038bbdfc24ebf7 |
| SHA1 | c8a74072dc8622aabcdea1342e30560805ff810f |
| SHA256 | 13927a601f0d2fde924d1413ab628ef350921ba1ed3a9d75efbf18054d30b445 |
| SHA512 | c04fa902d6850fff7d9e535aada3c888e7d165477956310512562739185137001e5ed47dc4472e766b8504c4314bfce619a9c4d86339b293df4b8e419ffc0196 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a0f5dde6845a7c772a80900480376c2a |
| SHA1 | 492eb7b59181e9a6c0dd42321d7bec37dd0bc770 |
| SHA256 | dc5c132a4a01bf52748035cd6bf19718ce0bde07345065b8c594a945f8b33ae3 |
| SHA512 | 5ec480579f782d256bb3cef4adc792e542fee490c4acf2d229575b3b44ff690be27273f914a917cfff550aefc5d966a49c471ea7016b797099aff18226ec32fe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c6d8151165f3f2f9d561fa631690c1e0 |
| SHA1 | 6db96d557ee030d0acb8bdf56828dbde20aa9128 |
| SHA256 | 683279d10363703811119eac051502c4b488ece626ae09f9cc47757918f62654 |
| SHA512 | 3968dd91e6bb3fa3048d276342fd9965de3ef354f497b131396ad314e714cb322a02dd06887c9568e643cdd427239d3cfad8237f6f24041733d08ff35dd7a4c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dff9e96f935dee3c696c37eeb9cc8231 |
| SHA1 | d3f29f26ae9564ec26653e890ebff23f8d00095c |
| SHA256 | 97cb20dc89e42b5fd9b9fc3e71c9e5e0f086394737a929b8b3987273bac28fba |
| SHA512 | 4595a0088ab2803334de1ca6c69ef9ad8534877cb3e7490cfbcfe5bf7ce287801d76f67408f3bb18d48f09cc47ba8130cef25089bd9063cd5e8307fe2e66ea09 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2e9adaf1e044939e0cde49c7a06cac79 |
| SHA1 | 8e52fefa4e0f7aa7920ac3699b8d8fb8c7ad9721 |
| SHA256 | c5141be1755faaf4da87215963613c53b67ca2ec3fec604b4048bcb24ad42c28 |
| SHA512 | 385f443f62d768bada16c28e7b3dccc12759405b583b97e1a3bcc048ccf604ec78d9261bd13877609e893f9674151aef8a3ad9676da1748162f3ed1be88a3513 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 18afca4e3dd76bc6c7964686858c8c89 |
| SHA1 | c29ff49bc23148dda2d39e4f1ac365238d532960 |
| SHA256 | 8b423f463b0cf84f3d2d4c0e7aedb8dd982c18a2d46f3baa20e20015c4ba037a |
| SHA512 | ad4c6d721bfc90356363b85c9d2f1178dee503d44a7eb777d544f3a33331d9668c89027628c946b6e79d64491f1a3c50a6e27ed53ff3731b3d70a79799501eb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f7fb21dc3ac6bb4eea61cab0db8080e6 |
| SHA1 | 7ca25b427c100218308339e9244cbb2554b03dab |
| SHA256 | 175439425e3eb818f1211eb670f6615552105fd59c5923d9de283557b970a5bd |
| SHA512 | 3f98c29112122ab1facb2c543533933d125b72fb4214b813a6736c234c46bc2b9dab4b6f0520fc36b9606f96d73bc80134547cb172fabdc797301b236afa0e55 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b7c78f57d1f8cd8c5022dfff18732ad7 |
| SHA1 | cf02a5653f6486212e4583548ea2c30c37ed4fec |
| SHA256 | 02aabb776cf986144402d9dcee82b5013f3107e09123d329a1b4486d973d917e |
| SHA512 | a040390c34abb3b56f6403b7fbc546691fe0c2e83e36345b6653284916801fad4559e7fe616d7822258afb5d673063adbc39e27188802c94dfd208de6d0fe8a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c50389dd1ecb39e2d7a2dfd26110ccd2 |
| SHA1 | 7308a5b9cc957bee37ad233f6774a9ede0baea71 |
| SHA256 | 6881787a4aea7075bb7193f10c8bbb3aa2ecdd2b2fb735023d64408a45ac98af |
| SHA512 | 073a054903568b91c6b00eedad09e4c359022a72270537ad5d75f56b2a3af8a23b5800decca3129fabc17791328cc7a4328a6a68fb47f2816decc77e0d875041 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 31dfcfabaa470982d46e64a48ca440be |
| SHA1 | 14bfda027a2a919800ac0ba23b16b96fa032353f |
| SHA256 | b5d4c39d2613d45f55352205498e82a63054b1c42b8418b96e507634a110184e |
| SHA512 | e9e7624b8cc85b893b050dc92679bb4a3284c9d43d271f22a75c9e406bada3eda9bc7f766acbf8a2b7839683115ea599d2de18a87a164754ede2f3405c17b250 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4a241f0971aa3247afa4d1b0ba135ace |
| SHA1 | 993d7f02c925e74e4b0d1641d3a72bd08a7cffc8 |
| SHA256 | 4c501031639760d7e5074c39bd118052c6996b8cdd52b0a07b410458d2d858af |
| SHA512 | 26d4186a228d8eaccbe1e982a748e6bcebfbf4fceacffcc132340e5774701448e48e5b488a307637768d8ced4cac873a34757af55288b9be067a382aa7205fc9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b489c184b061581d798409cf5d551e2 |
| SHA1 | 9a6762e80e13073a11a8d38f0f21b02108452845 |
| SHA256 | 84a57d19945ab5182908e97dc837a82ddb89e04a00f5a520414f130d09c100df |
| SHA512 | 209fe853d9ef9eda9e7a4b12ad036b920318ad4747e66b98512ba1259965eb8805fcaa18531f653c88ee668df1d9f1481629d8cf8a29dd7941468ee93474de91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e87d112b17b303d1f377f2285bb42fd6 |
| SHA1 | 13b23972ed63b249b8db8b100b239e50f158ac51 |
| SHA256 | 457c22ded4318d474ccf202ea45495db5f30e7b9997246e8fc41d33c3ad4ca87 |
| SHA512 | 3757b94bacb39e68bedf7fa4a6845f25bb48f4539b6b2dd9304b1914426d49a6abf0ac50a057a33fd77dfdd400917f01829c52e8d8b47f36dec8e7a0f7dde639 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a584cc7051f262d68ea88017e3a541a |
| SHA1 | 14c45c60978527b65d62c28d09274ea89014a3a3 |
| SHA256 | 8b6ab9c1face235b5c713dfc9c5351f46931e79ca486dff1a49b059e2e4fdbb8 |
| SHA512 | e8c87541befec8e151082dd49434cad56378d7b2fc6a75b207fec8bf3a4f0603231a066728fae1d4859073de205c2e70fd369a1258a4b753d749971db32df886 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7339e4874be95a37c55f545ef8975279 |
| SHA1 | 44b9f4e63bac60a080418c6aaf95ce683a06983f |
| SHA256 | 669f806dae8437946c2ba8a50afc718858bfb8701258201c945e69c838ba4ac5 |
| SHA512 | af8349012280e2c6fd5be40e3978b4aa56d6fffc537354e2bfcdf7e44ac1dc70a1c4b8c7413d41ebb3f55a8ef1cab1cba83d13cd512dc53739a70ced55fff549 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d60a1e713921f064ebd249924c4a49fc |
| SHA1 | bae5f8f0596f04ea1c5728efbba52d29f19520ed |
| SHA256 | ab82acac7ed29c9433a299f7cc91c936e3161aa38141738768b562d5743e6949 |
| SHA512 | 6c3f01f800f78e5a595eb8a3b9bef7817612154d2f906d5b28e266e9b22c6d1e0289569a4b5efb553ec54118ab86e08e1469536be954bd12fbbfed751ecbd10f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f0380cd8c0c592a6bf6088f1136455c4 |
| SHA1 | bab9352e6b9db3b4ef1d1aa8299368a2623166ce |
| SHA256 | 6e2ba4770a30f71642fccd6b1fa0d1c2ef6b6b36156525ae61e4f0838c82b102 |
| SHA512 | 25c44121eda2951deb73ad1a853c499bdaca2643fbae3b4b3aec9e9a04ef4af8653ee013975826301ba4eb699368ff0220d70c05535da189de867daf6a081793 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 868ca3b77b9f1c4d1fe4c8312bfd4675 |
| SHA1 | 9e4f52e5317435876a562a7bcf7ef9354a6cedd8 |
| SHA256 | f9e31c57b5cadfa271e72dbb0c300c635a998e8729a70473b535748ddc611a45 |
| SHA512 | 6996600a29374aa51c449ada94ee3c2e63d3d499ec8df1e0fbb3fb801e9f89a329a47a364af5e6d547ccbdd3e66e3aea6e56629deab675c78f93eb2083eba446 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b4cc3a16ed219bce29b84135f8a97aa8 |
| SHA1 | fc7f81ccbd2b36937da52e50f8bbb5969aa21bbd |
| SHA256 | 3cb2fb676d8a960d23faf5ea6567aade311f97132612eee10bc6fa497e29e842 |
| SHA512 | 13283551e7d68e909c0c25805cacf28757e4177f789cb1e34541f15a71739b8667468acb981b82f5991e008bf0f9e8003410ea4a9ccb237a74f01e4316a7a663 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a2b5149ae5692a0796a748246ea4a85a |
| SHA1 | 61d7ccc3d74864551f3d2f94032382db2fa5ed43 |
| SHA256 | 05e3e77f983d185414d5c73b1c44cb0fcae248a0b54f5e0b9d99f472d2eade18 |
| SHA512 | 52196362619914a7f531efd047ee5b08adc8a50e250dea38242f65edfafe96dedb84a3b17ef3a1a4004c0a13cfc52b91bf7315ed78669c84c4ff2d274f885cf6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 845395a02f6514dd4ea83fd08160373b |
| SHA1 | 158a5f3cd2aaba598a18f83ce695e4a4648cb371 |
| SHA256 | 4c14fe4cede4e687ed9d7186167ac854f9cb148d10bda57527e04249a286bccb |
| SHA512 | cc55d1b4e7fa049b32c0dda628daa85a70f43e0446b61781e7904b7b3050b9fc74551a898f8bf0b2197ae9f70eac471e8714662f9d7ae027911764a3add566ea |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9a1e6d584326813747a7b795b4cd52b5 |
| SHA1 | 0ef7af7dc223152536baca93bda75cc63e4aa5bf |
| SHA256 | e568ffdeb40e612329116099c47aa19c628e8cb58a78cb70ece6f9bde53d8e80 |
| SHA512 | b2c1ce8a796aa733928aeb8750ebf1831e26063081afd7ad0aa7a3c17dc9a2c1e992142399d76e44801dc8a9ae0f9379b6ee9eb65ad6899e9a1e84483023a356 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9428e71483be354d3e189501f94966a9 |
| SHA1 | b19a11dc3792b74fb0841934c2d9c117a73a5f65 |
| SHA256 | 8558271d35647581ceac7ce19142244cacf037f54ec9d220fd1861085b0833ef |
| SHA512 | ea546d4bffa80e497fd65e764769b372cfa5a3933aa59e145a75afa5a56ef44510c30b27def03e5473ec82b7c801d0eeeb2889f2e091c06c583d5509f50ab0d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0e6f174e430c0625b20d88f5aee99f62 |
| SHA1 | 8487749297b251484ab8775b0c0793fe46fc16ab |
| SHA256 | a21c779a28dbb776ed645e1771b18d59dbbe07944a615f0d680c18736cb941d2 |
| SHA512 | 1ed8e529d8623ab386d0cba147410fb0f2e5f0290a7087d156df08332305ec851a66e0cc4059058f279314f6304c11bdc5783f67971f7f592fafe879270b1df1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7904a0e2dd7decf88aaab92ef4008cbe |
| SHA1 | 282c5e31c9ced0e39b1908b061469044b0c6eb53 |
| SHA256 | be6c1bf9094203079e28c8dd8073bc7e55a1da66d7c2a81267f1a5d75bdcfb19 |
| SHA512 | 8473da5dcd934c95a4c5048206d6552653c50c4902f8f3a63ad1d033d0272941a6e64ef95cc323d2485baa7e3da54509baaacc54d0e5c9e2855e3d9943f084be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f8fa4787971182023f736bda3bf27b42 |
| SHA1 | fca47ecd420bb5b0169a11ce507c9ab1f52b67ef |
| SHA256 | 3c12dbaf8e89801eda3d32f9716aa03a287c9956e0a798f5fe899dfb08120613 |
| SHA512 | 4ae6e9f269934bb003d4734abb7913366131c6e1b5ee6472ed1b358ad78f78e1f25d029c1cd77cb868d37c3c0ee56f83ecdbd3e239a7ef9e213193fbdb5279c3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 825548e7542516fd667658d5220e9b92 |
| SHA1 | 137448ac04209632dc98febaea4183cd0c305450 |
| SHA256 | 964096fa903d800b00b2a00fd960894818041ee76a3bf9d513ee7557c3baea33 |
| SHA512 | 7106f5bf60cec7e37cccdc2428e5c72e117e6a19b7fa921014b7c7b95a2c0dcc982ce599c969baec3c774620643870b492c7cc3f0c80b371dce450f445106927 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0249fb940c23084f5a87f0f4c5fd3285 |
| SHA1 | 00a6436699843a40a25256bf59bb7ab0615e616d |
| SHA256 | 923d45510bfe9c085f5ebee74362edac2c7c5f054a5ad21b16aa828233ce6846 |
| SHA512 | c7d986eb511d3ae8a1d27dd8c71d4313d245657db9d853bc46cd938cf0e222794c77db257528d25e760f1dd1e02fc7a02aa8f2f05fa62afe09516860d86056e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0f3546e78a2e10aa78bf51140e5a809c |
| SHA1 | 647f80d0d5f740c6f85b9877847d274eb0495295 |
| SHA256 | 4db1458eec56fcc0e70f19d792c547341b12668fa63562d98682c7d7592a9d97 |
| SHA512 | 2a10ecb9f0f8455028687796c41d05130f4f5de8e32b28de333d0fc853b341a465346bcf68155685e1c8df42e632c5181df024c891ca72dacdfb655eb61123ce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 68f77a348d67b9a0a4e2902cb234af53 |
| SHA1 | df3d0e582ee435abe517457a188de8c8bca03ddf |
| SHA256 | 1af02401882bd44c79b209be872e2bf168cb0005ce2c7d3402a9d4e487783bc7 |
| SHA512 | 4a7b6485c213d0301d38004cf899b1d89253bec5fb77c7c9952b7e487eddfa06afefaa95e8fb669c3273a3d701d88ef2a01a211c99dbb98c1e2b421fdcc1e443 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7eefdfb90bf8f9005538ca6e4d135bf4 |
| SHA1 | 6be746310f71e10d6a2f10d72b8cc7453f8b3a77 |
| SHA256 | d710b0a9ed0261d59d1fc78cc4fd39ceaf68c55a9eeb6474e81314115c080499 |
| SHA512 | 45fc2bfbb529b8fe1c531568a765f2fcd13060d840c5aba07b005ead8e4766ed184666044f8c9895cd55fa52ec60903af55376c61477d7a79fc2849aa60b4e85 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ae3a580493285de4567d8e36b4ebf309 |
| SHA1 | 6d637fd8691237062e7f470f1d7f4bbefd6bb385 |
| SHA256 | 96584c9bcf9c6782f5589664b6a580a4ce5d1769a35eeb12ce2344465c2a077d |
| SHA512 | 659d4cb9698c36c2eeed5a2825ee332c0c4e3c867f8127561f722a278b52b8020e21c3b35f72f7c3bd94912b35627845462c25a82597e5a4c1094027aa52f45c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B2043001D270792DFFD725518EAFE2C
| MD5 | f55da450a5fb287e1e0f0dcc965756ca |
| SHA1 | 7e04de896a3e666d00e687d33ffad93be83d349e |
| SHA256 | 31ad6648f8104138c738f39ea4320133393e3a18cc02296ef97c2ac9ef6731d0 |
| SHA512 | 19bd9a319dfdaad7c13a6b085e51c67c0f9cb1eb4babc4c2b5cdf921c13002ca324e62dfa05f344e340d0d100aa4d6fac0683552162ccc7c0321a8d146da0630 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B2043001D270792DFFD725518EAFE2C
| MD5 | f996f00f9d2dcbe41f7b759f944d4099 |
| SHA1 | 6bc8195959178c63e76507194cfe2ca7bcc2872e |
| SHA256 | a26d2324481b0405cb53b7111be6ece15696254fb1e3539e42e4c4e31d490b1d |
| SHA512 | b84a7926fb53fb0ca24acc8f7e302842ae03658020e6e91a7ad0890fcf5f44e0c3b7f4c513d441a056f7c0aa980536f02d551b97cd763b3a6ba42ee23956a70e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f67e0724c49e6a225cf53e8e6b95a0d |
| SHA1 | 9081121db365a4a6945392803a04baba9150a847 |
| SHA256 | baaa158bbf66ae4e07ce763eeebf80b8cf422ae4e6ec141ca1e143c1f009a300 |
| SHA512 | 73a8f93c4bf04f25014e410edc6e3e0c31a53fa798c5f203e5e878a3b9276665ee48f7bdd8c930d917d2b8a607645e9de4a1d56429ab3feb6a015ed38b804a17 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9a5bcee371ff57c13aac3e4006f9aba0 |
| SHA1 | 5afbb23f7824eed5b4c1d078cb012efe11e212bd |
| SHA256 | 59554b7c18233ab6deade9e86f2c0c0f3ce0bde1243f037033fe8fff652c4303 |
| SHA512 | fe95bfcf75633bd52e980ddf4ffe27d46881556d10f88ab8a9fcb5ad1fc01784817140504629f60c3a631a9031b2ac02340b4c5a839ce6018be6b18ea05b86da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4b7521b0a2d97a8329b148a4d35b5f82 |
| SHA1 | 6557ae8a9b23dd7bfccec5675dec25de6d57f061 |
| SHA256 | a8ec1ad2dfc48020616af45da701197a265659a2e8923fa7a7557f1d3e17d47d |
| SHA512 | cc80f21bfc5fd2db4b5d19cc994c911cf45df592830ee0ee4f65a03266877277b0d9fb975d48e4491086b8cce94e97ad9ebba7dc7ce358ba9f9804598b4787be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6fd591c06d7ced52c1ac41b8be906ab5 |
| SHA1 | 3fc5b63a0b3619e0a8cd7fe5d046b2aa0f9b0f54 |
| SHA256 | 705f49b4ae677400b3acf2547738811c97714442240b09b885e366328b8700e8 |
| SHA512 | f7d65eaad65161c7e10ee1426dfdc59d2d828cbdff161a3fd511474b7059c3f09159c7172786c76631b8e2ba01f0d97f486be2ad88e670126e2d8d226a2f4ef9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8208b43b95c5623c22af8c619209ac31 |
| SHA1 | cd7ab5c91111b0ad78aac4757a4a2039de8299b8 |
| SHA256 | ea6cc8b1d1020d97e781b06909a15ecd4fe0fcfeb78550a1a130e44a1a9637a1 |
| SHA512 | 561018a8e6b178f4ee1db58d7fb4125e5eace9164dcbc3572b7a58e49ef8e14560eec9dfe99a45614f31bd40392fa80a74a80ce1b85ceaffba0dc7276acc725c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 620901ef5de26cc03eb119e4508f424e |
| SHA1 | 19c506f0f048c9429f686c31cfacc82efc4ff940 |
| SHA256 | 6a0ba0ca2ec26e2c459370384025eb75056ce8fcaf20a608ed4239cc278ac7b4 |
| SHA512 | f39d1d7316f6bd282748cf4dcdfd6a977609798ebdc5dbbe17ff6e33e73f668a6182fc6b6989a55f85c295591c8b77a8bd6972aa92a497530b759afb45c9d978 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b8146e1b12bdd15886728a954cf36464 |
| SHA1 | c230ceb5e15ed22be0eaeb671b1d7f7a8932076c |
| SHA256 | 9f79df9089a8187a0289e42ca415e1cf14df3207fbf9dfc889d729c0a5b9d8e4 |
| SHA512 | 1225f7c44cc5147f07e2ba1c258b885b98c037daab89e88e9ed12a08992b68ba37151a4f6d0e22018f01920872d8ebfc3f2cd2005ae6f52261201ad78b18a6fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 55fd3de817a6116bec8ec3d9e7baca30 |
| SHA1 | 6d3949b9516c978edcf09f99ce6f82209000a887 |
| SHA256 | b2a37a62ee0dd5dd918e9880469c62a089b5abce8ee5e85d990285b4091190c4 |
| SHA512 | 143a6111b5c91e78271d0b0837bd03da5f3e16beac147a8e1c6d99a25de4652fd4f9f1c1d4420a8689744eb496addd721d7a9ecadbc39874cc49d8af335752fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c5f993559d7ef7e4ee94b14c6fcbcb88 |
| SHA1 | 4886b0522c00df05dbd1c2abd6af53e66c9ddb86 |
| SHA256 | 57b2f828c28a215ba2dc9735d261dd63b96aae640c486460940c779453daf1c4 |
| SHA512 | 4e608482cc0e87410f4835050cf9b221c5081caf581dc19b2b06ea516b2405e38dbb4fe145b353d84b22c916fd279e08f9fa842162a15f42c9c632794fc8f5bb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7b2c692f5554c1dec84c1dc29f4c54c5 |
| SHA1 | 01b80de962e056cddaa9d7ed45ee01dec80145fb |
| SHA256 | ffe7e38bf4426d6a0d01d9ef0690b0ffb7168ac3b6cc4b7d2fd905c326b9bd7d |
| SHA512 | 260f5733de0ba69190ef3bbb26ceaa9b990a81efb1d16f2fee8f8e181636fddf539ac1c42e66d0e8eb65d3c5d750809bf5ba4d27eb9215bedf701196aad81489 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2a7ff2d7574bd51ce25b3381626c70b1 |
| SHA1 | ab4fc8b77bfd70e2d61a4db28edfb11cd36a1677 |
| SHA256 | cc1af08df2bf02943fbb5f5d73c5936b603e88e0a61350d10368034747556693 |
| SHA512 | ff70868506a916540e985abff712ea8cb743b9dc86683a95324884c5ec5408c615fbfb1c3387a4c6924603380b5d0e8f4d3528eb2ef7e0f1293423e7f90bc918 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3c35f9cb4c19d36e04669836a89e5eaa |
| SHA1 | e65ec95d5adb07294c475686551ee41d57d0d4fc |
| SHA256 | 505c9d76c232ceeec1bdd050759f6559ecb8f65b1d1c90822f70aec6057e7690 |
| SHA512 | a2f3d66fb8339bf23e7526b7847d7481538b702f131d745c44cebd95e883ad48ef637779a61e9c378aaf75f98c165cc1d8495d1e7ced32aca00aefa6621b1378 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e8233708879a5132fd6b5d9f0e279ec7 |
| SHA1 | 9fbec834d57eff7d4d7e54aabd6dcf7d7115a1e0 |
| SHA256 | 21e7b1306389a8b22989859a85f2fc94f2846653c3202239bbec0022e7826f8e |
| SHA512 | 796053ea939adbff45413ddde5e463c1eba65c42b23d03fdaffa12bc4412db656c8ecbe196f5b0f679566059b47aa7d0b1fec5079fa5ba9bacffb8fea44589df |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 32cc460e12c33346f0a17456425cd8c0 |
| SHA1 | f42c2731754f21697ca52fcd6bc013d68478013e |
| SHA256 | 7de35ad7e3569325395deccaca7b6a11272b47ebf343e45b4596813667a9105e |
| SHA512 | f4d748a548ce7055f706746e3a79ca6494627f72a0cfa7b350da11d8e7e897a337ea93508fafec3fb1600ae1ee33bb53e95d122799234f8991893c5f79b04e93 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cf001ecd0773a6cb127c40cc45f6d829 |
| SHA1 | 097458afc1d43b4515c0302e78bb7f02c78062ae |
| SHA256 | d5bde7d6cb1ed11693b6e51d869a8eb6c6fc925e222ca1836b094377a1fabe14 |
| SHA512 | c61bf436abdcc6024bc05337e101b3cd0488f33428307a0fd421d780b4da8a13c1cf89ebba7a234293b6dc3033480d26125f00d173f1d92ef2876b876a7fade0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d524d3f330d9421947892293cb2ac6b1 |
| SHA1 | 034274fcac51cc4fb986b3c25976bc3d13c3e149 |
| SHA256 | 915506750c69d8917f487289ed4aa56297060f1d0e207497f3d3e593a2e517a5 |
| SHA512 | 5f4c926ea96b5d54999f328bb356029032a91dcaa3315843d50896e1f7a9c696d48c22bead1c20d5076e0d3c63d99a9fbd87638f26069fce24a792d60d49d330 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | abfa0a808ad63c64d2ae16f53a5ab693 |
| SHA1 | 75b9080f776f9485e40168cc76da9e33ff77bd4d |
| SHA256 | 28d4156c75018c3ca1cdb07b8c1679a0adeb9013a0e11c11a2229775db416acd |
| SHA512 | 6a544d59c52f576e7959c642c4e644a93e98bf3bf32e819ab6796dc68685b282acc236994b86382b6a21a8d20f51ddfddb199e0464d29cef29baf81983a89a25 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 39edfbcff54fc92cf876b2c665220f43 |
| SHA1 | 2d243ac4abe2e6cff5efd16ddd60bb5f95042531 |
| SHA256 | 58b042a46f5fe1d5130a0cda75f3865e20ecee46513086bdb5f7021033f2da2a |
| SHA512 | 52f743c0e7aba677e54fe360072e3cee78070d22961eaa00e0821be77f7558347e9e709a40fc6544985b1cd62383f0b1ed324476c84733cf28ee32bf936cd7f4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d8e465629f92a179a1befb079b608765 |
| SHA1 | 5611a51e2c87d51a15d321febfe36a68bdfe606e |
| SHA256 | f0ec509ee06b6fb1d105ced3849c23e11c9a2d1e503d0ba46aed931456d92887 |
| SHA512 | 5596b5ad16a460011c1dee0b4b83bfe73324acbc1da701c1b474de14c7e983034670d8e143ca73ffabd272a17283f56765a9491151b6105c8fbc1b006e83b9af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4f9f90d61796b4ad5eac0823e22af410 |
| SHA1 | eb6ea7c69e4b1a55e82700ebd305c9751036bb53 |
| SHA256 | 387e1996f96f63709abf23fc07545df7666f0d38e2a92dc272326749a794f448 |
| SHA512 | fa1d361cf05f27e662430a8a392e2a0411ed0b0dd49635365ca5490c58240182dd97d7d5d31293a93533fb25eff2abfa1d6df56a51a50aab16b0b443856c4bb4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 079941ca3305df3eca6ddcc6440d7076 |
| SHA1 | 0db1c768578bab2e06fa2e88a9f7f7c13f66544a |
| SHA256 | 36fd8ee5778f56f9f36915966d9226b1158a6b49d11dcb444c460247d3477d30 |
| SHA512 | 744eb44a0ee043bdecf8385b31e821fae6f9299a4c35c09e72bb5fefe495101037dae5b58a2513f757fc7a07eee514f29e6c87b323fa9b16359bcd2e42e12f1f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0800cc7706803709aecc5809d06a55be |
| SHA1 | 7f10d488cf08fdc47397999ad880c853638642b8 |
| SHA256 | 06857c1ff74e9852c335d73f2ee5f1d64523539d3b046520d57fba19f2e1f840 |
| SHA512 | 646f6171d4402dbfa3fac37bd377fbbd0a21d5ae0be7f67d904de09094b8ab0bee06f42bff21d1589df2f9b56be43de4d5ac63686d420465286ad9f526de76dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 937d6b282f51b4b408883c29fed013d6 |
| SHA1 | 8f02ac5ab8576f20331ac9c6c2235e1c30d323de |
| SHA256 | 486a4367b3c76d382be9f75346d37c1d3bca6628c48d9bbd243260d45fab64ec |
| SHA512 | 0ac57b3c2c049230f371c66cef7739ed678b01b5f8a58571e226c43ebe290a448fcc4f47188cab59f069644a400a579a8a74a4eb1ca1207d2e45336e313410a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 9de8f84cc285ebe5885a1f6a4f87cbd9 |
| SHA1 | cfc0fe22fd06556b541de5d157c6cd21ed7749df |
| SHA256 | d6ff8ec8611a769ddf9f3b2ea139adc9d00e5c2290d07c985df8833058bc2093 |
| SHA512 | b73f7a0f5801545de7b68691b32b750b021d120fc35824ba6108600da2fcc3a6cf02d213db20b0b611ce9a2d93725d2c1d80638149afb4442a1f40a212869e30 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f3f5295ef999edd94253461e04f6b326 |
| SHA1 | a7c7db2425adc80eaf232256c1c4c6482ec307f2 |
| SHA256 | a39f50a88e9692c224a8ff380b4ee0f9c7fec93ac3fa701129ab7f904c879a7d |
| SHA512 | 87de5a9685b68883c89a8d146f224d769f5083427a1b69003dc349cddd0be6456d6e74f047221b13052ae7a6af8ed0138a5e23eea33cba299276bc63ac2965bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 752bff88d4a784518751b3fd865e80b0 |
| SHA1 | 75d507ebc88d17afca933bf6879bf421b93660ff |
| SHA256 | 26f67713c2dedf566cd7a41fd7f1ee35fd39dcda685ab12c01fa074ca77a16e1 |
| SHA512 | 341e3d97293c6ca69e8c458626c34f6edaff49c2387c79c9b6d96138e0d6a6dd77822fb73f1203117095158bdb41ad88ab58dced4c47e662900b1f1d3ce0dd6d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 85ed6de96a0fc44b46c7c1479d8e6bb8 |
| SHA1 | a2f8f6960b8863ae97fac5557e998d7edc4ec614 |
| SHA256 | b3c62d62dcc26ffaf4fb128517368c6c016f92fbb8f1b3134c9fd4bbba7b7606 |
| SHA512 | 8b889f4cbea7be5da0dd9f3c49179b37a06a9ad5cfec20004b880d34ca5e92674b6b71b1142b6ffec57ab4e51912ededb85930c852e1bad43eda78df5f7e1315 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e51610d200b36c8071d84b243d45c23d |
| SHA1 | 9357e353eae721c32a5de712367b04c2263f4be7 |
| SHA256 | e144a566c03be7ee17f95a8fb0ccff7169dd4dbabfc7e783a2196b597736a1e6 |
| SHA512 | 4091c71ffea3f769aa4458a3b66ca5204f6052fea4fb580f29d105e6338cccad5b51171ff4e37a0935b0c47505366abe2d9d9a7ea81649d8b74b012ac1c047d3 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-09 06:49
Reported
2024-06-09 06:52
Platform
win10v2004-20240508-en
Max time kernel
143s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGBrowserUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6\\psmachine_64.dll" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize " | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize " | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\AVAST Software\Avast | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
Checks installed software on the system
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | extreme-ip-lookup.com | N/A | N/A |
| N/A | extreme-ip-lookup.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler.exe | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdateComRegisterShell64.exe | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_bg.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_pt-BR.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_sk.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdateSetup.exe | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\psuser.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_lt.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ru.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_zh-CN.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_gu.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_mr.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_hu.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_vi.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\psmachine_64.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdateBroker.exe | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_fi.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_sw.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ta.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_zh-TW.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\psuser.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ro.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_bg.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File opened for modification | C:\Program Files (x86)\GUM6538.tmp\@PaxHeader | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_mr.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ta.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ca.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_it.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_uk.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserCrashHandler64.exe | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_iw.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_lv.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_hr.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ur.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_da.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_et.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_is.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserCrashHandler.exe | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_fil.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_es.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pl.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_es.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_gu.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_fa.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_pt-PT.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_sr.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ml.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_en.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_uk.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateHelper.msi | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\@PaxHeader | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdateWebPlugin.exe | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_fa.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_hi.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_kn.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\acuapi_64.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\psmachine_64.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ar.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_hr.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ms.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\goopdateres_ro.dll | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdateHelper.msi | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_ja.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
| File created | C:\Program Files (x86)\GUM6538.tmp\goopdateres_lv.dll | C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppName = "AVGBrowserUpdateBroker.exe" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}\Policy = "3" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498} | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppName = "AVGBrowserUpdateWebPlugin.exe" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\AppPath = "C:\\Program Files (x86)\\AVG\\Browser\\Update\\1.8.1693.6" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}\Policy = "3" | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077} | C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133623893959548493" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\NumMethods\ = "5" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{925547A3-663F-4673-A7B7-3FCACCDC4879}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E37D9308-A3C0-4EC3-87C5-222235C974E3} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{82C85EAA-7C94-4702-AA75-DF39403AE358}\ = "ServiceModule" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{079CAB07-5001-4E71-9D5A-B412842E5178} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\ = "IProgressWndEvents" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FBDC15B-BBCD-402B-A45F-1853B01A9E3C}\Elevation\Enabled = "1" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3WebSvc.1.0 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE}\ = "IApp2" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93}\NumMethods\ = "17" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7E22D0ED-B403-44D2-BABF-4DDD0DFCA692}\ProgID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\ = "PSFactoryBuffer" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\NumMethods\ = "5" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassSvc.1.0\CLSID | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3WebMachine\CurVer | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.CredentialDialogMachine\ = "goopdate CredentialDialog" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{804EC8ED-BF49-41ED-BCD0-CA1D716D3E98}\ = "IPackage" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{67F69D86-C3AA-4CBF-A536-C73B5D785FFC}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C0BAA6C-52FD-4A3F-8731-F588C5E8F191}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{59577BB5-F97B-4880-B785-510238C5C5CE} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A012A499-D8A6-4F6C-9E05-B02D58E3781A}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.ProcessLauncher.1.0 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.ProcessLauncher.1.0\ = "Google Update Process Launcher Class" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.Update3WebSvc\CurVer | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2DAE1732-F855-42A3-9D28-B7F6E291ECCD}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C32E10AE-6600-4A1E-8BEA-EF89A3072F93}\ = "IAppWeb" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DD8E03F-6BE1-41E2-B931-A37C7D1C0317}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}\InprocServer32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{45F7CBA5-258D-4852-AD0A-B18F3FB214F4}\NumMethods\ = "4" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DD8E03F-6BE1-41E2-B931-A37C7D1C0317}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5CCD3788-C8CC-4EE9-8DF7-944B7D9674F2}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C7E81D6-0463-485E-8DF5-2ADAD81FAF40}\NumMethods\ = "8" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C0BE1521-7935-42E6-B606-058A559910BA}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8C50E3A4-12A8-41FB-9941-E8EEB222E07E}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E3700FAF-2DC2-4322-99B1-D6A51203AF77}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{804EC8ED-BF49-41ED-BCD0-CA1D716D3E98}\NumMethods | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB785069-B832-4423-B813-47F7422BA6E5}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassMachineFallback.1.0\ = "Google Update Legacy On Demand" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AVGUpdate.OnDemandCOMClassSvc.1.0\ = "Google Update Legacy On Demand" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D37D106C-CDD2-4821-BC7A-F08990DDCA74}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAAD654E-4B50-4C9F-A261-CF29CF884478}\ProgID\ = "AVGUpdate.OnDemandCOMClassMachineFallback.1.0" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025} | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}\ = "PSFactoryBuffer" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7BA03866-1403-40EA-81A9-23FCD97810E2}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C0BE1521-7935-42E6-B606-058A559910BA}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2}\InprocHandler32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A27F7BCA-118B-4330-9B07-9092E8F047E2} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\ = "IAppVersionWeb" | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A708F91-06A3-409E-83BC-4A5CF10C8025}\NumMethods\ = "10" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C0BE1521-7935-42E6-B606-058A559910BA}\NumMethods\ = "11" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{40C1C1D3-AAEA-46EE-AA2B-79A2CC62F257} | C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6972DB5C-E9D6-4A81-B352-B415A3A61CA6}\ProxyStubClsid32\ = "{2E7A212B-A33C-45D6-9EFD-2AB58EFAACF0}" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9E6B2FC-34C6-435F-BC66-1EA330DB1270}\ProxyStubClsid32 | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8159E37-5EDF-4E6D-8E6D-E558E8DDC2A0}\ = "IGoogleUpdate" | C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0400000001000000100000004be2c99196650cf40e5a9392a00afeb20f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d4190000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 5c000000010000000400000000080000190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd940400000001000000100000004be2c99196650cf40e5a9392a00afeb22000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\avg_secure_browser_setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7ffbf8c646f8,0x7ffbf8c64708,0x7ffbf8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf822ab58,0x7ffbf822ab68,0x7ffbf822ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4476 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4220 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5068 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4976 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4100 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3080 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5140 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4280 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4108 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5620 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4616 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4472 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6124 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6152 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6284 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6120 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Users\Admin\Downloads\Setup.exe
"C:\Users\Admin\Downloads\Setup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe
.\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN240401 --nonadmin --direct --tych --campaign=18142067438 --version=12.901.4.1003
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2352 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=2340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6296 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6616 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Windows\SysWOW64\netsh.exe
netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/en/install.php?partner=IN240401&campaign=18142067438&
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf822ab58,0x7ffbf822ab68,0x7ffbf822ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6676 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=848 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6700 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6528 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=3164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5580 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x330 0x3d8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=3056 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4916 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5728 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5200 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5416 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5168 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=4436 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=4440 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=4388 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6652 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7152 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7196 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7204 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7332 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=7496 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8052 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7592 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7020 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=8660 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8640 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8744 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Users\Admin\Downloads\avg_secure_browser_setup.exe
"C:\Users\Admin\Downloads\avg_secure_browser_setup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=5500 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=7280 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=7232 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=7320 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9176 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=8920 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=9340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9300 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9640 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=9636 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=9828 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=9780 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe
"C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe" /relaunch=8 /was_elevated=1 /tagdata
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=5628 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=7972 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=2328 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5400 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=8064 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=8872 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10604 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=4580 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=10488 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=10312 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=5096 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=8136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=9148 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=10700 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=8684 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=10244 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=11020 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=10964 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=11208 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=10516 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=9504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=9476 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=8504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=9588 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=4156 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=5892 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=5188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=5340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=7184 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=8480 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=12072 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=12092 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=12108 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe
AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe
"C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
"C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0ie0M3NkU1MjNELTVERkUtNDg4MS05M0IzLUExN0ZFREMzMjRCMn0iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9Ins1MDVFNTU3RS00M0ZCLTRBMDQtQkZGRS0yMTAwOTRDRTMxREJ9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDkiIG1hY2hpbmVpZD0iezAwMDA5QkIwLTk4NjYtMzU5Mi1BM0E2LTA4NkJDQzI5MDlFN30iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwOSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9IntGN0U4NEFBNi1FOEIyLTRFRTMtOEY3RC0wMjA4QzNBODM1NjN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTIyOCIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNjIzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{C76E523D-5DFE-4881-93B3-A17FEDC324B2}" /silent
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
"C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 8.8.8.8:53 | ei.phncdn.com | udp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.23:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| US | 66.254.114.41:445 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | prvc.io | udp |
| US | 172.67.177.254:443 | prvc.io | tcp |
| US | 8.8.8.8:53 | cdn1-smallimg.phncdn.com | udp |
| US | 66.254.114.156:443 | cdn1-smallimg.phncdn.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.177.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.114.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.18.217.172.in-addr.arpa | udp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| FR | 142.250.178.142:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 216.58.213.78:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| JP | 142.250.196.131:443 | id.google.com | tcp |
| JP | 142.250.196.131:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.196.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| FR | 216.58.213.86:443 | i.ytimg.com | tcp |
| FR | 172.217.20.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.75.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| FR | 216.58.214.170:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 162.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.75.250.142.in-addr.arpa | udp |
| FR | 172.217.20.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | minecraftforfreex.com | udp |
| US | 172.67.160.215:443 | minecraftforfreex.com | tcp |
| US | 172.67.160.215:443 | minecraftforfreex.com | tcp |
| US | 172.67.160.215:443 | minecraftforfreex.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | 215.160.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| FR | 142.250.179.78:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| FR | 142.250.179.98:443 | partner.googleadservices.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.78:443 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| FR | 142.250.179.78:443 | www.adsensecustomsearchads.com | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| FR | 142.250.179.78:443 | www.adsensecustomsearchads.com | udp |
| US | 172.67.160.215:443 | minecraftforfreex.com | udp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | free.webcompanion.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 45.63.66.114:443 | free.webcompanion.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.66.63.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.19.208.152:443 | webcompanion.com | tcp |
| US | 104.19.208.152:443 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | 152.208.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geo.lavasoft.com | udp |
| US | 104.16.149.130:80 | geo.lavasoft.com | tcp |
| US | 8.8.8.8:53 | featureflags.lavasoft.com | udp |
| US | 104.16.149.130:443 | featureflags.lavasoft.com | tcp |
| US | 8.8.8.8:53 | flwadw.com | udp |
| US | 104.18.27.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | 130.149.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcdownloadercdn.lavasoft.com | udp |
| US | 104.16.148.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 130.148.16.104.in-addr.arpa | udp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| US | 104.16.149.130:80 | wcdownloadercdn.lavasoft.com | tcp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 188.98.55.23.in-addr.arpa | udp |
| US | 104.18.27.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | wc-partners.lavasoft.com | udp |
| CA | 64.18.87.82:80 | wc-partners.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 82.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.19.208.152:80 | webcompanion.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| FR | 142.250.178.138:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 104.22.56.245:443 | cdn.inspectlet.com | tcp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.56.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hn.inspectlet.com | udp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| FR | 142.250.179.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.179.250.142.in-addr.arpa | udp |
| US | 104.18.27.149:443 | flwadw.com | tcp |
| US | 8.8.8.8:53 | staging-partner-info.lavasoft.net | udp |
| US | 8.8.8.8:53 | sg-bitmask.adaware.com | udp |
| US | 104.16.212.94:443 | sg-bitmask.adaware.com | tcp |
| US | 8.8.8.8:53 | staging-bitmask.lavasoft.net | udp |
| US | 8.8.8.8:53 | 94.212.16.104.in-addr.arpa | udp |
| JP | 142.250.196.131:443 | id.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 104.16.149.130:443 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| FR | 142.250.179.110:443 | google.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| FR | 172.217.18.195:443 | beacons3.gvt2.com | tcp |
| FR | 172.217.18.195:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youporn.com | udp |
| US | 66.254.114.79:443 | www.youporn.com | tcp |
| US | 66.254.114.79:443 | www.youporn.com | tcp |
| US | 8.8.8.8:53 | 79.114.254.66.in-addr.arpa | udp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| GB | 64.210.156.20:443 | ei.phncdn.com | tcp |
| US | 8.8.8.8:53 | ea.ypncdn.com | udp |
| GB | 64.210.156.20:443 | ea.ypncdn.com | tcp |
| GB | 64.210.156.21:443 | ea.ypncdn.com | tcp |
| GB | 64.210.156.21:443 | ea.ypncdn.com | tcp |
| GB | 64.210.156.21:443 | ea.ypncdn.com | tcp |
| US | 8.8.8.8:53 | ht.youporn.com | udp |
| US | 8.8.8.8:53 | fs.ypncdn.com | udp |
| US | 8.8.8.8:53 | ei.ypncdn.com | udp |
| US | 216.18.168.30:443 | ht.youporn.com | tcp |
| US | 8.8.8.8:53 | cdn1d-static-shared.phncdn.com | udp |
| GB | 64.210.156.20:443 | cdn1d-static-shared.phncdn.com | tcp |
| US | 8.8.8.8:53 | 85otw.voluumtrk3.com | udp |
| GB | 64.210.156.23:443 | cdn1d-static-shared.phncdn.com | tcp |
| US | 8.8.8.8:53 | ads.exoclick.com | udp |
| US | 8.8.8.8:53 | ads2.contentabc.com | udp |
| US | 8.8.8.8:53 | bi.phncdn.com | udp |
| GB | 64.210.156.20:443 | bi.phncdn.com | tcp |
| GB | 64.210.156.20:443 | bi.phncdn.com | tcp |
| US | 8.8.8.8:53 | ei-ph.ypncdn.com | udp |
| US | 8.8.8.8:53 | cdn.engine.phn.doublepimp.com | udp |
| US | 8.8.8.8:53 | engine.phn.doublepimp.com | udp |
| US | 8.8.8.8:53 | etahub.com | udp |
| US | 8.8.8.8:53 | hw-cdn.contentabc.com | udp |
| US | 8.8.8.8:53 | hw-cdn.trafficjunky.net | udp |
| US | 8.8.8.8:53 | media.trafficjunky.net | udp |
| US | 8.8.8.8:53 | s1.static.cfgr1.com | udp |
| GB | 64.210.156.21:443 | media.trafficjunky.net | tcp |
| GB | 64.210.156.20:443 | media.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | static.exoclick.com | udp |
| US | 8.8.8.8:53 | vz-cdn.contentabc.com | udp |
| US | 8.8.8.8:53 | vz-cdn.trafficjunky.net | udp |
| US | 8.8.8.8:53 | www.afgr1.com | udp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ss.phncdn.com | udp |
| US | 8.8.8.8:53 | eg-cdn.trafficjunky.net | udp |
| GB | 64.210.156.20:443 | ss.phncdn.com | tcp |
| US | 8.8.8.8:53 | fi1-ph.ypncdn.com | udp |
| PL | 93.184.223.43:443 | eg-cdn.trafficjunky.net | tcp |
| PL | 93.184.223.43:443 | eg-cdn.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| FR | 216.58.215.59:443 | storage.googleapis.com | tcp |
| FR | 216.58.215.59:443 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | 21.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.168.18.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.223.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ev-ph.ypncdn.com | udp |
| GB | 64.210.156.1:443 | ev-ph.ypncdn.com | tcp |
| US | 8.8.8.8:53 | 1.156.210.64.in-addr.arpa | udp |
| US | 52.111.227.11:443 | tcp | |
| US | 8.8.8.8:53 | fi1.ypncdn.com | udp |
| US | 8.8.8.8:53 | m.m.oronova.co.uk | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| DE | 217.20.112.104:443 | m.m.oronova.co.uk | tcp |
| DE | 217.20.112.104:443 | m.m.oronova.co.uk | tcp |
| US | 8.8.8.8:53 | www.oronova.co.uk | udp |
| CA | 23.227.38.74:443 | www.oronova.co.uk | tcp |
| US | 8.8.8.8:53 | cdn.shopify.com | udp |
| CA | 23.227.60.200:443 | cdn.shopify.com | tcp |
| CA | 23.227.60.200:443 | cdn.shopify.com | tcp |
| US | 8.8.8.8:53 | m.m.oronova.com | udp |
| CA | 23.227.38.74:443 | www.oronova.co.uk | udp |
| NL | 85.17.54.67:443 | m.m.oronova.com | tcp |
| DE | 217.20.112.104:443 | m.m.oronova.co.uk | tcp |
| US | 8.8.8.8:53 | shop.app | udp |
| US | 8.8.8.8:53 | cdn.judge.me | udp |
| CA | 23.227.60.200:443 | cdn.shopify.com | udp |
| US | 8.8.8.8:53 | cdn.pagefly.io | udp |
| CA | 23.227.60.200:443 | cdn.shopify.com | udp |
| CA | 185.146.173.20:443 | shop.app | tcp |
| NL | 185.172.149.104:443 | cdn.judge.me | tcp |
| NL | 185.172.149.104:443 | cdn.judge.me | tcp |
| US | 8.8.8.8:53 | 104.112.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.38.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.60.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.54.17.85.in-addr.arpa | udp |
| FR | 52.222.169.94:443 | cdn.pagefly.io | tcp |
| US | 8.8.8.8:53 | monorail-edge.shopifysvc.com | udp |
| US | 8.8.8.8:53 | cdn1.judge.me | udp |
| US | 8.8.8.8:53 | cdn.logbase.io | udp |
| US | 8.8.8.8:53 | static.klaviyo.com | udp |
| US | 8.8.8.8:53 | s3.eu-west-1.amazonaws.com | udp |
| US | 151.101.2.133:443 | static.klaviyo.com | tcp |
| IE | 52.92.33.224:443 | s3.eu-west-1.amazonaws.com | tcp |
| NL | 185.172.149.104:443 | cdn1.judge.me | tcp |
| FR | 52.84.174.14:443 | cdn.logbase.io | tcp |
| US | 8.8.8.8:53 | static-tracking.klaviyo.com | udp |
| US | 151.101.2.133:443 | static-tracking.klaviyo.com | tcp |
| US | 151.101.2.133:443 | static-tracking.klaviyo.com | tcp |
| US | 151.101.2.133:443 | static-tracking.klaviyo.com | tcp |
| US | 8.8.8.8:53 | production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com | udp |
| IE | 52.218.41.176:443 | production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com | tcp |
| IE | 52.218.41.176:443 | production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 20.173.146.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.149.172.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.169.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.33.92.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | omnisnippet1.com | udp |
| US | 104.18.39.180:443 | omnisnippet1.com | tcp |
| US | 8.8.8.8:53 | 176.41.218.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.39.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | upsell-app.logbase.io | udp |
| US | 34.233.152.58:443 | upsell-app.logbase.io | tcp |
| US | 8.8.8.8:53 | js.klarna.com | udp |
| FR | 52.222.201.3:443 | js.klarna.com | tcp |
| US | 8.8.8.8:53 | wt.omnisendlink.com | udp |
| US | 104.18.32.125:443 | wt.omnisendlink.com | tcp |
| NL | 85.17.54.67:443 | m.m.oronova.com | tcp |
| NL | 185.172.149.104:443 | cdn1.judge.me | tcp |
| US | 8.8.8.8:53 | 58.152.233.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.32.18.104.in-addr.arpa | udp |
| US | 34.111.205.129:443 | monorail-edge.shopifysvc.com | tcp |
| FR | 52.222.201.3:443 | js.klarna.com | udp |
| US | 8.8.8.8:53 | www.merchant-center-analytics.goog | udp |
| FR | 142.250.179.78:443 | www.merchant-center-analytics.goog | tcp |
| US | 104.18.39.180:443 | omnisnippet1.com | udp |
| US | 34.111.205.129:443 | monorail-edge.shopifysvc.com | udp |
| US | 8.8.8.8:53 | 129.205.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | forms.soundestlink.com | udp |
| US | 104.18.34.50:443 | forms.soundestlink.com | tcp |
| CA | 23.227.38.74:443 | www.oronova.co.uk | udp |
| US | 8.8.8.8:53 | judgeme.imgix.net | udp |
| US | 8.8.8.8:53 | 50.34.18.104.in-addr.arpa | udp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 151.101.2.208:443 | judgeme.imgix.net | tcp |
| US | 8.8.8.8:53 | extreme-ip-lookup.com | udp |
| US | 8.8.8.8:53 | 208.2.101.151.in-addr.arpa | udp |
| NL | 185.221.219.64:443 | extreme-ip-lookup.com | tcp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 34.117.186.192:443 | ipinfo.io | tcp |
| US | 8.8.8.8:53 | 64.219.221.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.186.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.judge.me | udp |
| US | 3.220.31.23:443 | api2.judge.me | tcp |
| FR | 142.250.179.78:443 | www.merchant-center-analytics.goog | udp |
| US | 8.8.8.8:53 | 23.31.220.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 104.18.34.50:443 | forms.soundestlink.com | udp |
| GB | 64.210.156.20:443 | fi1.ypncdn.com | tcp |
| GB | 64.210.156.21:443 | fi1.ypncdn.com | tcp |
| GB | 64.210.156.20:443 | fi1.ypncdn.com | tcp |
| GB | 64.210.156.20:443 | fi1.ypncdn.com | tcp |
| GB | 64.210.156.23:443 | fi1.ypncdn.com | tcp |
| GB | 64.210.156.20:443 | fi1.ypncdn.com | tcp |
| US | 8.8.8.8:53 | ei-ph.ypncdn.com | udp |
| US | 8.8.8.8:53 | static.exoclick.com | udp |
| US | 8.8.8.8:53 | vz-cdn.trafficjunky.net | udp |
| US | 8.8.8.8:53 | ht-cdn.trafficjunky.net | udp |
| GB | 64.210.156.21:443 | ht-cdn.trafficjunky.net | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| FR | 142.250.75.227:443 | ssl.gstatic.com | tcp |
| FR | 142.250.75.227:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 227.75.250.142.in-addr.arpa | udp |
| FR | 172.217.20.174:443 | cse.google.com | udp |
| US | 8.8.8.8:53 | undertale.en.softonic.com | udp |
| US | 151.101.1.91:443 | undertale.en.softonic.com | tcp |
| US | 151.101.1.91:443 | undertale.en.softonic.com | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| BE | 104.68.82.93:443 | images.sftcdn.net | tcp |
| US | 3.165.113.27:443 | sdk.privacy-center.org | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| US | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| FR | 142.250.179.78:443 | www.merchant-center-analytics.goog | udp |
| FR | 142.250.201.162:443 | securepubads.g.doubleclick.net | udp |
| US | 3.165.113.27:443 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 3.165.111.23:443 | www.datadoghq-browser-agent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| FR | 142.250.179.98:443 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.209.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.82.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.111.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| FR | 52.84.174.75:443 | config.aps.amazon-adsystem.com | tcp |
| FR | 216.58.215.59:443 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | adservice.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 75.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IN | 142.250.183.163:443 | csi.gstatic.com | tcp |
| IN | 142.250.183.163:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| FR | 13.32.145.94:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 18.245.199.156:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| IE | 52.212.11.218:443 | id.crwdcntrl.net | tcp |
| IE | 46.137.115.113:443 | ap.lijit.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 52.48.59.220:443 | ad.360yield.com | tcp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 178.128.135.204:443 | brightcombid.marphezis.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 162.19.138.117:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| FR | 13.32.145.94:443 | api.privacy-center.org | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | c47b7248ccc6619bc9439f3f1226864e.safeframe.googlesyndication.com | udp |
| FR | 216.58.214.161:443 | c47b7248ccc6619bc9439f3f1226864e.safeframe.googlesyndication.com | tcp |
| FR | 142.250.179.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| FR | 216.58.214.174:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 34.241.159.161:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | 163.183.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.145.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.11.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.115.137.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.59.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.159.241.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| IE | 34.248.224.200:443 | rtb.gumgum.com | tcp |
| FR | 142.250.201.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 54.77.199.36:443 | ce.lijit.com | tcp |
| IN | 142.250.183.163:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | inmobi-match.dotomi.com | udp |
| NL | 64.158.223.140:443 | inmobi-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.224.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.199.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.223.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 2.16.232.228:443 | ads.pubmatic.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| IE | 34.255.106.93:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 54.198.181.57:443 | sync.srv.stackadapt.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| FR | 99.86.91.26:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ads.avads.net | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | medianet-match.dotomi.com | udp |
| NL | 64.158.223.137:443 | medianet-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| GB | 104.120.140.21:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 52.73.206.35:443 | cs-server-s2s.yellowblue.io | tcp |
| GB | 23.73.139.80:443 | player.aniview.com | tcp |
| NL | 89.149.192.75:443 | ssbsync.smartadserver.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.232.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.8.201.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.106.255.34.in-addr.arpa | udp |
| US | 34.128.133.112:443 | ads.avads.net | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| GB | 104.120.140.21:443 | c21lg-d.media.net | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| IE | 54.246.18.125:443 | pr-bh.ybp.yahoo.com | tcp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 34.128.133.112:443 | ads.avads.net | tcp |
| US | 52.73.206.35:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | tcp |
| GB | 104.120.140.21:443 | c21lg-d.media.net | tcp |
| GB | 104.120.140.21:443 | c21lg-d.media.net | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| BE | 23.55.98.169:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | cdn-download.avgbrowser.com | udp |
| GB | 23.73.139.73:443 | cdn-download.avgbrowser.com | tcp |
| GB | 23.73.139.73:443 | cdn-download.avgbrowser.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| BE | 23.55.96.24:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.224.150:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 26.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.216.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.140.120.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.181.198.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.133.128.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.18.246.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.206.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.98.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| FR | 142.250.179.98:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| DE | 52.29.179.14:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 89.207.16.201:443 | casale-match.dotomi.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| DK | 37.157.4.28:443 | c1.adform.net | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| DE | 52.29.179.14:443 | rtb.mfadsrvr.com | tcp |
| DE | 52.29.179.14:443 | rtb.mfadsrvr.com | tcp |
| US | 96.46.186.182:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 63.215.202.140:443 | pubmatic-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | 14.179.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | 28.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.186.46.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| SE | 213.155.156.185:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| FR | 141.94.171.213:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | 185.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.213.78:443 | clients1.google.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 142.250.179.110:443 | google.com | udp |
| US | 8.8.8.8:53 | stats.securebrowser.com | udp |
| US | 104.20.86.8:443 | stats.securebrowser.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.86.20.104.in-addr.arpa | udp |
| US | 199.232.209.91:443 | softonic.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | f7af43eb612d05577394244a2c80708f.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 34.202.202.73:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 54.198.181.57:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 54.198.181.57:443 | sync.srv.stackadapt.com | tcp |
| IE | 34.250.160.0:443 | pm.w55c.net | tcp |
| IE | 34.240.216.83:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 52.73.28.214:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 8.8.8.8:53 | sync.serverbid.com | udp |
| FR | 13.249.9.226:443 | sync.serverbid.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| FR | 216.58.213.65:443 | cdn.ampproject.org | tcp |
| FR | 216.58.213.65:443 | cdn.ampproject.org | tcp |
| FR | 216.58.213.65:443 | cdn.ampproject.org | tcp |
| FR | 216.58.213.65:443 | cdn.ampproject.org | tcp |
| FR | 216.58.213.65:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.202.202.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.160.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.28.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.150.197.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 50.31.142.255:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | 65.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| IE | 54.217.19.5:443 | cm.adgrx.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| FR | 141.94.161.190:443 | green.erne.co | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| FR | 146.59.148.16:443 | pixel-eu.onaudience.com | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 170.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.19.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.161.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.148.59.146.in-addr.arpa | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.223.82:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| FR | 18.164.52.25:443 | s.ad.smaato.net | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | udp |
| US | 8.8.8.8:53 | rtd-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| NL | 188.42.34.65:443 | ads.betweendigital.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| IE | 54.170.43.5:443 | ads.yieldmo.com | tcp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | 25.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.174.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.34.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.43.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e2c17.gcp.gvt2.com | udp |
| NL | 34.90.241.47:443 | e2c17.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | update.avgbrowser.com | udp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 172.67.41.145:443 | update.avgbrowser.com | tcp |
| US | 8.8.8.8:53 | 145.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.241.90.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser-update.avg.com | udp |
| GB | 23.73.139.80:80 | browser-update.avg.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | articles-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| NL | 23.62.61.178:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 178.61.62.23.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_4816_WGWCPYEXOQGJANWE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0ad7e9cccd78f0ebbfaba06461f3703a |
| SHA1 | 9c9ab06795607a69bd62d22561bc6e25d481fdae |
| SHA256 | 6834add84369e01dfcbb908e8edf399433d21b81a3c23595aea9f619ef7de04c |
| SHA512 | cf382c4e0d6a40e0f7d058694989167ad0120295d4d5828e9e26b9979359d6e7df3df71ba2858ceffc98ae985273a9632f91de2dbf7cac9d88107629d407b527 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b4546890809ebedc363a206662dd4c88 |
| SHA1 | d38aa09bcf55f7b9080f459d361f67ba3af5c177 |
| SHA256 | f247e403a77e536822df97c143b46b865ad2078d940bc0c9348c6bde314b4a6f |
| SHA512 | 3e422e7d21d13aa4fd53572303bc1873d4fae97d6a998da13a88ffdc65a4b6e7b8285295c0c1006d70ff1a060949720fb9be6aae64d896edca38934fab7281b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f3106aa0025225b57168090149edbf3a |
| SHA1 | c30d9d8f10a58c4c5e489ce20643692e1bfc7bdc |
| SHA256 | 58e52df780f26d6539aaaa96e94503030db31706a59d59ac54e62cfdb9532485 |
| SHA512 | 467e7d2ab41d59f88d42a8e3332c52f2a4fa43ec1cd7fd19a2637db0e9720cecf72db06b98e774ed4adaf9e2a19b88ee78f23ffa0100f7910f3cf50d6a79c0bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d034372b1978aa7bc601763c9b5eac61 |
| SHA1 | e4de09156b3ba43dce3874acd4b22eab7872c99e |
| SHA256 | 2afa33c94ac58dbf5b524a734e0cae727dfe7cd6902b24a57fde76eb20b609c2 |
| SHA512 | 3de9d78f6f667fb5d3ee6429c80f7ee2942380a344df88fee19453654af678a3d5ab172e1522eede323239b18d6d6407ceb3729f5a5d885cc52db2be7704a4c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0e5bf5f8d59579dcb5ce341db52b7ac2 |
| SHA1 | c64c99c2080edfb54c4cd9581684d522e49aa7ac |
| SHA256 | 25c7240fbc44e3617c2feaeb29ab8aff2a29963dffec3c95a42c8213c2c836ef |
| SHA512 | 30e761a4090bce31a7c37401445038430fa410619a938b61dcc4e240eb075d51def68fbc2e6f9e73500ebbba0a98490f0b5a6c4bb99aca0d5601deef36d31ecc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 028314890d945b159594edd7f8819d5b |
| SHA1 | ac631876809365a1e4ac161f3f6be1d9edb5ad55 |
| SHA256 | 79263a388d864d461b0e041550da6333b4fb4698f9bbb504f4dee5342a1accbc |
| SHA512 | 8df0e1b7dc5785f6f8fccaa8a9c73027cdd7670df7bfd4602669424f48f409767a69cf9effef7d0a75ca42e72c413a64c25015058f965b7e0a30ba86165cea19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8e77c6e874fcded06554d8965988c69d |
| SHA1 | fd9fc551d3cbd3b485f3dfabb5277bb35bb5c46a |
| SHA256 | 989c3449934c28c8e4ca583de4672771f41d5efd7f443b47cdf0fee78280b84c |
| SHA512 | 9b964b2d2dc1ecae7041601c3eb2cc4c1248469cad5781d731e4ca0eaecd2c9e9fd7905cd7ca39def7b0657673737530226c8420a90223469f066647817d7610 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579328.TMP
| MD5 | c9a4dd24ea23f6c4f70b8cd330ffcfad |
| SHA1 | 81b6bbff7b9655ed97baa5bcd758b990b1e242a3 |
| SHA256 | 5fa7b553b1ef1da37df9574fe376a68d7d355b096359628b693c0afd3b331a41 |
| SHA512 | 9785f1dec850bb3691b7477642e5a11e89b6f5e50911b1f3d01b6bd8b8746133c540b3ff67043070906fddd972ac5fe495d0949e883716ac68b611c33741cc1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | a7243798963ec7f8e2148101209d7eb9 |
| SHA1 | 9692fac7c3fe768524a89e43b10307cfd16e1715 |
| SHA256 | 7079d14e5a97a69e35f6796045d0a90304f5add8599d2bfd1a8786231ba7e0b8 |
| SHA512 | a8f0cac6ad2366c5c33a1e685a5b5fab4c2e768605b0330e7a9bca5e3656327cbfbb614ed61d62e2d3f8771f8aba82725abae0107aa77b6ea33e68a8b78f254c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 290068d46d2e7f5022d9d986ac0d6df3 |
| SHA1 | c1fcc295254e0235f692426cd1870c99f7909142 |
| SHA256 | 4a13208e91069755c4ed786217f971c0ce9ea542cc23e8315a8e7eb4e2fb8b0a |
| SHA512 | 7bb7945200f42de2f139185cb4a9efda2db3fca5e66f6b5e218e588311b8c793b19d03a3aabd5949debfa6fcfb06c9ac5f113a593359632cb4e3e32d4623ffaf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca5725e41a45ced3c33ca47191de5748 |
| SHA1 | e47e3a81f3a8884db75ec7339b578dadb682c601 |
| SHA256 | a0c6dbb19b46ff73a50b641fb8c72623cffa40da0fa3cc12d6e6cb2f26a0cc29 |
| SHA512 | b6f867ab46a45eb21b535a637433bc07912f027cfd04e05805f0de7d8916e024035f427675b005d7fe6a04981503aec19d4ab31be98604b0b025d316cc6b70ed |
C:\Users\Admin\Downloads\Unconfirmed 831677.crdownload
| MD5 | 2a96b4260705aa2c2316846a6d1e3aa3 |
| SHA1 | 48166dd9bb44dbe24f43e252893e8ed90e90a7fd |
| SHA256 | 1593b737347941ab793cb2debd48fe4636bad48a3a1e4e9251b35ee8c33992f3 |
| SHA512 | c3a785f26889f121429dc6c2dcf28f5a806347e1fac4a79fcd72d63db7882948e40a4ac0a419608b78bf7eaf086d29ac64fd164262c47a25d1c40eab9b0f12e6 |
C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe
| MD5 | f6271b5d4729c2fd7dd9950f41d57c8b |
| SHA1 | b201f20d58d3d0de4edbc513b25c4af8d3790d13 |
| SHA256 | 04e8c3de51503351b4d52fa9b010aebb41d3cca46387046e8e689fbaa7063c16 |
| SHA512 | 8e4ff8ec79b154211d2b6ded28025b92c4f09e36ee160be689af986ae2aeb0f444d834b04f2c6887e757f618f1d7dfe049f8d8e6a6c460c99f79a80a1580db9b |
C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe.config
| MD5 | be34b448b611dc35dd383ed545e8fa96 |
| SHA1 | 6c9dcd8d936f0e39648f8fa80e7f07d9ce6f550e |
| SHA256 | deeba89fab938088e2e65942e93210e6e368eef6bc1ca8e8724ed43154701851 |
| SHA512 | 796bc2ee8672b64d9f5859f0b091e76de9523beb91a7c8a1aaf59be30902bb73f5d197f271d9d50ba6139b109b00f121efa11929f322af71fe9d32c683ad8c44 |
memory/5436-551-0x000000007480E000-0x000000007480F000-memory.dmp
memory/5436-553-0x0000000000C90000-0x0000000000CFE000-memory.dmp
memory/5436-554-0x0000000005C30000-0x0000000006248000-memory.dmp
memory/5436-555-0x00000000056A0000-0x00000000056F0000-memory.dmp
memory/5436-557-0x0000000005710000-0x000000000574C000-memory.dmp
memory/5436-556-0x00000000056F0000-0x0000000005702000-memory.dmp
memory/5436-558-0x0000000005750000-0x000000000579C000-memory.dmp
memory/5436-559-0x0000000005990000-0x0000000005A9A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS82518897\Newtonsoft.Json.dll
| MD5 | 746c1f0ea5a5c0a67fe96dba4e32ac76 |
| SHA1 | cb31834984b5c7509499f0a9a5febe2e3575de78 |
| SHA256 | 9ee20b0b7e54e633eff1a25b6e379201d499552689ad29eebd5ad90f221b1386 |
| SHA512 | b07f6032d609291f3f3d6e75abc055cbc0751c2cde4cfb4eb5ab93611ad8391e877dad92009dec70c0c2a7fb96b20cb4392a1a51634006466bca06fec36ce358 |
memory/5436-564-0x0000000006940000-0x00000000069AE000-memory.dmp
memory/5436-565-0x0000000006EC0000-0x0000000006EE0000-memory.dmp
memory/5436-566-0x0000000006EE0000-0x0000000007234000-memory.dmp
memory/5436-567-0x0000000007470000-0x00000000074D6000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ba01cf4f039d593b74553fb3ba51e50 |
| SHA1 | 32789d78deb3f761463a44a4fdd29b0f5021c765 |
| SHA256 | b6385badf62884c9068167b62c0a87a7a1e8307cffb59d5d8045641873764b9d |
| SHA512 | e75a635a75c666ea26ef58fce20fdfd04944490f263a1e35491561973d6c9fe476f19b58a9b0008108e482d1de2036a8751de610ec189269f08883434a129c9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe904697e23cf1c9032bcca22d9fa7c0 |
| SHA1 | 2e88fb2d579e150b5d89c4e0f8112ee6efaeeafc |
| SHA256 | 2195af421458990596980dc718ccbba907a013720259cbd9e5998e4350ce0a23 |
| SHA512 | 33d1de008a1d12d5e61c29c2bcdedaebd9e5e2222e3c60c9e1c585b73ac45999e97d2141bbc177c18e3735671c453d630aef3226b1f6a2e18d20edd9782f94f5 |
C:\Users\Admin\AppData\Local\Temp\7zS82518897\en-US\WebCompanion-Installer.resources.dll
| MD5 | e4266f63970e9bb702fded23abb07ad7 |
| SHA1 | fb53dbbc93788d7ac3672520706195ab3eb75fd0 |
| SHA256 | 83cf07757ca5e7c3dd2a8cabc44ba246b6b6f24c3d7042ceb3fc91ddfa8c4160 |
| SHA512 | 4632e8af8c60b242d7213ec4eebfff358c59e0408e2f6d1821bd87553877e0ff4c9e874992242b303d26a2c53ac53e628674ce2ddb0dc0102e581c05f25c5f54 |
memory/5436-589-0x0000000005C00000-0x0000000005C08000-memory.dmp
memory/5436-590-0x0000000007970000-0x0000000007A02000-memory.dmp
memory/5436-591-0x0000000007F50000-0x0000000007F58000-memory.dmp
memory/5436-592-0x0000000007F60000-0x0000000007F68000-memory.dmp
memory/5436-594-0x0000000009D80000-0x0000000009D8E000-memory.dmp
memory/5436-593-0x0000000009DB0000-0x0000000009DE8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zS82518897\ICSharpCode.SharpZipLib.dll
| MD5 | b0040d764201abd71c26560e798bfa7f |
| SHA1 | a3f32be47621d353d67c6a72b7059b553801a9b8 |
| SHA256 | 13c3e0fec7ff29eb8ab28b321102c2d27afcbb410884cd693cfd3d211bbef1d5 |
| SHA512 | 104f157b822901375cacbb22121c1c866254eca5979422741768aed5536b0d51f5efce24b6106927cb16843276fc8e4b8f70ba20f5ac3c48a75460b2ab14e478 |
memory/5436-601-0x000000000D1D0000-0x000000000D204000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f1e2.TMP
| MD5 | cc50b60ed8779d75c10faba547bbd11e |
| SHA1 | 608298824ed2d2424f42d12bf47c11721a0f234b |
| SHA256 | a50916cb07776c544a1ba2cae91048c8ef0a82c1e8cc09eab4a9703059d2eac7 |
| SHA512 | 13b84395efed09df6e34153a7463d2e757e04073abdd9b328060fd41d6855aab2cf00be6adc49ff5cf997a4eaee74c05b3fee0e7bf3c67c3e43f08f8c1fbc4f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | aa2059163a0055be7a0f736b74417a3f |
| SHA1 | d8471655ce5162b6e387fe0533ddcbe38e59a9f8 |
| SHA256 | 636a6dc16a949ab78ce1eaa12c14ec195ee7faa4bb01aa085d234548602372c0 |
| SHA512 | f476fbed786f6db8e1763848793e7733a7ab073a3dc2e42f8022259238ad49fd8dc49d844673025538296457f777eb4dd4ca93e20657c9260e45e4caa5866d42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3038f75e4d297789d94ab5d9adcef5d |
| SHA1 | 8f2936895a62ae51ed0bdfff0005ff04b59b5d03 |
| SHA256 | 8d5d8759c8e884d66d13347cc3a80be9af8d468b49a0bc27aa92f2790d53c578 |
| SHA512 | 43b2594f5ee50114660c0e7186bb6a2d8ebb5a9c9cd2ffa0a4fd330b837fcc8d8953e35ae3aaa148234e76ce511ae4f3a571a273d2a0e264811ed8bafa4e1fa6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | af6c6fcadaf6afe4800f57ee56992ff0 |
| SHA1 | b49c5a5b77692877574cb1f6916cb01ccb30339f |
| SHA256 | cb61386b70c3244358315843784cf070c7da74d07c47e31e9419781149be346e |
| SHA512 | a22ac30bfaf91f8f139f502c77e9582c51f1e72d1c0a7f223144af107683cff1b0bce81329f3bf57e5d88844496d65dd12032618a123d64e925960d572f4da4f |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
| MD5 | a89871f4fb8517d47eaf356fcba5f9c2 |
| SHA1 | 4a19ea78e1ea859447c584a4eee2fd62a1c3903f |
| SHA256 | afc118ca9b161f9b2439a63c84a1a172d6e854540aa8a24538ac73e83a09273b |
| SHA512 | 3574660b1156f1501d42a1406093c416237457f8331fac32419e26a8cdb6a8e582a17c0be1c960bc86206b7a12d0324b588e51ebc9a87933233507ecaec8991f |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe.config
| MD5 | cd4e494e258c7eb0585fe76ebe9e6233 |
| SHA1 | e93eb57e6c38e496fda92dbcb31021b34ae47cfe |
| SHA256 | bf61730717f05b95c4f43d425b6d7d15deac39d53e28eb302e5723c7a9b7b0b2 |
| SHA512 | 413b3727a71126e3f35551232607d95f8bd79342526c0144cbca929e6dd3e65aab56b2d1f37baafad53ea23dca4c55bdd363cd45d0c54792c3118726ea45c07c |
memory/3052-719-0x00000000003F0000-0x0000000000738000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll
| MD5 | 2354866890cf03971a066b1b0a6e2376 |
| SHA1 | a446317cfed4875d5f6b82b507bb9097029277a6 |
| SHA256 | 83f5dfb7e27c8316ae780d39eaefe6583dfd119a4e9e556a6552df799f300e0d |
| SHA512 | c681e0a545812198f7a89eba33bde9fb0637a3b94b50a63980767f40279618433ed71082c7575c84d5ab1ca2f664bba573c8f3d7fe0a39e8d3229fb85158372a |
memory/3052-723-0x0000000004F40000-0x0000000004F90000-memory.dmp
memory/3052-727-0x0000000005330000-0x0000000005350000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
| MD5 | e9e26816ee6dfa0d4c30357008311c01 |
| SHA1 | d4d2f690a08f1ab85b9b02d267b8e138278f2329 |
| SHA256 | 91ca690f23473476ac201cada9527f71dae1b15f6c272398253f3f0425b34825 |
| SHA512 | efe8d18d57b1e95c117789181f51d652eda53849872cbb5331cf5fd73955b04a08e360707d105b7901d72aeb86496baf2644111da289306c2022a7c9f5ee7440 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
| MD5 | 522a44cd2e255dff02c5e5c67a61b85a |
| SHA1 | c8a9ec53407f729c81126dbb9db81af235b43b58 |
| SHA256 | 4649fb49605bac2da3925ba3255bbd4017f5a9115206d67de6d51d5a1035b2c3 |
| SHA512 | 3ea6b1bbd0cb4b78674b58d3ad77cb5d93a6f27be5dd5a4a83feddeacd55d1b8f17a12ee7664d866e32a929debef7183e3991c53a9ad8e056721e7b70d92d252 |
memory/3052-731-0x00000000054C0000-0x00000000054DE000-memory.dmp
memory/3052-733-0x0000000005510000-0x0000000005536000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll
| MD5 | b4e90ff038a9640cde9c1eb897cd2878 |
| SHA1 | fb26404d6d6630f983d8d95eecb00cd28f1809dc |
| SHA256 | 1884da1809e9d5b24f777524e8a9df261d3e39cdbb25846d5b594feb123abbec |
| SHA512 | 8fb8b6f4af754c5d2333cb622a953fcc3ed2fc13b604f5f17a94271b82151466f3aac50bc52116e5cdf7269854e4e3ce323cdeeb504551439cadb5b41f4c403c |
memory/3052-736-0x0000000005580000-0x0000000005588000-memory.dmp
memory/3052-737-0x00000000055E0000-0x0000000005628000-memory.dmp
memory/3052-738-0x0000000005A40000-0x0000000005A7C000-memory.dmp
memory/3052-739-0x0000000005A00000-0x0000000005A21000-memory.dmp
memory/3052-743-0x0000000005B10000-0x0000000005B32000-memory.dmp
memory/3052-748-0x0000000005BA0000-0x0000000005BC8000-memory.dmp
memory/3052-749-0x0000000005C40000-0x0000000005CAE000-memory.dmp
memory/3052-750-0x0000000005CD0000-0x0000000005CE2000-memory.dmp
memory/3052-751-0x000000006B050000-0x000000006B062000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | ee2cd7b177b22a6570c2e1515bd9ba10 |
| SHA1 | 83df846347c4866e4969567e68f6f976f3afe2e2 |
| SHA256 | b5896c9950d32e40087224d361cee9bb96290b6579b735752c802804b4a1dfba |
| SHA512 | 58a24f6559df887a40f4c0361957e25f7b82a6c14b484f8d2cc2b68bb9e90987dc1f860211207454a78ab9f65b438aa1fef73d88e4fd074569163bf06b1634a9 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\CData.txt
| MD5 | 3b6635c23ed1d500dd929e043b13b4f7 |
| SHA1 | a9ff1f6b7bd6677d536b6fcc20e864d2840074c1 |
| SHA256 | 53cb28f2b0d8860366ca92481c848b0a25e27b5f5118363fbed69661763318d4 |
| SHA512 | 6d8900695dc941f12ca74ee4785efd4f1fc6bcf70cf792cd8256d7781d1f4d144dff3826c9d3ca63d57fc1414924f788aeaf199bdccfecd5d40386bc2b1eb1ae |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt
| MD5 | 73a7727bdf72be84806a3a5e423cd0d7 |
| SHA1 | 2b754059bc23b21f336ab82fa7ceca1133ec3b0f |
| SHA256 | 198c6f1e12e9275bdb84db4d022453781900217597f2c29b2c22a3eeaa7659d0 |
| SHA512 | 0de75ec2989f32cf3ba04587a6aca55230e1907aebd83a013a0d5c8e67975477de3371d2fc95c55be6e7358944de473ddec5d98ac94f325891f3f6d29dff1ec8 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\EData.txt
| MD5 | 2618e33ab1242d879f14ba6544f0488c |
| SHA1 | 8275e14edd7623e3b4d51058caa4a4bad5be56b0 |
| SHA256 | 1759b433ed6152b36f36a6939e6a419bbb91ff46dd7d15e57dd67dab6d10fcde |
| SHA512 | fb063b60e9e7ca8550f4350796352788991b669bd988b4694538b3a1ed2c08b11797187e04d2bc74ad7da0916d7f99ed471e6582edde16255de511f11966630e |
memory/3052-868-0x0000000007580000-0x00000000075F8000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config
| MD5 | 88bac5db79ab9307b4aeca937b6e4936 |
| SHA1 | efe6b00df096ee515f1df0689198dfda8a7a7635 |
| SHA256 | ed4bb00ba1024503cba62bc4bfedf3df1ceba8c29104c6bb91772e7871771908 |
| SHA512 | 811ef8a62c9ba3be0e84cd9d66aba8651f709605571e7efd092d5f4fbbe77cd1540813b1f81d28bb85291c30f0e1ef81a16bc171cfd4368ea70249fd11d13a8a |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\vyxiyfwl.newcfg
| MD5 | ea94cb9595adb65764e4d641c444ff97 |
| SHA1 | e603f3af615bb74fdfb59f63abf4023fb9eeecb8 |
| SHA256 | 9b03a1514068d541d07a107abb7c0d7ce347a32e9ced04eadce146a2db540907 |
| SHA512 | 3a82173e5a53baea82ca77f35194462bf1ae6afbb3f7dac0b686c378468576c762aa0131f44e1278a55fa18a852d6e552c308632aa4ee960a7b5f8c62fa7417b |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db
| MD5 | 77261c00dad3aac89b5ded6f63084065 |
| SHA1 | 0ca08b17fa1075d164b2b3ea34f495d211d609a5 |
| SHA256 | 4cffd9c87fb2590a706de816f0d1e50e36bc542340ac18a827d770154982c1fc |
| SHA512 | 07db4760560a1ff3839f2f37c9928e592be3533cd61f64a3af8cd9076c43ae753486fe92208176fe0d6562df0f6de12e92d25a81c8dd68f83d4a24431ead6ace |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\nkyqlxu1.newcfg
| MD5 | 911eecff48f496119302a40bbd4a24b7 |
| SHA1 | 1d0c0c1fab96676e6f6d642350a7f8229cccfd21 |
| SHA256 | e1860fb491a053511dcb794e6dbacdbbe4fafaf5b72fac016fe7ff8a3cda0fab |
| SHA512 | 84315c669ed55915c58b5c9e88a5f8ab880101d899326bb5dc7f569b67f605e2822c93d650d0b5a3eda95902c1335b912b53829fd0b5d93f8753dd53e4583b0d |
memory/3052-922-0x0000000007FB0000-0x0000000007FE4000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | dc1cee56fe63eccc5c3e986a8b3fa544 |
| SHA1 | 7057b8d503f8d359e1f11c954f421d5a64552faa |
| SHA256 | d6b027aea1def822667f82f2c2275676657fe5e9fe4e90bd0303d62e8e69d76b |
| SHA512 | b9cf60973c9e5c5720a69a1c90588d30adb1b6abfcbb2ff944d249c1ebd6d8005f038280ab2685dec7e8a7d6441e0710a9e912549006d6484b7ea969a4b1bd48 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\mrgsmxjs.newcfg
| MD5 | c471093b49ca1d7770d7e39a57743626 |
| SHA1 | 905d25e85acb63fc6088390ff0e30a993bfcf777 |
| SHA256 | 398633b8f978f449fdb4107aa450cae694a02e334d61e90bd0116610539f3435 |
| SHA512 | ee41bb38cb0a38801a622d263ccbcdefc48392c8fd290231b858ae348cc776105eed58ca8df2f45aa3a7d26e335321f658ab0f1e2247f01d14ac0cb6025ff7b2 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config
| MD5 | b4ecccf8f6cb66ed6c222e0d32f34065 |
| SHA1 | 5166bb516a533296b2f6914290c01359912ceb86 |
| SHA256 | 1631ff1bc4b474303be696ef05dc79aa8a58014383019c4d84366c6c25e349fd |
| SHA512 | fee6e5b6d9a90cfde669843ef7bc408e054b955691535df9735bae5a225c36bec342d4dead83d6a82ea724f6c47b0cccc5d62d007870b48c0577fd768f067e3a |
memory/3052-958-0x0000000007760000-0x000000000776C000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt
| MD5 | f870df721c17b87f2f657b2d785ee41c |
| SHA1 | 172bb36a887ef6e082379e608ff3cb5a4ad96067 |
| SHA256 | 2ba88e860952594366808423c7031478d0c4f7cc84022cf55a19ced01a28c5ec |
| SHA512 | 9a2d45fc711663bb6754025d5e9a5b54ad053b660d07dda621608f9f0c48d042333ba78ce4033e650f63c24676fcba36902395c9f5c93a026ae5347a71e50568 |
memory/3052-971-0x00000000080B0000-0x0000000008126000-memory.dmp
memory/3052-973-0x0000000008130000-0x000000000814E000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\ie4sgbye.newcfg
| MD5 | 5e9e5caea0e9c4e8b9451fa2e417ef31 |
| SHA1 | cff95e107d3f17213a9131db68a342ba5f85833f |
| SHA256 | a4e3a68ec05d7bdc8b3af1e9cf8bdd719c228e079c8489ca2a188a4541ca8093 |
| SHA512 | 225dd12ddfc61cdbfa3e7f8bebcca47d4273998806b18f29fda2af7f2f2993f692c169c3811d1eb0a16ba83910f035abfa1ce41119dccdf2836fedf4e6a85e2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4cea2d8e4bc2bd6e7a9b2b9c6a1fafec |
| SHA1 | 16239cb52b3dc70c0c96ae007dc70beffc5859cd |
| SHA256 | f857a98999989dc440716c45701df49cbbe331085685aaa2189bd1eedf366eae |
| SHA512 | dd5adf46ce697cd6ba9e0ac6c53215be902ac6edd3e766aecbf9bb5d1506af0d11f82b63169df084f60a54178bc808a1e77c66d021b0943c40fd1c48aa5887d3 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\n0cbtbxk.newcfg
| MD5 | d8f3c0193e05514f91f5cd2db4b589df |
| SHA1 | 785fe4cbf68c16707539ba7aefaebdde109de6f2 |
| SHA256 | dd2687d3e8dabcda317f637f600bb2a0e088d80143e9eff923a7ff7457bcd00b |
| SHA512 | f8c47cef6bbe43fc85153183f652a5fe04c5b907312c1bdfc3583b401ce2007d213722e1994f08d0f8fb6579f48398204fd360360f0a70d9548d5658d2afd151 |
memory/3052-1018-0x0000000008D20000-0x00000000092C4000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\xkavy2mi.newcfg
| MD5 | 41ef59da5e0de776ef13d1630c731914 |
| SHA1 | 94347c033d06414e1099372950e3cbcdbbcb0907 |
| SHA256 | 3cff2dc358932c6b0ee25f828155e618b2363172441c2e0870728f7f0385de82 |
| SHA512 | 7c4c24b68b3ae64cae26e25ed1e7c8b591d63ef1647545c96f69f63220b968f466b58472cd34a0626d929fb77e7fb99aa7cffb46a8ec09910ca8038661565e69 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\zvrb5nth.newcfg
| MD5 | 9947a1264484c5f4cc22a07970be3a92 |
| SHA1 | 7935b6b785cddc4289ac68842293b78269990371 |
| SHA256 | 4662bb7bdd9d2915a4dce215642ac6b0b04ab8bef451e8a94f467d962a1ef699 |
| SHA512 | f1c825d79cb6bc51bccf3e8403e4c787d4d044c3cf82340c175c4b9277d50a7cff3c261f141c56ada4b52bb451b8e512ecbcd0e8f40a20e9d85298c925d4a44b |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config
| MD5 | 918b73e11ff23f37859767f65e214125 |
| SHA1 | 50168ab3820fc493eeb02280be16e9179aa51133 |
| SHA256 | 08f78861fd112cc75665bfe038a092181120e29d8836b915e9bf058ad8d0e4fb |
| SHA512 | 432cce58be2582a54189533f252ff8ae4106001eda19ddf94671c6102525978bad6d5997d4271bf562c62d281e43d649cd7000783393b4e04ce5203f7403e1cb |
memory/3052-1094-0x0000000008810000-0x0000000008832000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 47e378812de7bfeb2628a8d7aa0e142a |
| SHA1 | 00d114090cd1340ed9237273cf72461b50d9ff71 |
| SHA256 | e893ac14c928283d422322b256bc0591917d29c976d08742d23b37952a5a9f57 |
| SHA512 | 0ec6a3b726a64339a7cad33f8716b1c18de6ea0198002c708815aa74c0c3ba5885ae0fa497a5291d8b123719427572c98bbacefae6cd4c35f2e354a8b30f2305 |
memory/3052-1129-0x00000000661C0000-0x00000000661E2000-memory.dmp
memory/4488-1132-0x000000006B050000-0x000000006B062000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | ab2a042db4d59320b318e0ebe7fc16db |
| SHA1 | 923dd799944998a387dd8bf6fd2e4caef35a6b66 |
| SHA256 | 65ec066a1c3b030bde7a8c24a3acbcc300f91d7cb318f8408e55796ced8039a6 |
| SHA512 | 3f261ce079fd340574ee1dbce11099503a8cd30186677944832d9f39bca376fe2b0bd6f436474a836407d3f024f824fdc8958737ff3ea8166089ed51ee9a61ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037
| MD5 | b024bec6c4f7497790b0f256b2ca8133 |
| SHA1 | 82ebc8413750ed3af2903a9a1672c7b719eddf88 |
| SHA256 | cb0a12a4221cea7f8fdbd957fe6eb18840b3c1947e750bf6b11a8b1bb75382ea |
| SHA512 | 0a282f48f0b55afc510c3375cf08564bec4912b49eff867a000d65bb9337fb0dfb947d6a1a060b9e92ced35324a200025df1790bfd294533afcf7a79ac7718da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042
| MD5 | 33baa0c00b64ea001fe19c533b91cdb9 |
| SHA1 | 5d4f20c11cce8f63dc0492cc9b5520536aed0e74 |
| SHA256 | 34772ee9cc9af4bf18b5ac532380411f2827509a663bc99d72a53f2f073d4d8e |
| SHA512 | c322574dd8418bf80124a6db598495320eab58f30320323a2dc1d4e34364a1fbb022ef9ef0c7b4c17e19fa4eb15f7f5efbe8171ce61825641351ed33d8c03096 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
| MD5 | 7b1d0b28954f0bb68bfc4bbb2525a142 |
| SHA1 | 07dacc6944ae7c34d971bb51469716e454f16f30 |
| SHA256 | fa1de0268b71358006bcfe17c6eebbc35c9d51c648214820022b63bcd9c1fd4a |
| SHA512 | 655cf47f64acc45c119ad92a020b35508382a169106f14627e6108833f2bb5a994cba0f77348bc8dfd38d87163c7ad6867c3b37250ddd6b2d7a0af8c538b4fad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | b3baa6daf6e650d825afa26de64f4a1c |
| SHA1 | 32fd720530ed7f3ee44abf37adc43c13e7a98521 |
| SHA256 | 52a3e4e414c9669beeb24f18a109bc892147a81a328f791a93817221f60cd481 |
| SHA512 | b4b5f4bee5e5411647c6ea0c01d09fa096139e8bb8701bb4422f5c63665da1d4cae6fd0153e3178dfae67d58a6674916e298315c7246b027368a33a124756d38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047
| MD5 | 4e7edfe35e22eb75e1595e996560cc51 |
| SHA1 | 8a4d3ef39ae71b7d5535b0229e59bf0c45d987ec |
| SHA256 | 4d2cbe37e9671926fef1d68f9cd970f5948d3c6f69e898e0803e8e5addb25d98 |
| SHA512 | 661055517d010882c4b88a87e0774570d5e17864b1afa6781a7245bf4c9b0af5efaaaae16eff47eedf4665772c59dbcc619b11b1756940a3baf278b8735e8124 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db
| MD5 | 95dce32019b77df44c51df9ac6248148 |
| SHA1 | 1ff3753f39b8a4e6eb3002689db3db75f318a6fe |
| SHA256 | ad0da1a29dd675debcbb1d7bf239082589dbdc589ea1067d9e3cea79ddbc242b |
| SHA512 | f4ff61364a816fc8ec515866399d338ff6ea5e2992a49ac0f207626a52b9f4a8598d9688b40f6a93c759fd0085f9a3d45a218078b6bfd527e0f9cae4fd157f14 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt
| MD5 | 0cb1cc6ebd3113ffa4d08cb8e611b0c1 |
| SHA1 | c084178a890875d41c400e8950537e1f8a58a50f |
| SHA256 | b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2 |
| SHA512 | c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt
| MD5 | 590fd86ad024f2b655deec8333e240a9 |
| SHA1 | f1946050248dd1aea834f139063ac8eb3e41677e |
| SHA256 | 7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1 |
| SHA512 | c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | f399862f4ea59a17c22943c3e486ee58 |
| SHA1 | 85ab6a077c208397fc17636c9bc146b27f654de8 |
| SHA256 | 114f787d70b5cf81bbfdbfa30165a84fda628866cc622c0d3b7d89f8f34a0e77 |
| SHA512 | 991c63e9cfd76a7acf9ec5e161c23e26906a4b9dbfb592509f601f61e9cba1b2d5babebe3fefe254d1157183c1d771b387d8222ffc0e742eb7e602ef19778bed |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\yv1pee01.newcfg
| MD5 | 7ccf5fb6d61493fe051f2adc4b0260b3 |
| SHA1 | a8a8204f7990a521029ab86f5eca58b922edeb4a |
| SHA256 | 0246f58ec27588d91af3952c6da97cb849dbbd12e8ee9f30075d6ff5f305b705 |
| SHA512 | 314cb120d087fe1b739a0e37e5e2c66054ac4a389cc16775c43e128ae32645cf705581955b4a8bde25041aced6a693ee294c5ef990d71c69ff68dd63cd4a8064 |
memory/5436-1336-0x000000007480E000-0x000000007480F000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\gsjt0mps.newcfg
| MD5 | 34833df80ecb9d5e2d592db9b3ae70d6 |
| SHA1 | 5dcee5e915c0f2a5f0c9ce9fecee9698f4fe6dd1 |
| SHA256 | 98e0257a45db7e6909db7e998c5a9cb6d0f2aec612661f2d28bab1437677503d |
| SHA512 | 32567963397e1428cd8d8788525e5a958b1f09582361354b53d32af76481ff25b278fae35ce77c5967ba0a07c708b2bdbf9d85be1e38e7a208fd40d0f66d3220 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config
| MD5 | b6698267c2c6fe01a31421e879856f48 |
| SHA1 | 5246751ac99b046bb758b9cd139cb32b3d7da7b1 |
| SHA256 | 196152408b4ac609bb788364a0ce80ca2dd2f11130c8a4c813c0fdf557be5934 |
| SHA512 | cb8644039e67d447204ee51669a359648b6f11d2921eaee538e7e8140f5fd714d4a29e4d04dfba32a8b355644fddb9df6a8150b3eca0d5b59a84f55969f2e1fc |
memory/4488-1395-0x0000000008390000-0x00000000083E6000-memory.dmp
memory/4488-1396-0x0000000008580000-0x000000000858C000-memory.dmp
memory/4488-1427-0x000000000B830000-0x000000000B838000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\nysizexv.newcfg
| MD5 | 2c3a3e2c304a78825c89df85c285250a |
| SHA1 | de5c766932d19ccfc01ac53afce4948d9f2ae111 |
| SHA256 | f4d06f9fbf1b28af6c10f492fc0513e0e432441421dc040e687e49d2be6d5452 |
| SHA512 | 724006d152973f23920f0655e343fe5c1d18fc34b8835a6f5b2864fe81e1d8c355e3275bb92982a2c690cabdcbd2d56fc3f7b5f391ac0ce86e9a0f9fb18e6fc7 |
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip
| MD5 | dab042b104b2f904977ae033f0b7fcf1 |
| SHA1 | d779bec870dc968f01f3ebd369a6e4b6ed77fc07 |
| SHA256 | b76d1f149dbf5f3c4479a92dd60bfb18e4d11bc1c241260bb289d4a9445fcf7a |
| SHA512 | 5b7be87ad5e6d6c3b9ea3b8451bb08926ad82b352ce384114c047a928088eb899c06d2f385f691df8cd2e9ab3c912d865be3b2c24de030b2d57d0ff580922a01 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\exf11ml3.newcfg
| MD5 | 0347dfd7feee5c48c3d1770fce46906c |
| SHA1 | ef0b57bf31a3c268f70d3e629047d73b58916d71 |
| SHA256 | 24329b74735462511094418baafc0dd7b96865b344b9bb5049e0de0485dc8d4d |
| SHA512 | 015bc9b29dd39460294263129aefd48c9f01057fe18cab322ebd852518acef9d16a48054e50f053fa603110f09333f72569628de1018aaaaaf1c57ae61f25861 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\4jdkgvcq.newcfg
| MD5 | 453f54c9bb5f056f93afe7100e488eff |
| SHA1 | 050b08a5ce662cbd90cbf5b249602969c05eeb3c |
| SHA256 | 14fde4cee90e9ba914b8763318120ffaf1d3d0e54e7adc2aa68b9c378baa5dfe |
| SHA512 | 981705d05773b1247be3e2f710b0ef6c3ea63c182040f7d8eed40ee7c8139cd3fec5990fbc835bded5749cbff5296883ea64f6217f2a3b1fa09af1afa0bdc09c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 74a5eac3f5ccec5108d49188009c829f |
| SHA1 | 9f19de78f4d687a2c46c871769c59559f416aab4 |
| SHA256 | d9bb3ae37374b063e0305de1244d0ec6d58e66ee9d4d29332e505df1ea8bfe9f |
| SHA512 | 2b1489cc5dc612ac73e0cbd64859fb31833e8457c138108f1a87f3d11902e42e9c177ea1fcf05a94fccba1847127834aed390250da28e4168acb607fc312a378 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66940266cf8beca9f0a6ef116986ce63 |
| SHA1 | df7f27dac4bb2940a04fc0d38a0e8db3e7424016 |
| SHA256 | 276dbc89b22c644d1eabb50b3aaca6480e071f836bbc74bd7f0a710fb615d0a0 |
| SHA512 | cbed656324898d8e525b906d607cc319929aa9b0cc612aab37aef0022948fe66f9d462a773d062802c5d6be232832ab903503a0c0cb55626694bb053f284caad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | be2e1ccd8286d5a868558db2d19c966d |
| SHA1 | b744c1ae72b2415ad340d09feadc5cc7f1f5adfb |
| SHA256 | fd52de49f880a234d1c298be1f12a26530d38414571ca1fcf9e941524222a892 |
| SHA512 | 3c8624c6aa49d8b0446cfc8fd21b95c4ec01c2234943450f2191a6d110f555aae1887da8563b7c151abbce8c885beae40bdc1037a8870d59c71e3cedbf64e62c |
memory/4488-1620-0x00000000661C0000-0x00000000661E2000-memory.dmp
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip
| MD5 | 94a3263bd4a3447478729d6add2c28ae |
| SHA1 | 37716240b644954907a3f62cc45797e805e7f42b |
| SHA256 | 5c40f3a8ab3b19a8e0b4f57f7cd21ede1ca73492d78c2303544e83347c96b8f1 |
| SHA512 | b7fd8beecdee6e9414bc2e811a78b26ccf89ef1d44c704fee96a3f8bd24a66986f952f853eff181b412f6ccf14362ecf26d9d5bd5c739aded4f8a1b6bf41b134 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\u4qpaz5u.newcfg
| MD5 | 40ee76fe398da89493e05ea67d4b90ff |
| SHA1 | c72079907c8a105ba6ec67bbb3decdbd9791e758 |
| SHA256 | 6993b96acfea4668fa1a2183e2471a84ed657aea72486eb0c5d3ea53c44b81c1 |
| SHA512 | 71960d4da973f7415e16c081690d439c2197072cae9f78db47bfde679d70eae39f21c450589b85dcfb7b02b7e1569d7a1862afe3edffde1af1dec343b0d42e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f6e79be87f80827c1cc821b92d3d4687 |
| SHA1 | 23440140335e5d871e5f53e168f4d7ac44bfd5fe |
| SHA256 | 582b1fbb604289585931a04e3213540e1a486e94af2a18b266f0b1dd562a0d3d |
| SHA512 | 13e072f0b62c34c7b41537c35919e292527a51633654e31ad4e26276eb744855c63a589c41ca344c47aad2f3e1fa0c710d3dae8a8e056580257498cf87f6ec9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 56a121516870d42064aad7a884b10fb6 |
| SHA1 | 3a6c710c8f88e2fcd36b26d210e3e33fb538b424 |
| SHA256 | c8d80b45b42840f6ba31d04675b63d7444251f4728da4fc25f58a102c933d8f7 |
| SHA512 | 1eb361b72818552a2a29069e74f2f739a8aba7c545605f4fc41273d694136829a5853f83afbd1eb5a67dfb4d36ec5b07d4e638fb4bad253811ed26c5ab467630 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bd29d145236c284685a2551b4395eb0e |
| SHA1 | f43c504208d0dc29c1f8e5bcfaef11062c295d34 |
| SHA256 | de29bdcaec912e7c30ed3d9b5d3bed4d089704bd2c45fa38c1a7c0c75d26a3af |
| SHA512 | 3a7e6ca53e6f6dbd244e8e6da95a0147bcb932d1a3f35f59da8fbdb1e6ad2b7f3a429ea98287cbebd5cdd64217858473a67a6e5d8138c9806f90ac7014b1cc48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b20406bbd0265cfb8c7f638eeded1c4d |
| SHA1 | 2cae6ef0396524f40f9d29b358632e1c139a3c61 |
| SHA256 | e7b76639374a67cc67eedc55a5256b15df2d9309940f5c28675b2af081a68a99 |
| SHA512 | 39f01e61abbabbc142c5c92a04ac10fb82942cbddbdd54d3045fbec6363caa73631001e58adcb895beb33f9ada5fd8ca9a9e79cf79d0992b779e8e762e03cebf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 24c15be638da6d3298dd0a7fdabf683d |
| SHA1 | e051db9084c1bb97aec92bace89394e590e8f433 |
| SHA256 | 2c21b81cc224c1418185db5cb867bc7c68850e0ad72855e6e4506ee79e08465b |
| SHA512 | 1c60b58d6a189f2335b5a4e75ee27623e8dfd6c3ebd94d13b2b30198a75188e06bee55cabe697fd18b0bc041e24c9ab31028d8dc5e439048c276be8ad4661b3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b54a50c368fba2993b048e7defbd3b46 |
| SHA1 | c00f3699deca9ba7a2f0dd22f5bd141964292992 |
| SHA256 | 1b7c39257f63ebd4ffaadf5a38efac81e90cd95bbb7e4e6d9076ca274dbff10a |
| SHA512 | 5c46f32d83c0687dd69f561238a190256b62a39c33cc196c9949c8e12ede0f4598925be0ee667a13e2473fe2b2f010cf5f3f4f250be21bfc9c7639e26fc11c50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58af27.TMP
| MD5 | 4046d48a3584bbefa6158ae8f39d5346 |
| SHA1 | dc99397d07c22c80bd69a9333e628ce22f331cf2 |
| SHA256 | bc4a1b3532ed74230ffc30f50c5f9cd979522b82b7ad6ea2e8472366a0709f8f |
| SHA512 | 73db262a024d958e4f852c13bcd1092ad459b88b8055776f8e4eeaa7b849228f04869238a91855e453983631239f3e573db350f2a8c3649d80eeb0d6c7df27d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | f8472a52463d248300ac0c19963bcb5b |
| SHA1 | 2a2684bb469537ab73c86598a4096192f05033d2 |
| SHA256 | b36f23897a3eb8c782275bc79b903a4c365397df56761083f6f97d11add47310 |
| SHA512 | 0d365a8a72f2257aa280fe139b096479b93dda63cde02bfc888a95a4ce3af67c43f7ead9819e3ed25bbccefdfdfff435dc9922fad0b131a6483a852815873ef9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 09044118da8674015844dadd2821a342 |
| SHA1 | 9dcbcd2a7211d3ad8972ed561a019e2dedd6b450 |
| SHA256 | 8c5bdd0ed69ae0479c33d9b19b4d7ecf0d18b4f1d36b3ef5729e736f9f7ac07c |
| SHA512 | 971ba6976c195a86e00690c296d9742d02f7b9079fd1c4fcc83d2b838623efed33b97377e1ee87b23df76c42655c332d566221378e9b31e126fb162dacaa54ae |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 34fac6457f8d78c92665a97ccb49df7e |
| SHA1 | ef7432dd4d0bbe1a509a008d04e75c2ca48563f3 |
| SHA256 | 001a86e6d10ed87ade8fd1e9cf0452ee87804573885565413305073de55f9c9c |
| SHA512 | 7b3e7fbfd999c51afc9ca0b6df87b1422cabd3a095a1dcf171de93419be3dc821800022ecd34ebeed9419fad02d1d450879c0f4bac3360363fd7355a90e79e11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052
| MD5 | 75f1d5724eddb6c481e2e87727c0a19d |
| SHA1 | 3cfe079018e25b2646f23e0744bc5af2114ee256 |
| SHA256 | 751f9ea75e28033193df30031bf3d33e0553e1644ccbaecb26fe7d3bda21b78c |
| SHA512 | a52fade9a438e7896f12afb5b8cccf05ab2cdd71dcc8683ba80001e74800d0c6a6d446d162e75eff573ccfc7106c1beb6f91bdd41753b81a6f5b7510c7c36b4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youporn.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | 288b80b3e5a1014a1ae4a047d51ea5ee |
| SHA1 | 75de5f747fe2925a44c9819bc4b944c91fd5082d |
| SHA256 | 94014f6931a65305eb6955f0a72dccfe64afdde8f0edf914b8a6731837a333f9 |
| SHA512 | 91a00ed83cf56943a2e06f52224f76f12a82e6b67f8880a0bf6bc298cdf7c0f2191b3251f2bb5cd39b8b1c9b104c9c425221ce5a78c2dd806cdf3484ec99b1f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0
| MD5 | 847343e03cee23dfaa7d10680ddcb0b8 |
| SHA1 | a6e2df09ed6094032ee93f0ef41f382f4e148c9f |
| SHA256 | ba4577b3546c46510f9f072fb8090720bc2ef4963045501d62739183e01a8f1e |
| SHA512 | 38c169ecf6ab79eaa13323880fc85b55a9c07162a3e2bb386bee07793e53ce6cb91443b0dea4f9e129d5e96f201b25988417497412e6e77f2770c456753c8171 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0
| MD5 | ef865dce8f39bd572b864f677f7ec8c1 |
| SHA1 | c892470e7119cd85d63ec1de8ca0a007b5e4be28 |
| SHA256 | 1f1a6c27fc64b5e82262676f06eca358a13e7728b5b92999eb0fac6e91bb6ee0 |
| SHA512 | 49b62fc477b6254f9056bb4c5f73c5ef26d199950e1d019e28b803841fc055995dc5d80cdb6e632e66fcae5c396b20ef32a881959d09bafe8aa7b536f7430a0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | ca9a00e160b7dc408a80eca964383bb0 |
| SHA1 | 0060fa733ac7884657bbf42aeca105d491fcf90f |
| SHA256 | 7eb10f36703d2db3d84cc3e84446490dcbb8429e38b30d8b269f871cf1574848 |
| SHA512 | 6bbe9587875c3f8ef03a54249343ff7c4647a87c6b6505d5d9fc1e26c6d7749bf4bd3b02fd09a92bcacee47e33c4fa887ff138ba0b1ede02b6bf1c5eb32ecad3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0
| MD5 | 0d84e99f76197695f6210cf3ce79b101 |
| SHA1 | d6f2e8d61d4bc3d9804facf615eb810f1bfab625 |
| SHA256 | 0c82f641ca860d8ddbd66f3e31c5eebca98729c9d3f469e640feb16d15ff022e |
| SHA512 | 3b1d851ed41e527fe8ed2e502ff48b8cbdbd73d46e3b381f23409936e5dae6e571ab26d1b8e1b1073bb63708866f4ab2be2badb66370cbdee7d577f6edd26a28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | 0175e7d9f7d3516e41d101b2e81d5d72 |
| SHA1 | 2a2fb99e40c7a2fa0edad6c405c5f31edeb9f035 |
| SHA256 | 5fd6ccc245d47da85b09278ccfb300b43a4d18c5d39f21941f3a22df08ea9b04 |
| SHA512 | 85bd071880e3989d60f97fda091e901803e67926e81b41272728b7d3e5dc863f34cde367b363c4f81c2022fc38ea50cb002e8f03025803b6a68ed15bd2143a2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 4f9d58547367f284c0fa5c840c00b329 |
| SHA1 | afdf5a998830ad8bea4d57ad8cb3882ac911b43f |
| SHA256 | 3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd |
| SHA512 | 7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | f43bae76aca474b1c3c685767390f30b |
| SHA1 | 3c0529e776d3adbff6b3da32879f1f67f12ea31d |
| SHA256 | c872f37122385d45ae96b618f1a0298387f90a3baf2e01b64f4a296a9fe230d8 |
| SHA512 | 6f71a93834388b0c9f3f5ef1c8c0e94bb98122eebbfbeece1403e530f214f36a32557f62e6e862a5d29ab25bc39bdcb14505f99c82cd3355d05c87447b81f3c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | f91dfab9ea71dcac2d56932ee97b4a88 |
| SHA1 | ea278ac6e3a673d0047623473051b64a7b9085b5 |
| SHA256 | f985b76e4096b86b946fe552479dd890b4510310ca11effdb58035f6f9b236cd |
| SHA512 | 7577458acd4ce0e69e73d29c8e332a9089627d1ed31c6e2fe02907bcd539cdfe37126a418a445c6722f2196177cfee4501ec1498a86a0af6cddea3914740b120 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b4912ebc403a9ccff63dae2ab23ed77 |
| SHA1 | fc35fba80beebc877e17a06277faef063620fbaf |
| SHA256 | 8551ef1e0deedf4549b8f652b4871dd2906ab2d2c8734c2349f1f771b592cfe0 |
| SHA512 | 30a090c1847c0ec1f33b99085b438b17a7d2321ffed98a9eedb8de0e0649158603bf0c8401101a9af9dd6d6fc824c97cab44bae7cfcab885b0b2a7760a48f07b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1d32f5b5cae822903bf6ed0eb70c9969 |
| SHA1 | 1c2ad058192a5a26512a29e3b1833db33d28068f |
| SHA256 | b6bfe3db5e9f35de8b21cbe326a42109823c3682d99ac01322a278aeb133dc42 |
| SHA512 | c1ff2d85bbf4be45c86326ea8463b129109f7d4f779794a9169c1a40e18b617880bbe0d6ed1fd3699a5d8157104091b3ac27eac2bb1ffcda650dbbd709e3c7b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d5da7178d2846f81d08dfd7115ca252 |
| SHA1 | 50a93798d7e7d46cf9e7320ef3ccd905e04775b3 |
| SHA256 | ff688526b327b88117ba0bf596168c88ff2458f53ea6dd9e9a1fc9a7522308b7 |
| SHA512 | 8a1e9b613f05a9b39006873d8fb1965058432acefcf4c7f3b970f879c73591eddff3aef010608b7f6a05fff4b1bef134e454725f1f65f883addd8d3bc577b9fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d45646625150b59a83a4240f93fabfa4 |
| SHA1 | f3516a315de906a3e2b56902ebfc6cee6f19b5fe |
| SHA256 | 09149f6bc87c37f85e179e949c2a63632bb6b8620a4022b24c3e8542de13520d |
| SHA512 | 03d5d0bc9c7073c1d03e2311b528767a9493c6f7337c1d5c7480b2c62d683ed2d2f3a0146ec45dc3160b17105bdf34e37bb1d6add27bb2268ba8af942ec033eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\b5c2e899-17f0-4f47-8baa-8db1361e117d\index-dir\the-real-index
| MD5 | f7aba4c91d7e496309e74ab072e1b26f |
| SHA1 | c031d30b1edd7cd63c1b39ab659afa34502e90b4 |
| SHA256 | be4027fb27ae785c3689b522c0c0c547a46da1abc65eadbac1074f3e93856c47 |
| SHA512 | f64544368bb5979d87c1acce9ffc48cf717337481bd985044a5506c44fc446d01c5a33b314feeee468c1d913929ececd551ec63c85bad87b1e57317a1f8b1a7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\b5c2e899-17f0-4f47-8baa-8db1361e117d\index-dir\the-real-index~RFe590d35.TMP
| MD5 | c14d32e7d4ee48dc56398ef623134a81 |
| SHA1 | 1e271888c5a84fe1b3880b8a08ed59119857a5bc |
| SHA256 | 3d0b1325b9640aeb95b1d0335f2aed397edf848f4d7712fce7748309fe6f89e6 |
| SHA512 | 9036ac6e33a89e6ac0d56e251c0b9970c19c5b59043966fcf28cb8ee0d2c774776b331a383d8528a72eb0cc979e57c042d99c20aeeb19dc6ccae68b2844fdc37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\index.txt
| MD5 | 8a47fcc2e3938327f87ee39e41905fb8 |
| SHA1 | 5b1dbb4c215a3e2d3ecf87c94e7f9479b542a325 |
| SHA256 | a64e1ffc4c74805c7b7e8ccea7403d5bd608e50aae75fc4659035f1c4560d9fc |
| SHA512 | 7657081ab7a83374db28344036b3694e865d91eb2addd02f649d2ba7b8a5a65a3419a9d3b251ce8b7462313661bb7dcc22ba17f526d548e2eca87a35b3e77418 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\index.txt~RFe590d64.TMP
| MD5 | 7416005ac50c259fa537318cc3767d3e |
| SHA1 | 0ad31006c1744f5b7f907ad940f5bb37eb092af7 |
| SHA256 | 4d3aaf6e50cdb9599fb905f8f41bb96e9ef7b815c2c85e6dda7dd89ffa491ec4 |
| SHA512 | 005386d274885724539c1d77e949107c8e89551a3dc60b4377b0629a67dd966e9b786d9d28526f4badce2393de2d48eb82221030f63042afc05034f652ceb8c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000da
| MD5 | e78f9f9e3c27e7c593b4355a84d7f65a |
| SHA1 | 562ce4ba516712d05ed293f34385d18f7138c904 |
| SHA256 | 75488ac5677083f252c43009f026c2ec023ac4da3e65c5d7a084742e32abce3d |
| SHA512 | 05f9fbbd59c286024b3ad49961c4e0eaa1abcf36ed29a1d07ea73d2b057075d46fbfdda56f135145f942bd0c3d48246c73be1771c21861eec4ddf8bbc365a286 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000de
| MD5 | 8b37bb42b1577b08892393df19f534c8 |
| SHA1 | e12eaa944bff9ccd0687ac54811a3ada4a5d21e9 |
| SHA256 | 6cc9e87df3ba27d6dd288a0593a4f70a17ecb0bf5cac0a591ff72f355a9f454b |
| SHA512 | 9dba0d070832cecab4c2aa922bd07395b7493845926a5bed5c5f86d61c3b2fff1f6fa12069b7b7abe4f15cd58775ffa238aa36c47e100d7ca544abb3bc1a29b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1
| MD5 | 4e23cf0a622effe6072fde83d18d2156 |
| SHA1 | bf57a0783c6ceb9547acde6b585b0127c40e17f6 |
| SHA256 | dd4fe923e2cd0b31fdec51bd973acf89b180895fdfa82172218a6d96461a5985 |
| SHA512 | d45595ddc64e3138d2a4afb2053e0ea7dad66fd726022889ed8452c143449c3e310a9e8fd7f3a7378d0d84506483ad6203ebe2970a55c88bcc3d59fe0ce58449 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bca844856ac3bae294b74cd9b4c0c5a6 |
| SHA1 | b6f34be333ff69c9042c086f99a10c96fb631c11 |
| SHA256 | 2fe73be240ef725d2c766d1c4f42fa8cd05b7d88babb9de5192e7cb4f9294ab0 |
| SHA512 | 719e80373edde6071fab7a0e9d4d855116a711e7c1f3717abdb31d55411c48b0fa98f587dae08c988001c7f37b5be39691a20a7049bfb023f865ffc6fd850873 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d93901526ef4ba4faa99f30a2ad6f7d2 |
| SHA1 | 85e6d618c6d99fcbaf59f70286672b143ab1d757 |
| SHA256 | be97c83cd133c529352f8e31b300971d342faa2fb86c5d136a1abd6c1a4a5bf0 |
| SHA512 | 94f3b275184a0705d48d75b52cf2f29cc92ef3142803d8eaee57f629a237e426b481386808bb6f9240027e1dbae52e6bff83f2d9a1055616dfd07ef9fe84b0d0 |
C:\Users\Admin\Downloads\Unconfirmed 237721.crdownload
| MD5 | e126e85516c400f91c7faec6de177490 |
| SHA1 | 364d5712f99012549c4c0425bebc0c6cd6bba218 |
| SHA256 | 9742eb6f940a9bdc5a2f4323a0407ed7fc0903620a2fa3a3999a803b208ffd07 |
| SHA512 | 028e8b84b732750739a9eae771ea8706006377bf184c333ebae26ad9244e00aac769c6cde077bfe63b5e53ea7ef7fce4390e930982dc50b9cd049c0989c11f5f |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\jsis.dll
| MD5 | 4b27df9758c01833e92c51c24ce9e1d5 |
| SHA1 | c3e227564de6808e542d2a91bbc70653cf88d040 |
| SHA256 | d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb |
| SHA512 | 666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\nsJSON.dll
| MD5 | ddb56a646aea54615b29ce7df8cd31b8 |
| SHA1 | 0ea1a1528faafd930ddceb226d9deaf4fa53c8b2 |
| SHA256 | 07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069 |
| SHA512 | 5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\JsisPlugins.dll
| MD5 | bd94620c8a3496f0922d7a443c750047 |
| SHA1 | 23c4cb2b4d5f5256e76e54969e7e352263abf057 |
| SHA256 | c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644 |
| SHA512 | 954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\StdUtils.dll
| MD5 | 7602b88d488e54b717a7086605cd6d8d |
| SHA1 | c01200d911e744bdffa7f31b3c23068971494485 |
| SHA256 | 2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11 |
| SHA512 | a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\thirdparty.dll
| MD5 | 070335e8e52a288bdb45db1c840d446b |
| SHA1 | 9db1be3d0ab572c5e969fea8d38a217b4d23cab2 |
| SHA256 | c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc |
| SHA512 | 6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\Midex.dll
| MD5 | 581c4a0b8de60868b89074fe94eb27b9 |
| SHA1 | 70b8bdfddb08164f9d52033305d535b7db2599f6 |
| SHA256 | b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd |
| SHA512 | 94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\CR.History.tmp
| MD5 | 56be61fa4901f003a9c69b84175eb016 |
| SHA1 | 283ceca7b3d8dfb93f1a008bf663672a0a67f314 |
| SHA256 | 7cf854bc0b633554a6d0ff3945325170a3b88f87d771763413aa6e70827c9327 |
| SHA512 | dd400f6e74698fdb35731c6b7ccddd179bdc3112a696a37b87989c8a5ec0d56857521cb149f678888ab9cfcd2d967c117e61bf2ab6e8f4df71d16d5c8f350a18 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\FF.places.tmp
| MD5 | 25b97815c0005fc273a7eff8e4306d35 |
| SHA1 | 9e23f75f19686261d5a3c9abfc7905bd2b8885bb |
| SHA256 | 08eb8fb2f947cfa307191716fc503a9e547fa9104e16f16f4e706a64ac19a393 |
| SHA512 | 26e258004e766f3a1542f2a5a12ea3223dec9ac37b79e3ffee8a16326d623e57ab10f92fc9302a46dcc938511dd078b105e81b12a9872892fcbd25f0cca7b856 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\CR.History.tmp
| MD5 | 6e73b3da90a32dc416b3ba7c3309f3ab |
| SHA1 | 8e3299267499e3648e8c46784a4cc3c48ba00784 |
| SHA256 | 781c7e3ca29bdc298a46c9d75142fa615129a9c5308e25fa7d6f3e180bb56113 |
| SHA512 | ddabd966675c9ea3e024c4a50c353593364b0c45d1ec025bd03a086e3bc86fa34641e1d57d8854afbd7567586358e07ad305402a7a8d5ebf91adc12fec32959c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e62dd02458726b10ddf9674574e9b6ec |
| SHA1 | c6b471e2c95dc36a091ddd007c2e2916a469a494 |
| SHA256 | 31756a0515c68ba9455432dd3d82a5a7c0f9dbe0574d9aa11749d46717328dda |
| SHA512 | ce93fb4f5af6255a0c1cea294a2a2451b2a8f9fa4aca45490bae3de31a6259e0629b062241f7e127c50728752a99fe26a050086bdaa72b86da7977955bdda038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f26f313dec8f7298e9a55ab0fa8817d0 |
| SHA1 | 95799779c6f06087d2754a06a532d0e5c74ffa07 |
| SHA256 | 0bb2a58c147dddbfb607ca33b6ec15c089e0bf660b2cc69b9c90ac6f949dab14 |
| SHA512 | 206fdae4b8c105bb600de4cb49101aae8b8b42662afbfc68ae10aaf193660e723d686c43673290d6a7c7637fa95e618e7fc4bfd36175427fff5dbc9a87ffb8ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9e808546b15dcbde3a43624e7097db2f |
| SHA1 | f1b0b639539997bc1577a1aa2661fd3793a7ca63 |
| SHA256 | de7aca9b239dee8c694378826aa5d8b527343ffc4a371d6cb4ff891a85aeb198 |
| SHA512 | 78e1e739c85932f6126ba5dacea0420dec5203e177a87195a87e5101919236e4352c5c43b2bbf3d33495db67f32774d6061fa5be290f416bcb290b0d2172efd2 |
C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe
| MD5 | 9750ea6c750629d2ca971ab1c074dc9d |
| SHA1 | 7df3d1615bec8f5da86a548f45f139739bde286b |
| SHA256 | cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c |
| SHA512 | 2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b |
C:\Program Files (x86)\GUM6538.tmp\@PaxHeader
| MD5 | 244414574ddbd89afa0fb8c7b7dc6d6e |
| SHA1 | 2df961a51c13886a9cb53868d5ac1ec3c6b767b0 |
| SHA256 | bd35f097a801a3c234cb868fec228d169bb25f6c5dcaff5efb2f9d81a4d523f5 |
| SHA512 | 1a8014954385bead00003b8c2b08bb90643b62ca60fe4a091bcd6a16086c084b040e800f311f167941bec34bceb39572add7cf533e386f910d1f40e3f21b1d99 |
C:\Program Files (x86)\GUM6538.tmp\@PaxHeader
| MD5 | fc8ee03b2a65f381e4245432d5fef60e |
| SHA1 | d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f |
| SHA256 | 751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4 |
| SHA512 | 0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4 |
C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
| MD5 | cbcdf56c8a2788ed761ad3178e2d6e9c |
| SHA1 | bdee21667760bc0df3046d6073a05d779fdc82cb |
| SHA256 | e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3 |
| SHA512 | 5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e29a1b2f3b5cc0552d7e34fda2e83077 |
| SHA1 | 0fc7a3174d322208d42e937b4cbc8fed81d1316a |
| SHA256 | 584d1e118ed05438f92807a11171dc5d39dffed88254ea5f911e1a7fa5e9fc75 |
| SHA512 | f54def62993953810b0946cdd509e28a8d2302278e61f936abb7658a319c9998360f674b551890bbcc3cabcfa68f414ec908619e179ca63f088651c7663621aa |