Malware Analysis Report

2025-03-15 00:52

Sample ID 240626-x8y3masdrl
Target https://browser.yandex.com/
Tags
defense_evasion discovery evasion persistence privilege_escalation spyware stealer trojan upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://browser.yandex.com/ was found to be: Known bad.

Malicious Activity Summary

defense_evasion discovery evasion persistence privilege_escalation spyware stealer trojan upx

Modifies WinLogon for persistence

Boot or Logon Autostart Execution: Active Setup

Sets service image path in registry

Drops file in Drivers directory

Downloads MZ/PE file

Modifies RDP port number used by Windows

Checks computer location settings

Event Triggered Execution: Component Object Model Hijacking

Checks BIOS information in registry

Loads dropped DLL

Executes dropped EXE

UPX packed file

Reads user/profile data of web browsers

Impair Defenses: Safe Mode Boot

Enumerates connected drives

Checks whether UAC is enabled

Checks installed software on the system

Adds Run key to start application

Checks system information in the registry

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

Suspicious use of AdjustPrivilegeToken

Opens file in notepad (likely ransom note)

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Suspicious behavior: LoadsDriver

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Uses Volume Shadow Copy service COM API

Runs regedit.exe

Checks SCSI registry key(s)

Suspicious use of SendNotifyMessage

Uses Volume Shadow Copy WMI provider

Suspicious behavior: EnumeratesProcesses

Modifies system certificate store

Suspicious use of FindShellTrayWindow

Modifies Internet Explorer settings

Uses Task Scheduler COM API

Checks processor information in registry

Modifies data under HKEY_USERS

Modifies registry class

Script User-Agent

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-26 19:32

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-26 19:32

Reported

2024-06-26 20:05

Platform

win10v2004-20240611-en

Max time kernel

1241s

Max time network

1243s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://browser.yandex.com/

Signatures

Modifies WinLogon for persistence

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} C:\Windows\System32\ie4uinit.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\IsInstalled = "1" C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} C:\Windows\System32\ie4uinit.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\Locale = "*" C:\Windows\System32\ie4uinit.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\Version = "11,1081,19041,0" C:\Windows\System32\ie4uinit.exe N/A

Downloads MZ/PE file

Drops file in Drivers directory

Description Indicator Process Target
File created C:\Windows\system32\DRIVERS\mbamswissarmy.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\system32\DRIVERS\MbamChameleon.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\system32\DRIVERS\farflt.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\system32\DRIVERS\mbam.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\SysWOW64\drivers\mbamtestfile.dat C:\Users\Admin\Downloads\MBSetup.exe N/A
File created C:\Windows\system32\drivers\mbae64.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Windows\system32\DRIVERS\MbamElam.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\DRIVERS\MbamElam.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\system32\DRIVERS\mwac.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\system32\Drivers\PROCEXP152.SYS C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A

Modifies RDP port number used by Windows

Sets service image path in registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\mbamchameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PROCEXP152\ImagePath = "\\??\\C:\\Windows\\system32\\Drivers\\PROCEXP152.SYS" C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\Downloads\MBSetup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\Users\Admin\Downloads\MBSetup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\Downloads\adwcleaner.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\Users\Admin\Downloads\adwcleaner.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Yandex.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\yb79CA.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe N/A
N/A N/A C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
N/A N/A C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
N/A N/A C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
N/A N/A C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
N/A N/A C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Impair Defenses: Safe Mode Boot

defense_evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (str) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService\ = "Service" C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key deleted \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Reads user/profile data of web browsers

spyware stealer

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\K: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\H: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\R: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\A: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\X: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\B: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Z: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\M: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\P: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\M: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Z: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\V: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\X: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\H: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\L: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\E: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\J: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\P: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\B: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\V: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\W: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\K: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\M: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\N: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Q: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Q: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\P: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\I: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\Z: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\T: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Z: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\R: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\E: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\Q: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\T: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\B: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\E: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\S: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\U: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\S: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\O: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\U: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\N: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\O: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\W: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\Y: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\U: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\W: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\Y: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\W: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\K: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\R: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\G: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\L: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\H: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\N: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\A: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\S: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\J: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File opened (read-only) \??\B: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\I: C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
File opened (read-only) \??\L: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\N: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened (read-only) \??\X: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\net8192se64.inf_amd64_167684f9283b4eca\net8192se64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netl1c63x64.inf_amd64_4d6630ce07a4fb42\netl1c63x64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\net8185.inf_amd64_7a30f5a9441cd55b\net8185.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61A0.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\201DA8C72BE195AF55036D85719C6480 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\ipoib6x.inf_amd64_ef71073a5867971f\ipoib6x.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netxex64.inf_amd64_ede00b448bfe8099\netxex64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netbc63a.inf_amd64_7ba6c9cea77dd549\netbc63a.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtwlanu.inf_amd64_1815bafd14dc59f0\netrtwlanu.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61B1.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netelx.inf_amd64_7812e4e45c4a5eb1\netelx.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\nete1g3e.inf_amd64_af58b4e19562a3f9\nete1g3e.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netathrx.inf_amd64_220db23f5419ea8d\netathrx.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\201DA8C72BE195AF55036D85719C6480 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\nett4x64.inf_amd64_54eacac1858c78ab\nett4x64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\net44amd.inf_amd64_450d4b1e35cc8e0d\net44amd.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netwtw04.inf_amd64_c8f5ae6576289a2d\netwtw04.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_EF6C9357BB54DDB629FD2D79F1594F95 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtwlans.inf_amd64_97cd1a72c2a7829c\netrtwlans.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\net7400-x64-n650.inf_amd64_557ce3b37c3e0e3b\net7400-x64-n650.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.cat C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.cat C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F7456FD78DEB390E51DB22FDEB14606 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netr28x.inf_amd64_5d63c7bcbf29107f\netr28x.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netsstpa.inf_amd64_e76c5387d67e3fd6\netsstpa.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\48B35517638A85CA46010B026C2B955A_4301D087ABDD3CB96DA18A17FE4B3BEB C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61B1.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_D2F6556190F7B1A25A117FFB5467EEBD C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netwns64.inf_amd64_162bb49f925c6463\netwns64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\439F613B3D55693954E1B080DE3085B4_C4927E03400A4F6EDB9D613E6354F864 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrasa.inf_amd64_1bdf7a435cb3580d\netrasa.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netwtw06.inf_amd64_2edd50e7a54d503b\netwtw06.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netjme.inf_amd64_752bf22f1598bb7e\netjme.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1} C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netg664.inf_amd64_84cd7b2798e0a666\netg664.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netl1e64.inf_amd64_8d5ca5ab1472fc44\netl1e64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_amd64_3294fc34256dbb0e\dc21x4vm.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\System32\CatRoot2\dberr.txt C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\repdrvfs.pdb C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_D2F6556190F7B1A25A117FFB5467EEBD C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netk57a.inf_amd64_d823e3edc27ae17c\netk57a.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_10CFC0D4C45D2E76B7EA49C8C22BEDFE C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\System32\Amsi.pdb C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netbxnda.inf_amd64_1fff3bc87a99b0f1\netbxnda.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\rt640x64.inf_amd64_8984d8483eef476c\rt640x64.PNF C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File created C:\Windows\System32\DriverStore\drvstore.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\System32\w3kwab.exe C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_0A36A03C09DCEEA388C024E3D20B14B7 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Windows\System32\DriverStore\drvstore.tmp C:\Windows\system32\DrvInst.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Security.Principal.Windows.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\Prism.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\System.Xaml.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\PresentationCore.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\PresentationFramework.Aero2.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Runtime.Intrinsics.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Text.Encoding.Extensions.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\cs\UIAutomationProvider.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\de\System.Windows.Forms.Primitives.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ko\Microsoft.VisualBasic.Forms.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\Microsoft.VisualBasic.Forms.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\ReachFramework.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-rtlsupport-l1-1-0.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.IO.Pipes.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Text.Encodings.Web.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\mbtun.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\sdk\mwac.inf C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-processenvironment-l1-1-0.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hans\System.Windows.Forms.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\it\UIAutomationTypes.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\System.Xaml.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\System.Xaml.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\WindowsBase.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.Win32.Registry.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Transactions.Local.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Web.HttpUtility.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Threading.Thread.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\fr\PresentationUI.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnel_wireguard.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\MBAMCore.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Tray.deps.json C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-fibers-l1-1-0.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Diagnostics.StackTrace.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Security.AccessControl.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\it\System.Xaml.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ja\UIAutomationProvider.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ru\System.Windows.Input.Manipulations.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ru\UIAutomationTypes.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\UIAutomationTypes.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\Microsoft.VisualBasic.Forms.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\PresentationCore.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\fr\PresentationCore.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ko\PresentationUI.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\System.Windows.Forms.Design.Editors.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.VisualBasic.Core.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Transactions.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\ucrtbase.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\cs\PresentationFramework.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Services.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\System.Text.Encodings.Web.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.NETCore.App.runtimeconfig.json C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Globalization.Extensions.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Net.Ping.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\Microsoft.VisualBasic.Forms.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-handle-l1-1-0.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Reflection.Emit.Lightweight.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pt-BR\System.Windows.Controls.Ribbon.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hans\WindowsBase.resources.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\System.Diagnostics.EventLog.Messages.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
File created C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-crt-private-l1-1-0.dll C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\inf\oem3.inf C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\Tasks\Update for Yandex Browser.job C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
File opened for modification C:\Windows\Tasks\Update for Yandex Browser.job C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\inf\oem3.pnf C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\Tasks\System update for Yandex Browser.job C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
File created C:\Windows\rescache\_merged\2229298842\1848681917.pri C:\Windows\system32\LogonUI.exe N/A
File created C:\Windows\inf\oem3.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\inf\oem3.inf C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\Tasks\Repairing Yandex Browser update service.job C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\regedit.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\regedit.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceDesc C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000\Control C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\DeviceDesc C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\Control C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\LowerFilters C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\LogConf C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Phantom C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \Registry\Machine\Hardware\Description\System\CentralProcessor C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key enumerated \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\FeatureSet C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\FeatureSet C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\Identifier C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\VendorIdentifier C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Malwarebytes.exe = "11000" C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\BrowserEmulation\CVListTTL = "0" C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Capabilities\Hidden = "0" C:\Windows\System32\ie4uinit.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Capabilities C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\BrowserEmulation C:\Windows\System32\ie4uinit.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\OperationalData = "12" C:\Windows\System32\ie4uinit.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-20\Software C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes\FirstRun = "false" C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Windows\system32\DrvInst.exe N/A
Key deleted \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key deleted \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key deleted \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Windows\system32\DrvInst.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Windows\system32\DrvInst.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C4652FC-FA35-4394-A133-F68409776465} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9F0067A5-A8F1-46BF-AA32-F418656FDE6F}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C842243-BDAD-4A93-B282-93E3FCBC1CA4}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2A153977-1A37-4EF7-9226-9E128FA51AE1}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D88AC9B4-2BC3-4215-9547-4F05743AE67B}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexJS.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FA1D4FDD-C9C8-4575-A2A1-4179C3A3473D}\TypeLib\Version = "1.0" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{557ADCF9-0496-46F6-A580-FF8EC1441050}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{53260A87-5F77-4449-95F1-77A210A2A6D8}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexXML.TNI4X5EMNWWMEECFE3V3XDRYPY\Application C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{964AD404-A1EF-4EDA-B8FA-1D8003B29B10}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\xhtmlfile\shell\open\command C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\iexplore.exe\shell\open C:\Windows\System32\ie4uinit.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{55D0C28B-2BF3-4230-B48D-DB2C2D7BF6F8}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{09F245DA-55E7-451E-BDF3-4EE44637DFF1}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1E3F0FEC-3E40-4137-8C7D-090AFA9B6C5E} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4163399F-AB08-4E5E-BE28-6B9440393AD3}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1A173904-D20F-4872-93D5-CBC1336AE0D6}\ = "_IRTPControllerEventsV2" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2DEBAD4E-3BAF-44F0-9150-BCCCC3801CF9} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexPDF.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\ApplicationName = "Yandex" C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\.xht\OpenWithProgids\YandexHTML.TNI4X5EMNWWMEECFE3V3XDRYPY C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MB.CloudController.1\CLSID C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6357A98F-CE03-4C67-9410-00907FB21BC7}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D10B0F61-43AA-40F4-9C6C-57D29CA8544E}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController.1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController\CurVer\ = "MB.LicenseController.1" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2FB37514-21FA-4B2C-94DA-1562126E9F5F}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5BA2811A-EE5B-44DF-81CD-C75BB11A82D4}\ = "IAEControllerEventsV4" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5D448EF3-7261-4C0C-909C-6D56043C259D} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexHTML.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\AppUserModelId = "Yandex.TNI4X5EMNWWMEECFE3V3XDRYPY" C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\yabrowser\shell C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController.1\CLSID C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{90A62FAD-6FA9-4454-8CEE-7EDF67437226}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{960F2BB5-E954-45C5-97DF-A770D9D8C24B}\ = "IScanParametersV9" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CE7ABFE9-8F8F-4EDD-86BD-9209FD072126}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F5BCAC7E-75E7-4971-B3F3-B197A510F495}\1.0\0\win64\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\\4" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{81701AB9-0B9C-49FE-9C79-C3C4DCA91E7B}\TypeLib\ = "{A82129F1-32E1-4D79-A39F-EBFEE53A70BF}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{638A43D2-5475-424B-87B8-042109D7768F}\ = "_IUpdateControllerEvents" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D7A05281-DB9E-4E02-9680-E4D83CDAA6AB}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D8258E71-3A7A-4D9D-85BB-C7999F95B7E4}\TypeLib\ = "{2446F405-83F0-460F-B837-F04540BB330C}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{31BF2366-C6DB-49F1-96A5-8026B9DF4152}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{983849D5-BFE9-43E9-A9A0-CBAFBC917F39}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F418F2F6-5173-4E4F-80EF-AF21E516C461}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{106E3995-72F9-458A-A317-9AFF9E45A1F0}\TypeLib\Version = "1.0" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FB81F893-5D01-4DFD-98E1-3A6CB9C3E63E}\ = "IMWACControllerV12" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6724C143-DE69-4A93-80ED-19B75DD2AA99}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B42C0E8E-5C9D-46B7-AAED-2294C6566DC0}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A0EB1521-C843-47D5-88D2-5449A2F5F40B}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{FFB94DF8-FC15-411C-B443-E937085E2AC1}\1.0\ = "RTPControllerCOMLib" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B1D8E799-D5A2-45B4-9524-067144A201E4}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BADF77CD-ECCE-4B36-88FF-6A2804FFE307}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1691A7E8-B8D1-46D5-BB29-3A4DB2D809C6}\TypeLib\Version = "1.0" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2FB37514-21FA-4B2C-94DA-1562126E9F5F}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\TypeLib C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E230930A-6CC2-4B9D-8CE1-03F86A8EDA05}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ABC1D1AF-23ED-4483-BDA4-90BCC21DFBDB}\ProxyStubClsid32 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4E0F1EE6-E7CA-4BEE-8C08-0959842DA615} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexCSS.TNI4X5EMNWWMEECFE3V3XDRYPY\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{783B187E-360F-419C-B6DA-592892764A01}\1.0 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{61964EBA-D9C0-4834-B01C-A6133F432BB1} C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 040000000100000010000000cb17e431673ee209fe455793f30afa1c0f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c953000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030109000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df1400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331330b000000010000001200000056006500720069005300690067006e0000001d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3617e000000010000000800000000c0032f2df8d6016800000001000000000000000300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e5190000000100000010000000d8b5fb368468620275d142ffd2aade372000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd0300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd17e00000001000000080000000080c82b6886d7017a000000010000000c000000300a06082b060105050703091d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a07f0000000100000016000000301406082b0601050507030306082b060105050703096200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf690b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520036000000090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff1200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d46240f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a190000000100000010000000fd960962ac6938e0d4b0769aa1a64e262000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\Downloads\adwcleaner.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f1030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2090000000100000016000000301406082b0601050507030306082b060105050703086200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e12700b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000000f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d0030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d578112861900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 5c000000010000000400000000080000190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e76200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb65809000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e650040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 C:\Users\Admin\Downloads\adwcleaner.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0400000001000000100000001d3554048578b03f42424dbf20730a3f0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186819000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 5c000000010000000400000000100000190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd0300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd17e00000001000000080000000080c82b6886d7017a000000010000000c000000300a06082b060105050703091d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a07f0000000100000016000000301406082b0601050507030306082b060105050703096200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf690b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520036000000090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff10400000001000000100000004fdd07e4d42264391e0c3742ead1c6ae200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa20f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e349040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A C:\Users\Admin\Downloads\adwcleaner.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 5c000000010000000400000000080000190000000100000010000000d8b5fb368468620275d142ffd2aade370300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e56800000001000000000000007e000000010000000800000000c0032f2df8d6011d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3610b000000010000001200000056006500720069005300690067006e0000001400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331336200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df09000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703017f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c9040000000100000010000000cb17e431673ee209fe455793f30afa1c2000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD\Blob = 0300000001000000140000001c58a3a8518e8759bf075b76b750d4f2df264fcd2000000001000000c2040000308204be308203a6a003020102021006d8d904d5584346f68a2fa754227ec4300d06092a864886f70d01010b05003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3231303431343030303030305a170d3331303431333233353935395a304f310b300906035504061302555331153013060355040a130c446967694365727420496e633129302706035504031320446967694365727420544c53205253412053484132353620323032302043413130820122300d06092a864886f70d01010105000382010f003082010a0282010100c14bb3654770bcdd4f58dbec9cedc366e51f311354ad4a66461f2c0aec6407e52edcdcb90a20eddfe3c4d09e9aa97a1d8288e51156db1e9f58c251e72c340d2ed292e156cbf1795fb3bb87ca25037b9a52416610604f571349f0e8376783dfe7d34b674c2251a6df0e9910ed57517426e27dc7ca622e131b7f238825536fc13458008b84fff8bea75849227b96ada2889b15bca07cdfe951a8d5b0ed37e236b4824b62b5499aecc767d6e33ef5e3d6125e44f1bf71427d58840380b18101faf9ca32bbb48e278727c52b74d4a8d697dec364f9cace53a256bc78178e490329aefb494fa415b9cef25c19576d6b79a72ba2272013b5d03d40d321300793ea99f50203010001a38201823082017e30120603551d130101ff040830060101ff020100301d0603551d0e04160414b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304006082b060105050730028634687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63727430420603551d1f043b30393037a035a0338631687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63726c303d0603551d2004363034300b06096086480186fd6c02013007060567810c01013008060667810c0102013008060667810c0102023008060667810c010203300d06092a864886f70d01010b050003820101008032ce5e0bdd6e5a0d0aafe1d684cbc08efa8570edda5db30cf72b7540fe850afaf33178b7704b1a8958ba80bdf36b1de97ecf0bba589c59d490d3fd6cfdd0986db771825bcf6d0b5a09d07bdec443d82aa4de9e41265fbb8f99cbddaee1a86f9f87fe74b71f1b20abb14fc6f5675d5d9b3ce9ff69f7616cd6d9f3fd36c6ab038876d24b2e7586e3fcd8557d26c21177df3e02b67cf3ab7b7a86366fb8f7d89371cf86df7330fa7babed2a59c842843b11171a52f3c90e147da25b7267ba71ed574766c5b8024a65345e8bd02a3c209c51994ce7529ef76b112b0d927e1de88aeb36164387ea2a63bf753febdec403bb0a3cf730efebaf4cfc8b3610733ef3a4 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 0400000001000000100000004fdd07e4d42264391e0c3742ead1c6ae0f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff153000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d0020005200360000006200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf697f0000000100000016000000301406082b0601050507030306082b06010505070309140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a01d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef7a000000010000000c000000300a06082b060105050703097e00000001000000080000000080c82b6886d7010300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd1190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 C:\Users\Admin\Downloads\Yandex.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 0f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e0b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000006200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e1270090000000100000016000000301406082b0601050507030306082b06010505070308140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 19000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf50f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e0b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000006200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e1270090000000100000016000000301406082b0601050507030306082b06010505070308140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 1900000001000000100000009f687581f7ef744ecfc12b9cee6238f1030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2090000000100000016000000301406082b0601050507030306082b060105050703086200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e12700b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000000f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e2000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C\Blob = 0300000001000000140000002ad974a775f73cbdbbd8f5ac3a49255fa8fb1f8c2000000001000000620400003082045e30820346a0030201020213077312380b9d6688a33b1ed9bf9ccda68e0e0f300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3232303832333232323132385a170d3330303832333232323132385a303c310b3009060355040613025553310f300d060355040a1306416d617a6f6e311c301a06035504031313416d617a6f6e205253412032303438204d303130820122300d06092a864886f70d01010105000382010f003082010a0282010100eb712ca9cb1f8828923230af8a570f78b73725955587ac675c97d322c8daa214676b7cf067dae2032ab356125dc6b547f96708a7937a9592180fb4f9f910369a7f2f80b64fba134ec75d531ee0dd96330720d396bc12e4745042a1051373b54f9b4424fe2d7fedbc2285ec362133977506ce271882dce3d9c582078d5e26012626671fd93f13cf32ba6bad7864fcaaff0e023c07df9c0578728cfdea75b7032884dae86e078cd05085ef8154b2716eec6d62ef8f94c35ee9c4a4d091c02e249198caeeba258ed4f671b6fb5b6b38064837478d86dcf2ea06fb76377d9eff424e4d588293cfe271c278b17aab4b5b94378881e4d9af24aef872c565fb4bb451e70203010001a382015a3082015630120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d0e0416041481b80e638a891218e5fa3b3b50959fe6e5901385301f0603551d230418301680148418cc8534ecbc0c94942e08599cc7b2104e0a08307b06082b06010505070101046f306d302f06082b060105050730018623687474703a2f2f6f6373702e726f6f746361312e616d617a6f6e74727573742e636f6d303a06082b06010505073002862e687474703a2f2f6372742e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e636572303f0603551d1f043830363034a032a030862e687474703a2f2f63726c2e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e63726c30130603551d20040c300a3008060667810c010201300d06092a864886f70d01010b05000382010100ad00de0205232e063262b46bb19416e41140de2bfa59c135efe0aa8f2b41b9d1f38739001df23db5a7470c0606c691f3075702d4edbd17c1909abf4875a2074f30dd4a6a42b50d3d15c00ffe845bc63c99cc5752b1d86e12d59692934b94e507e88982086a7a34d49e64e13d876a92909a63a14bf88fb6ea34d305be20c2de06e28c9f738b9f4d3985cace19369d85c99ec9f8503fb67e88a1efca84068b50b40a5ca61c44f1fdc8614060f26125aa07f4c7c27375e40c0b428d04e55f4448995b7b898196a7889d4b0d62e804c4d7feb4e8b26dcaecc01cbc385b1ddf85ce5b7ae3494b6cb9a7ddf405b249ade1c5146bc2ccebcd7fd65869bac3207e7fb0b8 C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 5c00000001000000040000000008000019000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b0400000001000000100000001d3554048578b03f42424dbf20730a3f20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 0f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff153000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d0020005200360000006200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf697f0000000100000016000000301406082b0601050507030306082b06010505070309140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a01d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef7a000000010000000c000000300a06082b060105050703097e00000001000000080000000080c82b6886d7010300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd1200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 C:\Users\Admin\Downloads\Yandex.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186820000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Runs regedit.exe

Description Indicator Process Target
N/A N/A C:\Windows\regedit.exe N/A

Script User-Agent

Description Indicator Process Target
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\Downloads\MBSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\MBSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Yandex.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Users\Admin\Downloads\adwcleaner.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Windows\regedit.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\procexp64.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe N/A
N/A N/A C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe N/A
N/A N/A C:\Windows\TEMP\sdwra_7176_734054612\service_update.exe N/A
N/A N/A C:\Windows\TEMP\sdwra_7176_1521301580\service_update.exe N/A
N/A N/A C:\Windows\TEMP\sdwra_7176_1260482126\service_update.exe N/A
N/A N/A C:\Windows\system32\LogonUI.exe N/A
N/A N/A C:\Windows\system32\LogonUI.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3404 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2368 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 3928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 3928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3404 wrote to memory of 2776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://browser.yandex.com/

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d620ab58,0x7ff9d620ab68,0x7ff9d620ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4332 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1420,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1556 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4988 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5004 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5284 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5224 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe"

C:\Users\Admin\Downloads\Yandex.exe

"C:\Users\Admin\Downloads\Yandex.exe" --parent-installer-process-id=5516 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp\" --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp\" --verbose-logging"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3480 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:2

C:\Users\Admin\AppData\Local\Temp\yb79CA.tmp

"C:\Users\Admin\AppData\Local\Temp\yb79CA.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=621053964

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5668 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x23c,0x294,0x7ff6d858d688,0x7ff6d858d694,0x7ff6d858d6a0

C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe

"C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe" --setup

C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe

"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --install

C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe

"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --run-as-service

C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe

"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5144 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x20c,0x210,0x214,0x1e8,0x218,0x7ff7f0f08aa0,0x7ff7f0f08aac,0x7ff7f0f08ab8

C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe

"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --update-scheduler

C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe

"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --update-background-scheduler

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe

"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5612 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x7ff635dad688,0x7ff635dad694,0x7ff635dad6a0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source5668_2027215247\Browser-bin\clids_yandex.xml"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=458856 --ok-button-pressed-time=603018327 --install-start-time-no-uac=603426436

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=2612 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x13c,0x140,0x144,0x118,0x148,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=2240,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2088,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2376 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2636,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2668 --brver=24.6.1.766 /prefetch:3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Storage Service" --field-trial-handle=2808,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3092 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3244,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Audio Service" --field-trial-handle=3456,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3488 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Video Capture" --field-trial-handle=3464,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3512 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=4160,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4184 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4524,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4520 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Profile Importer" --field-trial-handle=5164,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5176 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --set-as-default-browser

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7064 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff6883dd688,0x7ff6883dd694,0x7ff6883dd6a0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1712,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=3884 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5412,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5424 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4484,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5800,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4852 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5872,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6128,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5852 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6280,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6120,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6124 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=6596,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6736 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=6768,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6780 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=5216,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6740 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6956,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6952 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6924,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6740 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=3280,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4708 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6808,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5924 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7088,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7104 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7092,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7256 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7400,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7420 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7404,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7560 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7704,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7708 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7736,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7864 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8008,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8024 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8160,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8172 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8164,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8328 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8316,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8476 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8512,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8636 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8644,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8780 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8804,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8932 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8956,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9092 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9232,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9248 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9384,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9392 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9432,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9552 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9428,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9576 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9840,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9856 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9864,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10008 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9984,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9844 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater --broupdater-origin=auto --bits_job_guid={FD17C2FC-A0AE-4B50-BB89-B0B74881AECB}

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=1 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5912 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=micromode=broupdater --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2356,i,10525820128065667569,4715874121738457172,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2352 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2084,i,10525820128065667569,4715874121738457172,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2396 --brver=24.6.1.766 /prefetch:3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=1044,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5952 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=9936,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6936 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=install --bits_job_guid={2A6CCDD8-41FE-4180-AD0B-512730B53D88}

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=2 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=4380 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2332,i,3512179273608981091,12599438969218374592,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2328 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2220,i,3512179273608981091,12599438969218374592,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2364 --brver=24.6.1.766 /prefetch:3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5440,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5528,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10036 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={A358220A-E71A-46C6-AF74-6980BF1CE957}

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=3 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=8128 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2328,i,11947471634704334533,16395763992577357260,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2316 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2256,i,11947471634704334533,16395763992577357260,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2484 --brver=24.6.1.766 /prefetch:3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=1132,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1140 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8772,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6124 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=4148,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4924 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10136,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10036 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1144,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7696 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=5428,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8312 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1120,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9372 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8148,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7720 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=6416,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7720 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=1072,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=5480,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8636 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=5788,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8768 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=9584,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8000 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8000,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7688 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\Downloads\MBSetup.exe

"C:\Users\Admin\Downloads\MBSetup.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=7080,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9644 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=info-collection --field-trial-handle=6904,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=756 --enable-elf-protection /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7616,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7624 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1368,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7044 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=spell_checker.mojom.SpellChecker --lang=en-US --service-sandbox-type=utility --utility-enable-offline-spellchecker --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Spell checker" --field-trial-handle=3472,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9312 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=6696,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6564 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9332,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4620 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9796,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1284 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=6988,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9184 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=8348,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8340 --brver=24.6.1.766 /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9248,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9004 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\Downloads\adwcleaner.exe

"C:\Users\Admin\Downloads\adwcleaner.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9764,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7208 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9236,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9016 --brver=24.6.1.766 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall

C:\Windows\system32\DrvInst.exe

DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000148" "Service-0x0-3e7$\Default" "0000000000000158" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7208,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7220 --brver=24.6.1.766 /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9008,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9788 --brver=24.6.1.766 /prefetch:8

C:\Windows\regedit.exe

"C:\Windows\regedit.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9208,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8548 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=3248,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8592 --brver=24.6.1.766 /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=6608,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8548 --brver=24.6.1.766 /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none

C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe

"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1396,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4176 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7024,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8984 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7116,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7012 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7632,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9020 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=8836,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9772 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=9180,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8344 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=4256,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2640 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=9112,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9264 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=6820,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=8432,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7948 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=5996,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3284 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9104,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7212 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6288,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8196 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9960,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9752 --brver=24.6.1.766 /prefetch:8

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=4240,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8556 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6232,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6508 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6632,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5280 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5768,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3236 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=8196,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=752 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9140,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4224 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=7244,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1284 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5948,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6864 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=8992,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=6892,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3296 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8840,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9772 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=6496,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1204 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=9640,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6880 /prefetch:1

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=8776,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8616 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=spell_checker.mojom.SpellChecker --lang=en-US --service-sandbox-type=utility --utility-enable-offline-spellchecker --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Spell checker" --field-trial-handle=7856,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8472 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=6220,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9292 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=6784,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9192 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7032,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9376 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=7800,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9996 --brver=24.6.1.766 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\Malwarebytes Scan Report 2024-06-26 195153.txt

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=7752,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5736 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=10228,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9380 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=10188,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10176 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=9356,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1068 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=6532,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8400 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=10180,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8612 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=8572,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3304 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=qr_code.mojom.QRCodeService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="QR code service" --field-trial-handle=4328,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6508 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=5272,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10160 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=7556,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8620 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=7708,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7104 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8616,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9292 --brver=24.6.1.766 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=10216,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8256 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe

"C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe"

C:\Users\Admin\AppData\Local\Temp\procexp64.exe

"C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7324,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9120 --brver=24.6.1.766 /prefetch:8

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\browser.DMP

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" https://www.virustotal.com/about/terms-of-service

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=4 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=8120 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=6544,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8564 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=3292,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8400 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8516,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6832 --brver=24.6.1.766 /prefetch:8

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9144,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=276 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=6460,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3256 /prefetch:1

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe

ig.exe reseed

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9312,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6884 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5476,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4636 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9696,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7612 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=4296,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8428 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=9388,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8284 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9196,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10204 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=hips_info_provider.mojom.HipsInfoProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=hips_info_provider.mojom.HipsInfoProvider --field-trial-handle=8480,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6888 --brver=24.6.1.766 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap4597:368:7zEvent20226 -tzip -sae -- "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\YandexBrowser.zip"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=10004,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8620 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7352,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7364 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8760,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6748 --brver=24.6.1.766 /prefetch:8

C:\Windows\System32\control.exe

"C:\Windows\System32\control.exe" "C:\Windows\System32\appwiz.cpl",

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL "C:\Windows\System32\appwiz.cpl",

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe

"C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe"

C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe

"C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe" -nosurvey -uninstall

C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"

C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /uninstall

C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Unregserver

C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe

"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /uninstallmbtun

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall

C:\Windows\system32\DrvInst.exe

DrvInst.exe "5" "2" "C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.inf" "0" "48643ea57" "0000000000000150" "Service-0x0-3e7$\Default"

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --single-argument https://links.malwarebytes.com/link/uninstalled?days_since_install=0&prodVer=5.1.5.116&prodCode=MBAM-C&lang=en-US

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=4 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=4372 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=2032,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2028 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=1668,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=1912,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2260 --brver=24.6.1.766 /prefetch:3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Storage Service" --field-trial-handle=2472,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2584 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4016,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4012 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4464,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4600,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4596 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5112,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5044 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5020,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=5652,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5672 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5664,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5752 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=2808,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4992 --brver=24.6.1.766 /prefetch:8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --uninstall --verbose-logging

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --uninstall --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=1711875625

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7176 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x7ff6883dd688,0x7ff6883dd694,0x7ff6883dd6a0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --uninstall

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=2 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7800 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=1980,i,10439544620570865549,2301244948330544693,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1976 /prefetch:2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=1896,i,10439544620570865549,2301244948330544693,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2012 --brver=24.6.1.766 /prefetch:3

C:\Windows\System32\ie4uinit.exe

"C:\Windows\System32\ie4uinit.exe" -reinstall

C:\Windows\TEMP\sdwra_7176_734054612\service_update.exe

"C:\Windows\TEMP\sdwra_7176_734054612\service_update.exe" --uninstall

C:\Windows\TEMP\sdwra_7176_1521301580\service_update.exe

"C:\Windows\TEMP\sdwra_7176_1521301580\service_update.exe" --delete

C:\Windows\TEMP\sdwra_7176_1260482126\service_update.exe

"C:\Windows\TEMP\sdwra_7176_1260482126\service_update.exe" --delete

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://browser.yandex.ru/goodbye/?beta=0&brand_id=int&brversion=24.6.1.766&clid=2270482&dateinstall=26-06-2024&distrib_info=%7B%0D%0A+++%22banerid%22%3A+%226400000000%3A667c701fa054d8d722d02397%22%2C%0D%0A+++%22browser%22%3A+%22GoogleChrome%2F64%2F110.0.5481.104%22%2C%0D%0A+++%22download_date%22%3A+%221719431199%22%2C%0D%0A+++%22mongoID%22%3A+%22667c701fa054d8d722d02397%22%2C%0D%0A+++%22pps%22%3A+%22installID%253D8063537421719431107_1719431199507%2526mongoID%253D667c701fa054d8d722d02397%22%2C%0D%0A+++%22scup%22%3A+%221%22%2C%0D%0A+++%22statpromo%22%3A+%22true%22%2C%0D%0A+++%22vup%22%3A+%221%22%2C%0D%0A+++%22win10pin%22%3A+%221%22%2C%0D%0A+++%22yandexuid%22%3A+%228063537421719431107%22%0D%0A%7D%0D%0A&lang=en&os=10.0.19041&ui=7B92A788-7D2D-46AE-98D5-A12ECD75919E

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --field-trial-handle=3856,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4120,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5280,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5228 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5336,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5452 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5896,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5908 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.92 --initial-client-data=0x23c,0x240,0x244,0x238,0x24c,0x7ff9be9d4ef8,0x7ff9be9d4f04,0x7ff9be9d4f10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2240,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1932,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2276 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2648,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2644 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe"

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa3f49055 /state1:0x41c64e6d

Network

Country Destination Domain Proto
US 8.8.8.8:53 browser.yandex.com udp
RU 93.158.134.121:443 browser.yandex.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 121.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 yastatic.net udp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
RU 87.250.247.183:443 avatars.mds.yandex.net tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 download-paranja.yandex.net udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 217.131.154.178.in-addr.arpa udp
US 8.8.8.8:53 183.247.250.87.in-addr.arpa udp
US 8.8.8.8:53 119.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 yandex.ru udp
RU 93.158.134.121:443 download-paranja.yandex.net tcp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 mc.yandex.com udp
RU 93.158.134.121:443 download-paranja.yandex.net tcp
US 8.8.8.8:53 csp.yandex.net udp
RU 87.250.250.104:443 csp.yandex.net tcp
US 8.8.8.8:53 55.44.88.77.in-addr.arpa udp
US 8.8.8.8:53 104.250.250.87.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 74.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 80.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 download.cdn.yandex.net udp
RU 5.45.205.243:443 download.cdn.yandex.net tcp
US 8.8.8.8:53 cachev2-ams01.cdn.yandex.net udp
NL 5.45.247.51:443 cachev2-ams01.cdn.yandex.net tcp
US 8.8.8.8:53 243.205.45.5.in-addr.arpa udp
US 8.8.8.8:53 51.247.45.5.in-addr.arpa udp
US 8.8.8.8:53 api.browser.yandex.net udp
US 8.8.8.8:53 api.browser.yandex.ru udp
US 8.8.8.8:53 download.cdn.yandex.net udp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
RU 5.45.205.244:443 download.cdn.yandex.net tcp
US 8.8.8.8:53 244.205.45.5.in-addr.arpa udp
US 8.8.8.8:53 234.193.180.213.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 cachev2-ams01.cdn.yandex.net udp
NL 5.45.247.51:443 cachev2-ams01.cdn.yandex.net tcp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 cachev2-ams02.cdn.yandex.net udp
NL 5.45.247.52:443 cachev2-ams02.cdn.yandex.net tcp
US 8.8.8.8:53 52.247.45.5.in-addr.arpa udp
NL 5.45.247.51:443 cachev2-ams01.cdn.yandex.net tcp
RU 5.45.205.244:443 download.cdn.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 cachev2-ams03.cdn.yandex.net udp
NL 5.45.247.53:443 cachev2-ams03.cdn.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 53.247.45.5.in-addr.arpa udp
US 8.8.8.8:53 api.browser.yandex.ru udp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 api.browser.yandex.com udp
RU 213.180.193.234:443 api.browser.yandex.com tcp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
GB 216.58.204.67:443 update.googleapis.com tcp
RU 213.180.193.234:443 api.browser.yandex.com tcp
US 8.8.8.8:53 sba.yandex.net udp
US 8.8.8.8:53 sba.yandex.net udp
RU 87.250.250.232:443 sba.yandex.net tcp
US 8.8.8.8:53 browser-resources.s3.yandex.net udp
US 8.8.8.8:53 browser-resources.s3.yandex.net udp
US 8.8.8.8:53 browser.yandex.com udp
US 8.8.8.8:53 browser.yandex.com udp
RU 93.158.134.158:443 browser-resources.s3.yandex.net tcp
RU 93.158.134.158:443 browser-resources.s3.yandex.net tcp
RU 93.158.134.158:443 browser-resources.s3.yandex.net tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
RU 93.158.134.121:443 browser.yandex.com tcp
US 8.8.8.8:53 storage.ape.yandex.net udp
RU 87.250.251.66:443 storage.ape.yandex.net tcp
US 8.8.8.8:53 232.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 158.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 66.251.250.87.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 api.browser.yandex.net udp
US 8.8.8.8:53 api.browser.yandex.net udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:443 dns.google udp
RU 87.250.251.66:443 storage.ape.yandex.net tcp
RU 93.158.134.121:443 browser.yandex.com tcp
RU 93.158.134.121:443 browser.yandex.com tcp
RU 87.250.251.66:443 storage.ape.yandex.net tcp
RU 87.250.251.66:443 storage.ape.yandex.net tcp
RU 37.9.64.225:443 tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
RU 93.158.134.121:443 browser.yandex.com tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 178.154.131.215:443 yastatic.net tcp
RU 77.88.55.88:443 yandex.ru tcp
RU 213.180.204.196:443 tcp
RU 77.88.21.119:443 mc.yandex.com tcp
US 8.8.8.8:53 225.64.9.37.in-addr.arpa udp
US 8.8.8.8:53 215.131.154.178.in-addr.arpa udp
US 8.8.8.8:53 88.55.88.77.in-addr.arpa udp
US 8.8.8.8:53 196.204.180.213.in-addr.arpa udp
US 8.8.8.8:53 119.21.88.77.in-addr.arpa udp
RU 178.154.131.215:443 yastatic.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 87.250.254.216:443 tcp
US 8.8.8.8:53 216.254.250.87.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
RU 93.158.134.144:443 tcp
RU 93.158.134.144:443 tcp
US 8.8.8.8:53 106.254.250.87.in-addr.arpa udp
US 8.8.8.8:53 144.134.158.93.in-addr.arpa udp
RU 62.217.160.14:443 tcp
RU 93.158.134.144:443 tcp
RU 5.255.255.242:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.204.158:443 tcp
RU 213.180.204.158:443 tcp
RU 213.180.204.158:443 tcp
RU 213.180.204.158:443 tcp
RU 213.180.204.158:443 tcp
RU 213.180.204.158:443 tcp
US 8.8.8.8:53 14.160.217.62.in-addr.arpa udp
US 8.8.8.8:53 242.255.255.5.in-addr.arpa udp
US 8.8.8.8:53 2.160.217.62.in-addr.arpa udp
RU 77.88.21.37:443 tcp
US 8.8.8.8:53 158.204.180.213.in-addr.arpa udp
US 8.8.8.8:53 37.21.88.77.in-addr.arpa udp
RU 5.255.255.77:443 yandex.ru tcp
US 8.8.8.8:53 77.255.255.5.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 178.154.131.215:443 yastatic.net tcp
US 8.8.8.8:53 soft.export.yandex.ru udp
RU 87.250.254.20:443 soft.export.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 20.254.250.87.in-addr.arpa udp
RU 87.250.254.45:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 45.254.250.87.in-addr.arpa udp
GB 142.250.187.196:443 udp
US 8.8.8.8:53 csp.yandex.net udp
RU 87.250.250.104:443 csp.yandex.net tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
GB 142.250.187.206:443 tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.200.46:443 tcp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
GB 216.58.213.14:443 tcp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
GB 172.217.169.14:443 tcp
GB 172.217.16.227:443 tcp
US 8.8.8.8:53 14.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
RU 93.158.134.36:443 tcp
US 8.8.8.8:53 36.134.158.93.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.4.4:443 dns.google udp
GB 216.58.204.67:443 update.googleapis.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 webntp.yandex.ru udp
US 8.8.8.8:53 webntp.yandex.ru udp
US 8.8.4.4:443 dns.google tcp
RU 213.180.204.196:443 webntp.yandex.ru tcp
US 8.8.4.4:443 dns.google udp
RU 178.154.131.215:443 yastatic.net tcp
RU 77.88.55.88:443 yandex.ru tcp
RU 77.88.55.88:443 yandex.ru tcp
RU 77.88.55.88:443 yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
GB 142.250.200.46:443 udp
GB 142.250.200.46:443 udp
US 8.8.8.8:443 dns.google udp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
RU 93.158.134.242:443 tcp
US 8.8.8.8:53 242.134.158.93.in-addr.arpa udp
RU 77.88.55.88:443 yandex.ru tcp
GB 142.250.187.196:443 udp
US 8.8.4.4:443 dns.google udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net udp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 8.8.8.8:443 dns.google udp
RU 93.158.134.242:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 192.0.66.233:443 tcp
US 192.0.66.233:443 tcp
GB 142.250.200.46:443 udp
US 34.96.102.137:443 tcp
FR 143.244.56.50:443 tcp
GB 142.250.179.238:443 udp
GB 142.250.179.238:443 tcp
US 192.0.76.3:443 tcp
US 34.96.102.137:443 udp
US 34.96.102.137:443 udp
FR 143.244.56.50:443 udp
FR 143.244.56.50:443 tcp
US 8.8.8.8:53 233.66.0.192.in-addr.arpa udp
US 8.8.8.8:53 137.102.96.34.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 50.56.244.143.in-addr.arpa udp
US 8.8.8.8:53 72.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 18.208.60.200:443 tcp
US 104.19.178.52:443 tcp
US 104.19.178.52:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 172.64.155.119:443 tcp
US 8.8.8.8:53 200.60.208.18.in-addr.arpa udp
US 8.8.8.8:53 52.178.19.104.in-addr.arpa udp
US 104.18.32.137:443 tcp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 192.0.76.3:443 udp
GB 216.58.213.3:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 api2.amplitude.com udp
US 44.233.60.45:443 api2.amplitude.com tcp
US 8.8.8.8:53 45.60.233.44.in-addr.arpa udp
US 8.8.8.8:53 ark.mwbsys.com udp
US 100.24.217.80:443 ark.mwbsys.com tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.107:443 cdn.mwbsys.com tcp
US 8.8.8.8:53 80.217.24.100.in-addr.arpa udp
US 8.8.8.8:53 107.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 ark.mwbsys.com udp
US 100.24.217.80:443 ark.mwbsys.com tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.10:443 cdn.mwbsys.com tcp
US 100.24.217.80:443 ark.mwbsys.com tcp
US 8.8.8.8:53 10.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.107:443 cdn.mwbsys.com tcp
US 100.24.217.80:443 ark.mwbsys.com tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.41:443 cdn.mwbsys.com tcp
US 8.8.8.8:53 41.91.86.99.in-addr.arpa udp
US 100.24.217.80:443 ark.mwbsys.com tcp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.41:443 cdn.mwbsys.com tcp
GB 142.250.187.196:443 udp
GB 142.250.179.238:443 tcp
US 8.8.8.8:53 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net udp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:443 dns.google udp
GB 142.250.200.46:443 udp
US 34.96.102.137:443 udp
US 192.0.76.3:443 udp
FR 18.164.52.105:443 tcp
FR 18.164.52.105:443 tcp
US 8.8.8.8:53 105.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
SE 23.34.233.128:80 www.microsoft.com tcp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 adwcleaner.malwarebytes.com udp
FR 18.164.52.32:443 adwcleaner.malwarebytes.com tcp
FR 18.164.52.32:443 adwcleaner.malwarebytes.com tcp
US 8.8.8.8:53 32.52.164.18.in-addr.arpa udp
FR 18.164.52.32:443 adwcleaner.malwarebytes.com tcp
FR 18.164.52.32:443 adwcleaner.malwarebytes.com tcp
US 8.8.8.8:53 holocron.mwbsys.com udp
US 8.8.8.8:53 ipv4.am.i.mullvad.net udp
US 3.209.127.22:443 holocron.mwbsys.com tcp
SE 45.83.223.233:443 ipv4.am.i.mullvad.net tcp
US 3.209.127.22:443 holocron.mwbsys.com tcp
US 8.8.8.8:53 233.223.83.45.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
FR 18.164.52.32:443 adwcleaner.malwarebytes.com tcp
US 8.8.8.8:53 telemetry.malwarebytes.com udp
US 44.238.120.189:443 telemetry.malwarebytes.com tcp
US 8.8.8.8:53 189.120.238.44.in-addr.arpa udp
US 8.8.8.8:53 holocron.mwbsys.com udp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 8.8.8.8:53 92.36.219.3.in-addr.arpa udp
US 8.8.8.8:53 89.65.42.20.in-addr.arpa udp
GB 142.250.179.238:443 udp
US 8.8.8.8:53 iris.mwbsys.com udp
US 54.236.97.178:443 iris.mwbsys.com tcp
US 8.8.8.8:53 178.97.236.54.in-addr.arpa udp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
US 192.178.49.163:443 tcp
US 192.178.49.163:443 udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
GB 216.58.213.3:443 tcp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 8.8.8.8:53 api2.amplitude.com udp
US 52.88.118.164:443 api2.amplitude.com tcp
US 8.8.8.8:53 164.118.88.52.in-addr.arpa udp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 8.8.8.8:53 holocron.mwbsys.com udp
US 3.209.127.22:443 holocron.mwbsys.com tcp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 3.219.36.92:443 holocron.mwbsys.com tcp
US 8.8.8.8:53 sirius.mwbsys.com udp
US 3.210.87.158:443 sirius.mwbsys.com tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 99.86.91.10:443 cdn.mwbsys.com tcp
US 8.8.8.8:53 158.87.210.3.in-addr.arpa udp
US 8.8.8.8:53 crl.comodoca.com udp
US 104.18.38.233:80 crl.comodoca.com tcp
US 8.8.8.8:53 www.microsoft.com udp
SE 23.34.233.128:80 www.microsoft.com tcp
US 8.8.8.8:443 dns.google udp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
GB 142.250.187.196:443 udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 ocsp.trust-provider.com udp
US 172.64.149.23:80 ocsp.trust-provider.com tcp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 crl.trust-provider.com udp
GB 172.217.16.226:443 udp
US 172.64.149.23:80 crl.trust-provider.com tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.intel.com udp
ES 23.60.219.84:80 www.intel.com tcp
US 8.8.8.8:53 certificates.intel.com udp
SE 184.31.15.48:80 certificates.intel.com tcp
US 8.8.8.8:53 84.219.60.23.in-addr.arpa udp
GB 142.250.200.46:443 udp
US 8.8.8.8:53 48.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 ocsp.thawte.com udp
US 151.101.193.140:443 tcp
US 151.101.193.140:443 tcp
US 152.199.19.74:80 ocsp.thawte.com tcp
US 8.8.8.8:53 crl.thawte.com udp
US 8.8.8.8:53 140.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 74.19.199.152.in-addr.arpa udp
SE 192.229.221.95:80 crl.thawte.com tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.204.158:443 tcp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
SE 192.229.221.95:80 crl.thawte.com tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
RU 87.250.250.232:443 sba.yandex.net tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
RU 93.158.134.121:443 browser.yandex.com tcp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 93.158.134.121:443 browser.yandex.com tcp
RU 87.250.250.119:443 mc.yandex.com tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 8.8.8.8:53 spyware.neocities.com udp
US 151.101.65.140:443 tcp
US 198.51.233.2:443 tcp
US 198.51.233.2:443 tcp
US 8.8.8.8:53 140.65.101.151.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 2.233.51.198.in-addr.arpa udp
RU 87.250.251.20:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 20.251.250.87.in-addr.arpa udp
US 198.51.233.2:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 198.51.233.2:443 tcp
US 8.8.8.8:53 hubble.mb-cosmos.com udp
US 18.245.175.4:443 hubble.mb-cosmos.com tcp
US 8.8.8.8:53 4.175.245.18.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 198.51.233.2:443 tcp
RU 93.158.134.242:443 tcp
US 8.8.8.8:443 dns.google udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 93.158.134.242:443 tcp
US 151.101.193.140:443 tcp
US 151.101.193.140:443 tcp
US 151.101.193.140:443 tcp
US 151.101.129.140:443 tcp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 151.101.193.140:443 tcp
US 151.101.65.140:443 tcp
US 151.101.65.140:443 tcp
US 8.8.8.8:53 telemetry.malwarebytes.com udp
US 44.235.117.63:443 telemetry.malwarebytes.com tcp
US 8.8.8.8:53 63.117.235.44.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 151.101.1.140:443 tcp
US 151.101.193.140:443 tcp
GB 142.250.187.196:443 udp
GB 142.250.187.196:443 udp
IE 209.85.203.84:443 tcp
IE 209.85.203.84:443 udp
GB 142.250.179.238:443 google.com udp
IE 209.85.203.84:443 tcp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 84.203.85.209.in-addr.arpa udp
GB 142.250.187.196:443 udp
IE 209.85.203.84:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 44.235.117.63:443 telemetry.malwarebytes.com tcp
US 8.8.8.8:53 telemetry.malwarebytes.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
US 8.8.8.8:443 dns.google udp
RU 87.250.254.106:443 tcp
GB 142.250.187.196:443 udp
GB 142.250.179.238:443 google.com udp
GB 142.250.180.1:443 tcp
US 104.26.6.129:443 udp
RU 77.88.55.88:443 yandex.ru tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 129.6.26.104.in-addr.arpa udp
US 104.26.6.129:443 udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 104.26.6.129:443 tcp
US 8.8.8.8:53 relay.wormhole.app udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 50.116.12.82:443 udp
US 149.137.132.105:443 tcp
US 8.8.8.8:53 relay.wormhole.app udp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 50.116.12.82:443 tcp
US 149.137.132.105:443 tcp
US 8.8.8.8:53 82.12.116.50.in-addr.arpa udp
US 8.8.8.8:53 105.132.137.149.in-addr.arpa udp
RU 91.215.42.31:80 tcp
RU 91.215.42.31:80 tcp
RU 91.215.42.31:443 tcp
GB 142.250.187.206:443 tcp
RU 87.250.251.20:443 tcp
US 8.8.8.8:53 31.42.215.91.in-addr.arpa udp
GB 142.250.187.206:443 udp
GB 142.250.187.206:443 tcp
IE 209.85.203.84:443 tcp
GB 142.250.187.206:443 udp
GB 172.217.16.227:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.204.29:443 tcp
RU 91.215.42.31:443 tcp
US 8.8.8.8:53 29.204.180.213.in-addr.arpa udp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
RU 77.88.55.88:443 yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 api2.amplitude.com udp
US 44.236.68.145:443 api2.amplitude.com tcp
US 8.8.8.8:53 145.68.236.44.in-addr.arpa udp
US 104.26.3.70:443 tcp
US 151.101.65.140:443 tcp
US 151.101.65.140:443 tcp
US 151.101.193.140:443 tcp
US 151.101.193.140:443 tcp
US 151.101.193.140:443 tcp
US 151.101.65.140:443 tcp
US 151.101.129.140:443 tcp
US 151.101.129.140:443 tcp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 151.101.65.140:443 tcp
RU 93.158.134.242:443 tcp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
GB 142.250.187.196:443 udp
GB 142.250.187.206:443 udp
GB 142.250.187.206:443 tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
RU 87.250.254.106:443 tcp
RU 62.217.160.2:443 tcp
RU 87.250.254.106:443 tcp
GB 142.250.187.196:443 udp
GB 142.250.179.238:443 google.com udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
SE 23.34.233.227:443 tcp
SE 23.34.233.227:443 tcp
RU 87.250.250.232:443 sba.yandex.net tcp
GB 142.250.200.46:443 udp
US 104.26.6.129:443 udp
US 13.107.246.64:443 tcp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 227.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
IE 52.17.107.72:443 tcp
SE 23.34.233.128:443 www.microsoft.com tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 13.107.246.64:443 tcp
GB 23.214.139.72:443 tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
IE 66.235.152.225:443 tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 72.107.17.52.in-addr.arpa udp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 72.139.214.23.in-addr.arpa udp
US 20.42.65.88:443 tcp
US 8.8.8.8:53 49.43.201.23.in-addr.arpa udp
US 20.42.65.88:443 tcp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp
SE 23.201.43.27:443 tcp
PL 93.184.221.200:443 tcp
US 8.8.8.8:53 27.43.201.23.in-addr.arpa udp
US 8.8.8.8:53 200.221.184.93.in-addr.arpa udp
SE 23.201.43.67:443 tcp
US 8.8.8.8:53 67.43.201.23.in-addr.arpa udp
GB 142.250.187.206:443 udp
US 152.199.19.160:443 tcp
US 152.199.19.160:443 tcp
US 8.8.8.8:53 160.19.199.152.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 browser.yandex.ru udp
US 8.8.8.8:53 browser.yandex.ru udp
RU 87.250.250.232:443 sba.yandex.net tcp
US 8.8.8.8:53 browser.yandex.ru udp
US 8.8.8.8:53 browser.yandex.ru udp
US 8.8.4.4:443 dns.google udp
RU 93.158.134.121:443 browser.yandex.ru tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
RU 93.158.134.242:443 tcp
US 151.101.129.140:443 tcp
US 8.8.4.4:443 dns.google udp
US 151.101.193.140:443 tcp
US 172.64.149.23:80 crl.trust-provider.com tcp
US 8.8.8.8:53 ocsp.trust-provider.com udp
US 172.64.149.23:80 ocsp.trust-provider.com tcp
US 8.8.8.8:53 crl.trust-provider.com udp
US 172.64.149.23:80 crl.trust-provider.com tcp
US 8.8.8.8:53 www.intel.com udp
ES 23.60.219.84:80 www.intel.com tcp
US 8.8.8.8:53 certificates.intel.com udp
SE 184.31.15.50:80 certificates.intel.com tcp
US 8.8.8.8:53 50.15.31.184.in-addr.arpa udp
US 8.8.4.4:443 dns.google udp
US 74.125.34.46:443 tcp
US 74.125.34.46:443 tcp
US 34.117.229.111:443 tcp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
US 34.117.229.111:443 udp
US 104.16.242.118:443 udp
US 104.18.168.110:443 tcp
US 104.16.242.118:443 udp
US 104.18.70.113:443 tcp
US 8.8.8.8:53 111.229.117.34.in-addr.arpa udp
US 8.8.8.8:53 118.242.16.104.in-addr.arpa udp
US 8.8.8.8:53 110.168.18.104.in-addr.arpa udp
US 104.18.70.113:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 216.239.32.36:443 tcp
US 104.18.72.113:443 tcp
US 8.8.8.8:53 113.70.18.104.in-addr.arpa udp
RU 213.180.193.234:443 api.browser.yandex.net tcp
US 8.8.8.8:53 113.72.18.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 216.239.32.36:443 udp
US 151.101.129.140:443 tcp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
US 151.101.193.140:443 w3-reporting-nel.reddit.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 151.101.193.140:443 w3-reporting-nel.reddit.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 holocron.mwbsys.com udp
US 3.209.127.22:443 holocron.mwbsys.com tcp
US 8.8.8.8:53 sirius.mwbsys.com udp
US 3.210.87.158:443 sirius.mwbsys.com tcp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.reddit.com udp
RU 62.217.160.2:443 tcp
RU 77.88.44.55:443 yandex.ru tcp
RU 87.250.254.106:443 tcp
RU 87.250.254.106:443 tcp
RU 213.180.193.234:443 api.browser.yandex.net tcp
GB 142.250.187.196:443 udp
US 8.8.8.8:53 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net udp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 74.125.34.46:443 www.virustotal.com tcp
GB 216.58.201.99:443 tcp
US 216.239.32.36:443 udp
GB 142.250.187.227:443 tcp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 142.250.187.227:443 tcp
US 8.8.8.8:53 telemetry.malwarebytes.com udp
US 44.235.117.63:443 telemetry.malwarebytes.com tcp
GB 142.250.187.196:443 udp
GB 142.250.187.227:443 udp
RU 87.250.250.232:443 sba.yandex.net tcp
US 8.8.4.4:443 dns.google udp
RU 37.9.64.225:443 cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net tcp
US 8.8.4.4:443 dns.google udp
RU 93.158.134.242:443 tcp
RU 93.158.134.242:443 tcp
GB 216.58.213.3:443 tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.187.196:443 udp
US 216.239.32.36:443 udp
US 151.101.193.140:443 www.reddit.com tcp
US 151.101.1.140:443 www.reddit.com tcp
US 8.8.8.8:53 api2.amplitude.com udp
US 35.81.120.136:443 api2.amplitude.com tcp
US 8.8.8.8:53 136.120.81.35.in-addr.arpa udp
US 35.81.120.136:443 api2.amplitude.com tcp
US 8.8.8.8:53 ark.mwbsys.com udp
US 44.195.186.47:443 ark.mwbsys.com tcp
US 8.8.8.8:53 cdn.mwbsys.com udp
FR 54.230.112.71:443 cdn.mwbsys.com tcp
US 8.8.8.8:53 47.186.195.44.in-addr.arpa udp
US 8.8.8.8:53 71.112.230.54.in-addr.arpa udp
US 8.8.8.8:53 holocron.mwbsys.com udp
US 3.209.127.22:443 holocron.mwbsys.com tcp
US 8.8.8.8:53 webntp.yandex.ru udp
US 8.8.8.8:53 webntp.yandex.ru udp
US 8.8.8.8:53 links.malwarebytes.com udp
US 8.8.8.8:53 links.malwarebytes.com udp
FR 3.160.188.41:443 links.malwarebytes.com tcp
RU 213.180.204.196:443 webntp.yandex.ru tcp
US 8.8.8.8:53 api.browser.yandex.net udp
US 8.8.8.8:53 api.browser.yandex.net udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
RU 213.180.193.234:443 api.browser.yandex.com tcp
RU 213.180.193.234:443 api.browser.yandex.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 yandex.ru udp
RU 5.255.255.77:443 yandex.ru tcp
US 8.8.8.8:53 www.malwarebytes.com udp
US 8.8.8.8:53 www.malwarebytes.com udp
US 192.0.66.233:443 www.malwarebytes.com tcp
US 8.8.8.8:53 41.188.160.3.in-addr.arpa udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 stats.wp.com udp
US 8.8.8.8:53 plausible.io udp
US 8.8.8.8:53 plausible.io udp
US 8.8.8.8:53 genesis.malwarebytes.com udp
US 8.8.8.8:53 genesis.malwarebytes.com udp
GB 143.244.38.136:443 plausible.io tcp
US 18.208.60.200:443 genesis.malwarebytes.com tcp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 pixel.wp.com udp
US 8.8.8.8:53 pixel.wp.com udp
RU 213.180.193.234:443 api.browser.yandex.com tcp
US 192.0.76.3:443 pixel.wp.com udp
US 192.0.76.3:443 pixel.wp.com tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 8.8.8.8:53 api.browser.yandex.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
RU 213.180.193.234:443 api.browser.yandex.com tcp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
RU 213.180.204.196:443 webntp.yandex.ru tcp
US 8.8.8.8:53 sec.api.browser.yandex.com udp
US 8.8.8.8:53 sec.api.browser.yandex.com udp
RU 213.180.204.196:443 webntp.yandex.ru tcp
RU 213.180.193.234:443 sec.api.browser.yandex.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 api.browser.yandex.ru udp
US 8.8.8.8:53 api.browser.yandex.ru udp
RU 213.180.193.234:443 api.browser.yandex.ru tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
RU 87.250.254.20:443 soft.export.yandex.ru tcp
US 8.8.8.8:53 browser.yandex.ru udp
US 8.8.8.8:53 browser.yandex.ru udp
RU 93.158.134.121:443 browser.yandex.ru tcp
US 8.8.8.8:53 browser.yandex.ru udp
RU 93.158.134.121:443 browser.yandex.ru tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
SE 184.31.15.40:443 bzib.nelreports.net tcp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 yastatic.net udp
US 8.8.8.8:53 avatars.mds.yandex.net udp
US 8.8.8.8:53 avatars.mds.yandex.net udp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 87.250.247.181:443 avatars.mds.yandex.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 178.154.131.217:443 yastatic.net tcp
RU 87.250.247.181:443 avatars.mds.yandex.net tcp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 40.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 181.247.250.87.in-addr.arpa udp
US 8.8.8.8:53 yandex.ru udp
US 8.8.8.8:53 yandex.ru udp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
RU 93.158.134.119:443 mc.yandex.ru tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
GB 51.140.244.186:443 nav-edge.smartscreen.microsoft.com tcp
BE 88.221.83.187:443 www.bing.com tcp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
US 8.8.8.8:53 119.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 187.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 edge-mobile-static.azureedge.net udp
US 8.8.8.8:53 edge-mobile-static.azureedge.net udp
US 13.107.246.64:443 edge-mobile-static.azureedge.net tcp
GB 216.58.204.67:443 update.googleapis.com tcp
BE 88.221.83.201:443 www.bing.com tcp
US 8.8.8.8:53 201.83.221.88.in-addr.arpa udp

Files

\??\pipe\crashpad_3404_JOMXNBIYLHSXMXJJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3eb87fd9eda1376f08c2eb333f61692b
SHA1 78344d8eed13ce2fa9e1ff148b29cf9bcf080878
SHA256 2f0722c767dcc4513549453f282b26e996e304d840b4c203d8dd7a5c2c3db50e
SHA512 bca3db8d0b8eb7d880f10dbbca7be30aa58d089a0aaffc5b72d644a82489c3b84e274522bd965050dde6d999f558b1ecb51287f9e7714ae48fc74520d919c43b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f688ebb11f7310656530903eaf56813
SHA1 a277007ffa25ebdbfebefe62d26079f23dca7380
SHA256 544664231023299b9586c17cd510443b80f40c52c8c3abdfe18b79ee717dd1cb
SHA512 f897f39f8338d15cc01742922e35d0da0525bae7dc424e4679cd3113bfedf2e33dead8e38756c0b940cf7745413c9f0d9e2f39b2d1e9e43e412626107c4c18cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b9238f633134d8374b4d25aa52887f53
SHA1 c84aa97fdd06c437493b7a4d6d8ee0966ca583a2
SHA256 85e4930062dcb8c470ea86a618dd176fe16320649190cac6314e7685344ea0ac
SHA512 f55355cde86c40a2abe431b055c5753decd257270a19d1a876fa269501c2cdc7d931df8a417291bc2ad979bb3ca85cb9fa7b7db23e70f59a1f95ce1d5a403c75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9f03998b4bea81ec95c6d0b131fbfcd8
SHA1 ddfaf662d46337e41de51de43ee15a760f28ae3c
SHA256 9155edb3a2071967b160f1e9a930d034549cf1ff6f04ba906be92be026f15e72
SHA512 680c1fe1565685bf04fc9ce35d3db43464346efa9322bc74b21349067c0b86edff23fae9e61d6aaf82aa32d2b34f9f836260a8d275a21d936fbc127fa82fd24d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 65c45c79dc44fe6759c7cd13d02c830c
SHA1 d39dafa12b2d75de6e692a2cc1f7dd5f3893f493
SHA256 e1eb3c47967e57a1dd7c6fab75d292897f6bb6fcb900d4e489abd7e8971bb54d
SHA512 c96ddf99d4dfb5ebae26395c4d568d2bc65c300252c004eeeca4f66a0a06a1b0ba82a25af2548c583e2789d41f97c82637b39d8b8b78936b1b28fd362821549a

C:\Users\Admin\Downloads\Unconfirmed 135120.crdownload

MD5 01aed496ff6eaed7541cdb2cee447d85
SHA1 893f3f34589bdaa4a82c0f527d336dfac2e5802a
SHA256 7f98254d0e238ecb23685bc912aeaace20bc393eaa3868388e5a4a1ae510d295
SHA512 70ffadf979d00b134cb539298b8481f21907276a0f3818f08680c2763a96fd5385cc1d5a098994dd7b6f13cb210f934e0183569c5c2ceeb820dcda7f59de7175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81a90d55acb406ca13a476a6fcdf7a42
SHA1 26573592d597c10c8570591c0cd3de241e3a1600
SHA256 daaf630e0c61a07e6927735af0bb6231cce3789866902a54fa1e47815575e2f8
SHA512 8f46b7da1ba525ae4035918c6c4b3c11a22b2e3adb559e9a267cfc7c85e6ef11f6e5d08c5e65696e124f30cd76a381b1168d915c6a97cf94b25b28edd91e4b36

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 8909e1e6baf7cb6213b88d9f0a851da3
SHA1 48bda5e5632c869b511239a587b5041c10f3deb0
SHA256 611b0086bd73304736fa1179c2b22e7b754c2c17b6d7de0c9c13e64fd309a005
SHA512 cd69cc436d5561da4789aa3acb30f24a9aac01652481b6cb2a0e070131637c98c50bc6fcae8914233df13ca157aa1ddf3168e022e6245c31f9b153d0ab9cbc21

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 5a30fc1f5a7550545eb2bd29b0856f63
SHA1 ec15f6ed9e8ecdf9d122283501392404a535ffa3
SHA256 12d60e1b320641d947f2c821aa0726641a5716d8a020f328fbbe4d94f259fa43
SHA512 9adbc535fecee1b2b5aababd210356b20b2ca9a62b27ad977bc42d2e05857ec456234b90f75b8a9f625ff33ce17cd5f2c0cea068c57443cf25e8e9d18069717e

C:\Users\Admin\AppData\Roaming\Yandex\ui

MD5 111af257cc8e3495f4fc21542d080082
SHA1 429c3b38df308fa01e52d523786f2d684fb7397c
SHA256 0544b7f6b80ef6fb29c9968be2ec1c0181532a773de07485f5016c6a59c9a2a8
SHA512 164e102e5eefbfa3850d7161eebc538cc6532b921965c78a7c5f392aa87e26a58bef8487cf93600e79e0ae14acae1972549ac2137446893dc3a29dc311014959

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 f67489556f3dec93194a77813029d1f6
SHA1 2474218c06cab10c400f45bb6a86fb7369bdca2a
SHA256 725f2a5a25cbf368fd99c8915f007a92f4697ef17e4a28aa5a0a37f39d5bc06d
SHA512 11f5e4988906146c264239560802d4c269f050b3af7f1b1b33becf2e5b43368a98801efec785ba4399d3f4823a552e4a4ded3d1876c00a19d523f6416ce1be8e

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 c815879c3a09fe45ad4ca78283c53d20
SHA1 a4f2056f4e319d42b304ac7ee48123b4f030f199
SHA256 5d4ab8f8a222706220d0148519c7c5bdfa2df5f142d0f97aa11a36357f8a3354
SHA512 47239b2f3205006d7cd7bdb764c10a303bfad65a058d16402021e0999d550ee3a4ce8db003d2e238c2714db6b7e6265fe7fb61a6a3c779a30a0f27a26fc4b427

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ee5f5be8c15831352760ba9a0b86f02
SHA1 4314a4613e5ec4dad8dcda33d0f793c3158ac4fc
SHA256 14a7b4f4d8a1015d5b8eb99222fde460bb42bcc964687a3ca30c9465a3e6a454
SHA512 c2f21c5b66df249dc548edadd5e5bc26c1a3201e88472474431ba3bb8a6317bac4b53aff7e1eee2900c0ef07bf9d8a2d238dd93390f7179804b4759f7a1b8163

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3dc1ddd1b26a8a231717253f7282fdc9
SHA1 e748306529d2778b78895d2d999c38b85e0cd170
SHA256 054a3a4197210e969bbfb4d295d76f516c040468600d33817726755babc094e5
SHA512 6c76e7b68381a59d1a708c9e66ccb9a557fa3d569564cc1fc02050991aa63a683f64e20e3b4e7880394a22491fd40fa1a67b9eece4618da5ba20e69ae3ce4537

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe599cf2.TMP

MD5 eff0a34ae604b2defec15f6d7a4dd89f
SHA1 8e64aa223a4c807f380a21404a1b23ca2f4cb760
SHA256 aed7dd0d4bf1306880f57499d8b01f0098862c242646f85ed00686568ec27ea4
SHA512 7a645366e2fe7a8cc124bf099828884d9afe2bb2f855193070a35417fcdd8eea1934888abd392d301b90625cbb24ab310e7229f855087f75b073d3766b0b2e99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 43f71d2332647da6d2e982c044ce5f25
SHA1 5c0325591bbd52326300c3b73b0fb41cc85e75e0
SHA256 1d791465d8312b3996710f26d6bd47352f2dcfa2b17febdbede6d4a94c840ad5
SHA512 cc9e85979453529a8cbd907080f8852ecaecd35d99b99d84f2fde26fb8b5227d18fad25c7a7af900b88a045080bf632a25ce33932b10a11f911d24c721807dff

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 440500f8bab6fb34b469afab5672b2b0
SHA1 8ab416d5cce4a316a39c38f25aee36950d7a7441
SHA256 2ffc9b061ba0ec9da3fd3d741acacf810fc4fa4e81bfb33234cfeb00db1b786c
SHA512 d6e9fc59978df7bcb8bf587970cb112c63c8702652b992872f3a614c65547e2bc3c1513215304a4e1e830dae6bb057a8f74a238bdfd6dc58e8f24c65f329618e

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 f1e2c3b3a84304179fca8e998a9e13f5
SHA1 bc71e54bc31036af018984f2d75421b9367f6771
SHA256 0266544f3efa1e6ce7fc79aced4b15872e1d48608d31a017bb0054e541bbe03c
SHA512 ea3bc4cce9958288eef6631eb59829c01be0ccea82031869d4637f509a91a2aaa65d8c477e141c8aad11049e3f89bb6f479323c80d7fc2452a9e3e1b19127257

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

MD5 1adf1df1f49bf333f03a4f301efe1364
SHA1 c17a1e310ff4eee132c79067bb5c49b1845faed1
SHA256 c198d9e3569861b3b1d8c8b1bfb7c8b1c40035364c66dc067ac7fbd3497144ef
SHA512 3099a8518012956704bd82ac5d4f4f65e1d15f2e2fb882220b7374c47086bba1f84f0a1124d895382e6970afd7433758febe0dadc967a44d96e264916f8cb2e7

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe

MD5 3567844a6a9f79777657d980d8ee0092
SHA1 b0800199cf6ee828268926e76f563adb23dfa7a9
SHA256 cb575379b3235c343c67088a6041b8d105f56f9a60bad0fb721c7aefd6bbf592
SHA512 bb87dce77a5dbe7b19ec44286fd930e92812aa857832aba8d80103eee044ae53e302c183d1dc6d5edbb9e64206b8891977f326bb8bb6ef53a1e7d1f1a47a16fd

C:\Users\Admin\AppData\Local\Temp\master_preferences

MD5 4420dd84487c800ad7a9051167166c95
SHA1 e88e4852e8a2ad1455f711aee51c871a1e6a158d
SHA256 6f2497d865f6f5ac38e9426abe5b234afffb00f11e48d332b198bb61341e5ec7
SHA512 555951739eed0892dbe368a24268c4fe48c959d6ae550b65756a11c2e594b2d8b180f53f65bf662313f0554b52d7a4876761d7656cc0b4e509f85e6d0173187c

C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log

MD5 1fb99fd7254ad09c42563e2f91c7e72c
SHA1 73c8d8e42ac5d19269015c18202f39f226e9bc9c
SHA256 e03df61e9a9fc733fa87c93b084b65b33b76633ec1bcc15764f75dac944be3da
SHA512 123ec537decd1564201430fd7096cee77bed47748cdb5347b06eef126aed14c02433f1115e97000204778e05e63f8f4f5d15bf37e7ea6ee72be986bf7f52ca7e

C:\Users\Admin\AppData\Local\Temp\distrib_info

MD5 f3e1263e4b6cfa45e139ca3cb390484d
SHA1 6f3cc9ea1bdc99a849fd678f4a6dc94947edc14a
SHA256 b2f29aad5a07e308752cc28f6053dd5418c3d2b974afdbb15c315584b3045990
SHA512 363ac00cfc9544fa59307077351a65e198679638537c3cf560deead2a5e7abfba86d0eb29cbf6cc72a514b2f055b1a342fdcc8964f018254901212ab5dafedcf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_2D5E5B350E01A107C0352A3E192E40C3

MD5 554a0387c8d05cbbb373f68f966bb0c4
SHA1 6591dfee8e415d8a75ad1ff1afc583271c0061e8
SHA256 1c7ac3d44b6211b1fd5dd3288f4949cb16695a1391310782adfdeb840c887b7a
SHA512 24b437a1cec347ab5ddcf658b91f3d005b5b94e12e93cea2180351b978742d73f79dcc5aae21834f3f5df90415d79d0c30f1258b450922991eaeeb20c1c74671

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_2D5E5B350E01A107C0352A3E192E40C3

MD5 b907654fe0a07cb880c168eaadc2f764
SHA1 b041990cf76c0fdb883fd3e22f5589e018d48312
SHA256 50b98c4b35a08a57b0b934618249ee229c1f9118d26040389c527d2ce390f444
SHA512 fca5893fe23c2449220108206bde7394c006cea24cc1cb8ae5ea16e96a092d22e92a84542fb1cf4356ec24469dca6eab4faa1ffa89f197fddecbd95c091e8aae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3

MD5 eaafffdd4305d3fdecf0e9c1d7f26cee
SHA1 8e3aab060cc7ba22479d7e298f8e417504aef99b
SHA256 f6f236c92e3f8d7d4bbbeeb8be420fbd443111cb4c0704a99a29f9936b569783
SHA512 750427d84ee401bf9136c58e0a816a2fdae87533b17b649dd0b23f6da59de094f36c27b28d76450b32b1acdd8aeaf527870470f5648c932f93bb817cd0874341

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3

MD5 174fe1bc809d88689e193b020af83591
SHA1 8e7aa2a02dacd1e4e401e46861b864f4bc59deff
SHA256 b255f8c8bfa932d778a648d62eecb2e70688a002849ade2e5f5999b45a09574f
SHA512 b389f1a07a41e01d586e36885f68b6cd8558e2976ddbb8ea542593e16d56a229e36c0321db7b99aef54cd427146cfbf98bc8a6899a2f3d60e95028ec9365b93b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B

MD5 092acc0090616f5eb823e3ae8cca1d73
SHA1 1eaa94fc2c68e189db5ca88e38a87d46ec67f95c
SHA256 c0c35b1f34dc1ca1564e49215631903099abc2c1e203c9dbf079cd68070bfddc
SHA512 9406a6f1a8909b731603096527e56cb7e5700ac4b4b2238a8465fc2d8aba7d941d68560cf397d365df3659e82fd02c43ab8640160760f7636b4121fc973d38b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B

MD5 678733ed067b12340acbef1ac9261788
SHA1 7df15e69381203ae7eb8c19292eb543f25b2e7b5
SHA256 320aeb203b226fd6d04a2601262589f8f36af2c8e088fede44bf6811bd3b86b0
SHA512 6eb09c022396d8eff9f86d2b93b1e9ea583872ae04b32a00b00e7f33da57a533664c6a51ccaddf528f3118a4a5e83a33b7874d2584716b93086f1e6d242f955d

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BRAND_COMMON

MD5 a759c5f1c85c746667a2116f3826def4
SHA1 cc123af479e5a778e2e380eb853529c00a6abbe3
SHA256 c12498e96122788d6938cdd23697db73cb4cc67593314eacec21d4a73ccb37f5
SHA512 ac88e74bd3fc7eef48b75331631e47f15e69b04a88b7ba7c76d666ac4adae739ba4ebbfee9e721dd1099cc166894b934bb3053de069c2aa382756e5788d3e6a4

C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\brand_int

MD5 3510863bdd2584a2d91daabe0852f3d5
SHA1 5f4518b3ab74ea3bb834b137123f2e65681ed289
SHA256 ac12ee7fefa378584abe8e7e685c45e4d7f59acd7afa7d93ccdb66311e02a37b
SHA512 6b2437790045367243060137390fc22648fa44ffbc6aa97ec6a1a4296a94d5aea13683091b96da20f4b2976132ce22a59c096954e50f85791184e89c4088bd06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7

MD5 1c5785de1c58cbe564b3d07511a3858c
SHA1 4576e9f10701e93dd17a1be79464da2749d5144b
SHA256 a53efac4d2fe2f0f8d35bd6dc992fb2cf536839ec7bcdc33698b753dc244db10
SHA512 e12d13cbeb6625146d913ab9231aaed0bf4449979f42d96b529300391dae8bd6e1bdc346673285ed44cb503aab7202853146e8347ef37119b2489a0f1b3b93d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7

MD5 a4c4fb10f7942f12d32095f01c327012
SHA1 ca92965a7092d1d18080e90ddeb95094952c27ed
SHA256 7628816b0102f05b98489a30460d6f3c32f44486811de3150dc7a7fd1850a7a4
SHA512 20339ab7ccd444baa7e5a81916b24eeaea5723e31060ae9d8097ad590070856352bd554073f73fc687294f948960e15bda3c19e94727b0bbbc4a89bf4d4873b0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E

MD5 62b2c6cef6ec030703786bf01ed3bd01
SHA1 486d964500afc50c7c22c379ceb32e7db082f88f
SHA256 f6781d8c865c4b885cb5568ac8675cd224581ae9c7c467530529915318210192
SHA512 46f71d1a84d9e9cd5f2c9fb899b1d873646a73319b2de86ffd0ee2d4df36ad5ccec7ed430c57844899e55afc8ccda0cf3450020323cc7202a89ef6289fba0b3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E

MD5 419702ca8cd436b83bf2417fa9c52dfd
SHA1 76578f296b22a76d398d1b32b313e7974ef62e7f
SHA256 8a2c90fb7acd62d28b3764a35295ef5761e4b532344ca1919bf11ca2ebf6de25
SHA512 c1cebb7fded8c86ab3e928b56d243c5da30c2d2f397fe8f1554b3b23f335bc1bacdceeee54cc845c46f382ab6f9c4045d623b8b26d738e4024b8125c18084170

C:\Windows\Temp\sdwra_5668_572777290\service_update.exe

MD5 640d5c17c78283c43f02abc001a701fa
SHA1 640de7ea486310a0006f003b98107460b01611cb
SHA256 480ca1ca69e5ef3e0ae7a5bd1a242fdd80c68bdaf1f328a03e4c95d2cf7853b7
SHA512 e333b638d6b44834200ac13d64d7e82f8be5ecf334bf70b97e673a65bec7caf65371787e77cf6ff5e927b6fa056505db1447755116c96e44d0183d2859ba3c6f

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 3642116538454d36e93b1c6b5e207df1
SHA1 bbbfaed352a0e6243099a154f7b6beb6c3b2ac30
SHA256 75f75025da3ae2da5c098f0f37711bbc6d0cf1e68453851d863d90df316efcaf
SHA512 99ac576b0ed0008285f4b602a3c012a4c0c4227f5c31ba508775fa937f460f90d5d10d6ed1b88485b49e042132464905211012641c511e8e2f264a822660b2fa

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 7f09ddb4968b90d41f918d2ddb69b63b
SHA1 985c076ce48599b09ec87c3fdb08c3dc68704ae6
SHA256 702b3a313925746c008f50bea89c9e018c87b9dad68fd237814627fc78e719e2
SHA512 7b4ebbf0c40fc35d5394258605bad46b12658f7691e5945fa57a92e1c7f0edff494756f1633c2dcb9f8e8c42dec85887423cc956eae50372bd7a63ffa304e69e

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 33965d4b597d9e78e6dd8dc84ca0dfed
SHA1 70803846e7a0ae45da60d3880247bfe12e9d5c16
SHA256 88bb8b86b8be27ae6661b96458482b1935f984524a4c38ab559b767ebd3f5f25
SHA512 aa662d10395c57aaa151def9b3118e3121a1d86f259ec5f94f6fb960d8deb83ab68cbc47c817b6c320c054e4dae7589670b3684a361d9772d5d8f14b2c132b3e

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 2e7f2a8a60f95d5333a9b9ffb52cfd3c
SHA1 6ef340db35da6d4e42ac761cc32d12eb22abdefc
SHA256 e220d88daa21e88eb4133549e46931021d260ea08abded8f03c60b0934a6e400
SHA512 f9227d690329ef73f73c912bcfd696518efd913d524b220d6fc74cb892ebfcd668663e7f533c06a3cbe15cf133d459dde0b93a523b8aa4b153ef738c4819a803

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 e005a74433da8d6caa24fb5ec324a198
SHA1 1874711afe1d99c8f181a124e81fbffa7e657fad
SHA256 0cca8bd70da39de5767120cf1a729d9d22c709228eba0b74d49fd60b0e5fa784
SHA512 fb1bbad8ad55ca8f98e8f74a5793f772f5daf1e61b04c4fd746db95ae3dd1babd6410c8786bf91b0039f4a6508e6f028d58bbadf538541d8141fc674d32dbedd

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 123dc15b38a2bef98164070ef3145360
SHA1 52c8e67de972131e79d4345d38096cc65db57b96
SHA256 abc66148d80029a856ecce0a7ab549bb1c272ac26bca1fece59b92baf4780928
SHA512 6d2474e60d0020460c9196c733981ace05ce50da250c1b9bac5a746f28813fadb532ba9774893002811735ec0c8602972942a53c9fcf3a2879ddef22e417c2ea

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 013b8f867b1d4fa2438f4d885a5e9510
SHA1 596a8afc21df141049715dc8b13834ecffe1b940
SHA256 0d140eb778162a6b74c51eb6cc6ae26ce69aea8af71875b8d2491cd32fab2de6
SHA512 866be0de3bc1ee8735d25e2c82fc12e075b79dfdcefd303d018e808774898b0af69cd8c0764f121bbd89e6f60cf83f871fc7cf3abc2f35a449a6d130c092ece6

C:\ProgramData\Yandex\YandexBrowser\service_update.log

MD5 ec2684d74241f53ad28ef8bb6436ab16
SHA1 9750844d7d88aa30454087c21eb45500436a1efa
SHA256 76e88f17c278594744fa07664499cdf48bb95e2d29ee33e9199ab844caaaf1ac
SHA512 e271994eb837d7ccf0dbac071fa93b755796e8f44150ae65e2b8c58aa4967e2e268aca02220180e5607a1d03c942bc9caf7245657ff27472af9d31a5b865e3aa

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\brand_config

MD5 c58880e8fe94993877961f66f2d6f64f
SHA1 f4695e57ee5f3c37655fddcada0f64aee014f9b4
SHA256 a2448207c0e747a750afc7599ac5dc6daa3cfa7c51dc87c380b81fa96af95e13
SHA512 115720ca3cc79591a82dffb58906b1c38a9708cbdf865c132bd6ba1bda70141d68a0d6b1fa7682ff3b366470bb05d1577b8240c7b947ec83594c541706558a9e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_ru.png

MD5 ff321ebfe13e569bc61aee173257b3d7
SHA1 93c5951e26d4c0060f618cf57f19d6af67901151
SHA256 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64
SHA512 e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_DE_

MD5 4757da1b4ddb8085be308d987b150a35
SHA1 ce3492d4efa7f87e29c6b53aa7e3ac6d9ee95152
SHA256 9133f9eca9355387159ecfecc7158796305713c4046445d601eb5ded5fc0d3c3
SHA512 025d1e09494ac470f0cdefea6136d928d47f5f795f105603b43f37e43884e2c73da15757dc24f6793760bcc11501a2a4b3832a31f213c6751da20fc866ce9d72

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_CN_

MD5 f2826b7f3232265257d6efad0c443d21
SHA1 9da0d12745e199ac3f30f92c672b4dc97f35c75c
SHA256 cfb1791b0a72d00fde5675da5c041fc2de53123b5f5b2b2129237404eb8ba482
SHA512 4a8ac9dda75df8016e9b367b5d76afbab7f4f7f6fdcfe7f36d6273b7709fb992c377d21954a3665c234f84f640342b90161965e5dd09942ff8fbeaa8cccf7b8d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_GB_

MD5 efda29551136fcc4de2ab4092ff02e21
SHA1 a911fb873c1221efd99e9ca330435788aea01a75
SHA256 c491c7db179d23b53ec7f378f280d971d7b96d738187c1377fed5bc8c89a652c
SHA512 e650b8b567dc658720cf74d8eb5cb6d51b4685f208232b9510a6b8739f8caa7f1d5e5e7b20a98b0b856ee56dce86cdae3eb7cf1b83974cb473011253a0af5c25

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\1-1x.png

MD5 80121a47bf1bb2f76c9011e28c4f8952
SHA1 a5a814bafe586bc32b7d5d4634cd2e581351f15c
SHA256 a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e
SHA512 a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\meadow\preview.png

MD5 d10bda5b0d078308c50190f4f7a7f457
SHA1 3f51aae42778b8280cd9d5aa12275b9386003665
SHA256 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238
SHA512 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\configs\all_zip

MD5 ea3ae3b2101e4e4806afa0fecd78ee72
SHA1 9f1719a2bab8afe355bc7329ffdfad65662d44da
SHA256 31086498440a9ab6cb32a31179c2c7b353df49c1b3a67f129cff2b2a9a4a04ee
SHA512 24fb4877ff65681b941ebcc6fe7669e0c02845928c38359487902321cdd6c6646bfffefa26936a235f15c2463cb51212e7ce34349f1d62835ef4af9fbe9f0121

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json

MD5 909b09582eadd71cdfd92d615ea70a87
SHA1 715f244e8c4b306f26649167a2186a598f65f3df
SHA256 7bbd3e9581b9990cd48933c7b6ed0a22216db7f3544daf510b4acfadcab0426a
SHA512 95a6d43d88b88bacc7ad49ea40b1797f28c2fe835f8c5287b13426581088154d952803c8461d6c311520fa3b92ceae4ee9f9328a9e70ceb9b48be639f948cc4c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json

MD5 fda6c7f7660e9be254ef3745b8dcc4c0
SHA1 953062beb6ba234633f1de0a6964e7dec3ba2cf0
SHA256 29660aabd512c66468f36862bf0087855e4c18bee937e9d1a403d548f0ce1b8c
SHA512 0b18601b8771071d601c00a8ecb687d807ca4c785c387701f6dff99566fab72227b9af84a17bf9c40a583c2501d3c20cb93681f4a1f6cb0227e4dd5b5a005077

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json

MD5 4c817e4c2d0ed4b5603e7192da413a6a
SHA1 e70fe2b6c5548273bc00b8863e0752c7bf93ad11
SHA256 cbbda477eaadbaf9fc385bff50dfaf9af360dd82fd8b345209456d8da580273b
SHA512 39a4796f25ee166dd8a079b3556b1e50d9e85a1bad8a9229a428a9d160411c7362fdf05db872ff167ce23f7769de582f63155863bd3e06313d49e71841f369ae

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

MD5 59056ed6f292c396d692c4df62c9f39c
SHA1 68d4b88a4d4ea3770eaefce1d6a7c2361c4471ab
SHA256 f6898aa373621f37ceff948ded3b784ce7ef206e13d8b4b97319e9ef3669a01a
SHA512 3b0dcdd27a4fd4fcad357135743867201425aa1a5b93bb3e1f9d60e59b4511767812ceb52fd700f0dc62f3bcf0eb7972042f5281407be5bb82f1fd36ee6fda89

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\stop-words-en-US.list

MD5 202e1cc3e24e0a76bb1fd8779ddae5cb
SHA1 7566a9437663e808740ef75c9a79f414daa6b44d
SHA256 95984aa8caca82fc5c2ac6721e17206e45f12404567bf05bf397131ab83cef58
SHA512 dba1d7714da25c670cef62d22638ba759add34e26e69666973e26b7e7542b7c04d3694bb0f22ec2b7f89a33e48b3546507a108a385ba5945e0d293f501511717

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\dictionary-en-US.mrf.sig

MD5 197eaa00216af72690c09b8b82211809
SHA1 1e49ba86b771b391b63335fede7614f5ac427f84
SHA256 d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c
SHA512 f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\dictionary-en-US.mrf

MD5 c8a293e130ee93c08592f0f5ba9616a8
SHA1 49e7d245af097bd28af5ffa503858830cd45011e
SHA256 fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3
SHA512 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\safebrowsing\download.png

MD5 528381b1f5230703b612b68402c1b587
SHA1 c29228966880e1a06df466d437ec90d1cac5bf2e
SHA256 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04
SHA512 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\abstract\light_preview.jpg

MD5 9f6a43a5a7a5c4c7c7f9768249cbcb63
SHA1 36043c3244d9f76f27d2ff2d4c91c20b35e4452a
SHA256 add61971c87104187ae89e50cec62a196d6f8908315e85e76e16983539fba04b
SHA512 56d7bd72c8a380099309c36912513bcafbe1970830b000a1b89256aae20137c88e1e281f2455bb381ab120d682d6853d1ef05d8c57dd68a81a24b7a2a8d61387

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\abstract\light.jpg

MD5 3bf3da7f6d26223edf5567ee9343cd57
SHA1 50b8deaf89c88e23ef59edbb972c233df53498a2
SHA256 2e6f376222299f8142ff330e457867bad3300b21d96daec53579bf011629b896
SHA512 fef8e951c6cf5cec82dbeafd306de3ad46fd0d90e3f41dcea2a6046c95ab1ae39bf8a6e4a696580246c11330d712d4e6e8757ba24bbf180eec1e98a4aec1583b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\wallpaper.json

MD5 662f166f95f39486f7400fdc16625caa
SHA1 6b6081a0d3aa322163034c1d99f1db0566bfc838
SHA256 4cd690fb8ed5cd733a9c84d80d20d173496617e8dde6fca19e8a430517349ed5
SHA512 360a175c5e72ff8d2a01ee4e0f365237bbd725b695139ea54afc905e9e57686c5db8864b5abf31373a9cb475adcbdb3db292daf0a53c6eb643a5d61b868ad39b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\preview.png

MD5 0474a1a6ea2aac549523f5b309f62bff
SHA1 cc4acf26a804706abe5500dc8565d8dfda237c91
SHA256 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f
SHA512 d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\custogray_full.png

MD5 55841c472563c3030e78fcf241df7138
SHA1 69f9a73b0a6aaafa41cecff40b775a50e36adc90
SHA256 a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45
SHA512 f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\fir_tree\wallpaper.json

MD5 8a2f19a330d46083231ef031eb5a3749
SHA1 81114f2e7bf2e9b13e177f5159129c3303571938
SHA256 2cc83bc391587b7fe5ddd387506c3f51840b806f547d203ccd90487753b782f1
SHA512 635828e7b6044eeede08e3d2bb2e68bc0dbbe9e14691a9fb6e2bc9a2ac96526d8b39c8e22918ff2d944fb07b2531077f8febd43028be8213aa2fad858b6ee116

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\fir_tree\fir_tree_preview.png

MD5 d6305ea5eb41ef548aa560e7c2c5c854
SHA1 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d
SHA256 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080
SHA512 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\flowers\wallpaper.json

MD5 4938bc67f6e2d6e8faeb7ba9ca8dbc69
SHA1 7600cfbe9d5e6be6a12642670107857abe36e383
SHA256 3bdb98cfc0379426a56ac7813f4bdd4787bea9ee8a65b7914e62226e584ac977
SHA512 27b680deb837cf7831c2d865f210fa1321fe5a2ee885be1dc058916ae0fa0e6fcf9c9f9de4ee86806dd3ab271c47f79ab621741664b8bdce7be117ff52ef6c85

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\flowers\flowers_preview.png

MD5 ba6e7c6e6cf1d89231ec7ace18e32661
SHA1 b8cba24211f2e3f280e841398ef4dcc48230af66
SHA256 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003
SHA512 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan_preview.jpg

MD5 1edab3f1f952372eb1e3b8b1ea5fd0cf
SHA1 aeb7edc3503585512c9843481362dca079ac7e4a
SHA256 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212
SHA512 ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan.webm

MD5 b78f2fd03c421aa82b630e86e4619321
SHA1 0d07bfbaa80b9555e6eaa9f301395c5db99dde25
SHA256 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56
SHA512 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan.jpg

MD5 c51eed480a92977f001a459aa554595a
SHA1 0862f95662cff73b8b57738dfaca7c61de579125
SHA256 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec
SHA512 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\meadow\wallpaper.json

MD5 f3673bcc0e12e88f500ed9a94b61c88c
SHA1 e96e2b2b5c9de451d76742f04cc8a74b5d9a11c0
SHA256 c6581e9f59646e0a51a3194798ec994c7c5c99f28897108838aaf4a4e2bda04a
SHA512 83fb3fe4a3562449a53c13d1c38d5fe9ef1fa55c3006f59b65eace9a6ad4963e768088bc500dbe5266b5979c6ace77874ef11a15a7bd9fabae00ff137e70ecb5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\misty_forest\wallpaper.json

MD5 2b65eb8cc132df37c4e673ff119fb520
SHA1 a59f9abf3db2880593962a3064e61660944fa2de
SHA256 ebe9cadad41bd573f4b5d20e3e251410300b1695dfdf8b1f1f1276d0f0f8fa6d
SHA512 c85fe6895453d0c38a1b393307b52d828bad8fa60d1d65bb83ffa3c5e17b71aa13cab60955489198503839ce5a4a6c1bb353752ab107f5e5b97908116c987e52

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\misty_forest\preview.png

MD5 77aa87c90d28fbbd0a5cd358bd673204
SHA1 5813d5759e4010cc21464fcba232d1ba0285da12
SHA256 ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711
SHA512 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\peak\wallpaper.json

MD5 f0ac84f70f003c4e4aff7cccb902e7c6
SHA1 2d3267ff12a1a823664203ed766d0a833f25ad93
SHA256 e491962b42c3f97649afec56ad4ea78fd49845ceb15f36edddd08d9e43698658
SHA512 75e048c1d1db6618ead9b1285846922c16a46ee138a511e21235342a5a6452c467b906578bdd4a56e7b9e0a26535df6fb6319ae1cae238055887b48963fa6ed6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\peak\preview.png

MD5 1d62921f4efbcaecd5de492534863828
SHA1 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45
SHA256 f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab
SHA512 eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\raindrops\wallpaper.json

MD5 5f18d6878646091047fec1e62c4708b7
SHA1 3f906f68b22a291a3b9f7528517d664a65c85cda
SHA256 bcfea0bebf30ee9744821a61fcce6df0222c1a266e0995b9a8cfbb9156eeeefd
SHA512 893b2077a4abaa2fe89676c89f5e428ccd2420177268159395b5568824dd3fe08bea8a8b2f828c6c9297b19e0f8e3a1b7899315c0b07f4b61fc86ce94301518b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\raindrops\raindrops_preview.png

MD5 28b10d683479dcbf08f30b63e2269510
SHA1 61f35e43425b7411d3fbb93938407365efbd1790
SHA256 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b
SHA512 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea\wallpaper.json

MD5 92e86315b9949404698d81b2c21c0c96
SHA1 4e3fb8ecf2a5c15141bb324ada92c5c004fb5c93
SHA256 c2bb1e5d842c7e5b1b318f6eb7fe1ce24a8209661ddd5a83ab051217ca7c3f65
SHA512 2834b1ef7bb70b2d24c4fedef87cd32c6e8f401d8ee5f3852808f6a557724ce036c31a71298cd0ed601cde4be59ec4042542351c63c4e0ac3d31419f79240956

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea\sea_preview.png

MD5 3c0d06da1b5db81ea2f1871e33730204
SHA1 33a17623183376735d04337857fae74bcb772167
SHA256 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086
SHA512 ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\stars\wallpaper.json

MD5 9660de31cea1128f4e85a0131b7a2729
SHA1 a09727acb85585a1573db16fa8e056e97264362f
SHA256 d1bef520c71c7222956d25335e3ba2ea367d19e6c821fb96c8112e5871576294
SHA512 4cb80766c8e3c77dfb5ca7af515939e745280aa695eca36e1f0a83fb795b2b3ef406472f990a82c727cea42d1b4ef44a0d34a7f4f23e362f2992dbff2527798b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\stars\preview.png

MD5 ed9839039b42c2bf8ac33c09f941d698
SHA1 822e8df6bfee8df670b9094f47603cf878b4b3ed
SHA256 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689
SHA512 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea_preview.jpg

MD5 53ba159f3391558f90f88816c34eacc3
SHA1 0669f66168a43f35c2c6a686ce1415508318574d
SHA256 f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e
SHA512 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea.webm

MD5 00756df0dfaa14e2f246493bd87cb251
SHA1 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9
SHA256 fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13
SHA512 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\mountains_preview.jpg

MD5 a3272b575aa5f7c1af8eea19074665d1
SHA1 d4e3def9a37e9408c3a348867169fe573050f943
SHA256 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8
SHA512 c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_UA_

MD5 1af7c65a09f5b23c8919656a631580db
SHA1 c9dca1523cc25f50bdd8d5ce2d354abb40cf6e5c
SHA256 71f09d4dc7592990580ad74d2f5262c29f98f72e11319daccdbcd1f095cec3f0
SHA512 f39f7490857186663577af939c802757ba35a8b15fd0d7acc9786779f5cd2e179dc41d5b89695abaeaf1b6acc9d20b5754e6201f2ffe55c393e8fedb3ac24eb6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_TR_

MD5 9aac83dab47ce1228e8819cdcf1cceb4
SHA1 c3d60af194dc7be089ea62750ecedbb6e5fa16fe
SHA256 199b7586e0d25718342e3657eedbe81d20968759af4a8a63b04eb9ac6ee56d5f
SHA512 3cf47d3c13c752222a34a94896c005db96927c2d5d4c132655bd7a84bfb9607a0feeccefbfae8e98467cd8642c31d843bba4c6293007ef071d91e7dcfc8bf1b3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_RU_

MD5 fbd7c40aa538b758a4588a07e88ac57c
SHA1 af30b54822bbd0674cb1ea9a51be19b7a78d43b4
SHA256 4ff2f383821f2e77878e4e624aadda8d4fc942e54803c69747da41c9988919c8
SHA512 bb183fe4b7f197bcf1ef72b5095cf41065f288c1426b006a6b99873969592825b623eeec51642a98fa783f6d7817766747a3f1209c8344559d21614f12c58448

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_PT_

MD5 0dde45f225a4290e59bfb55c80d4a51c
SHA1 3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e
SHA256 8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40
SHA512 d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_KZ_

MD5 7a9698fd54deaf12679dfa246adf5b60
SHA1 e824691b404a9aafe617c9c88e2063aaa08794bb
SHA256 8ff43d0de20a9e37107bd6428d6ac41843fe4f8261b00b8cea5792b72e365122
SHA512 805d72d8ade2e2018e7dba83bfdc292b3cdc4dff9746e717d74f5955466e55f67f8d03076bf1a6c5f8be37e77f8aaf855044b8b28a0e7f39580dad009fea4e8c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_JP_

MD5 eb6d55790b6164b73e275c2401ad0550
SHA1 5c47d0c866925eb05a4b59986921ed60f8a612c4
SHA256 61f5b2ef85394c0034cfb05b650d7f4d9d79ffa87f2f6448566929f27a11411f
SHA512 0d4915979764f168b320e5152adfc18b186c5c966a3d42ba02c81bd5041386e08a89c818aa79d1c76304a3c9a3971982d5c97fc0493f19c1f283a64317acf9f3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_IT_

MD5 da963f528183e2c335b3523c5b5e667f
SHA1 1b63bc824508cc978916ad6ace199d8058ef53dc
SHA256 bdc01e40b4ac8d262d616d31bef7d8bd2784c918ec9ea76e2be929bfb554585e
SHA512 8e1dca38a869a00bf7eb86b4173850631b1085068da2b49a184ef68029e03b8fe1906d8d0df2f6a5457905570b6dad57191a8175d6581a50092d531bda672e73

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_ID_

MD5 2271cc49e222c5fd558572fe9d7808b0
SHA1 6dbcf76e96e67434b8b9f294a61d1185afd9cbba
SHA256 8a4d261a6344c0eca555038eab21dd54d68c3cfbbe6eb11e7792c33f12537d03
SHA512 f3c5b9480dda3b8d7d7c36e5b2d4084c776ddd92d3a1e8086b9bb447486060ba07fb3d7ad9c8a15421d19b82b4e61f60057e94da726e5c8a7362438fa8b1961d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\web\web_preview.png

MD5 3f7b54e2363f49defe33016bbd863cc7
SHA1 5d62fbfa06a49647a758511dfcca68d74606232c
SHA256 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8
SHA512 b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\web\wallpaper.json

MD5 e4bd3916c45272db9b4a67a61c10b7c0
SHA1 8bafa0f39ace9da47c59b705de0edb5bca56730c
SHA256 7fdddc908bd2f95411dcc4781b615d5da3b5ab68e8e5a0e2b3d2d25d713f0e01
SHA512 4045e262a0808225c37711b361837070d0aeb5d65a32b5d514cc6f3c86962ba68f7d108bf4d81aa3bf645789d0753029a72c1ce34688a6d7af15f3e854c73f07

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea_static.jpg

MD5 5e1d673daa7286af82eb4946047fe465
SHA1 02370e69f2a43562f367aa543e23c2750df3f001
SHA256 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a
SHA512 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_ES_

MD5 1c5d71e5a413ad550a08fe785f11d94c
SHA1 6c90db1ac6f5aa58202ee350f4e53ae3971be2bb
SHA256 e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643
SHA512 5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_CA_

MD5 f8495a109372348b2f3aa8fd41fac4f7
SHA1 77c42c500e5a0889ad83d7693c6988b091a45012
SHA256 3b5a77e2a5d9bd96d68ae95981d82aab133fca44110622fcf5ee7e12dd667ebd
SHA512 19126463e599d7a41a7b1815ca8176a7aac922ef39807c262ae15671bb49c0244e884094b361a20554c08e0aae028155d6608f080fd0d72ee12d36185ea203a2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_BR_

MD5 6a8fa7f8a6893d052627cd428d1e3237
SHA1 81422d8c739a136967a6bf77167bda1afee1280c
SHA256 71e8cdfe763f3479b399ffdb8dacd136e118c52b9d980e75e97a41e592cd258c
SHA512 86bf094a4b2d7d13ac1d9d872458ca88cadca6744a638173e0425f4eba5ff624343de2c9b9ef38502174847e0b4f00ce768c7fafdf8e7f8a9ad1d1c2fb308d42

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo

MD5 b8aca2f09f3c9ecbd1c848007c3fd8b6
SHA1 e81fc8e2512026f9df9a661529a1e7a9ce0b2ba3
SHA256 a3b688dbadf99ba57652809adf074bb6e441895d0035983fae33912128fdb7cc
SHA512 df4eae94ee9eee02ce2fb7ced9968d9f644369638ec1ff392a15a28c89e4ec112aef966260be4072681f87145eee1460db1ced15b61798e3955c10eed3454a38

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\sxs.ico

MD5 592b848cb2b777f2acd889d5e1aae9a1
SHA1 2753e9021579d24b4228f0697ae4cc326aeb1812
SHA256 ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd
SHA512 c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\import-bg.png

MD5 be2acbae1c7b09125a85c5517a7dd70c
SHA1 091dbd354f830ddf74258b337dc4f7177a860d1b
SHA256 d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010
SHA512 dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_ru_2x.png

MD5 a6911c85bb22e4e33a66532b0ed1a26c
SHA1 cbd2b98c55315ac6e44fb0352580174ed418db0a
SHA256 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23
SHA512 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_en_2x.png

MD5 900fdf32c590f77d11ad28bf322e3e60
SHA1 310932b2b11f94e0249772d14d74871a1924b19f
SHA256 fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9
SHA512 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_en.png

MD5 1376f5abbe56c563deead63daf51e4e9
SHA1 0c838e0bd129d83e56e072243c796470a6a1088d
SHA256 c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62
SHA512 a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json

MD5 f280105a60cd0f68ac8885ee7091c157
SHA1 7ce4f76981b6702d1c483317bef3b9b8b5559153
SHA256 73d889a5ca1c254302270a1703f1e14b4a785d56e931b9b928a40c6a2ec16167
SHA512 1f0c4c6ef7941ac48542c51d6aae315fc3bf1d3ae6c175c51cb4ab22d2536986018f2c5e44c3d3a7022ecb93caad94f5acab4a0e1d1487d1581ae2dd1c4c70a0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 a29564082f5cb90fe24ccf5d5430ddb8
SHA1 2e5f461c8dbe4aac0dba727c794470550bd74208
SHA256 86a696157db6b7b0368d803f4f9332218164d7a12313617a85d9a085f244fcab
SHA512 9ea86260a3d40bcc5a48f579a1ab26cfc2a93298a27ace75103ec476b92c8ee5e2b9e09db53037933c2e3e8ed488431e55c9470aadaa7fe8a7d69d41652134cd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Yandex Profile.ico

MD5 e83f8ddcd8a44db1f17574eb0f501331
SHA1 0b30ec881ad62158f896ea47f5c70db3806aefd6
SHA256 3bae34ca8c4ca34ad7177a57d3934891651bea573f72a7da8cdf004f897ffee3
SHA512 8a246ea1417825e1de0ee26af667c849175659441dac4c9f115d58ebb68abaac9245b231d787edfa72384ebdf0f170e871fca352b441faa41bc2984bc1a56223

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe5a13c8.TMP

MD5 53244ef3cc1c2c0f6754bf3644b5d671
SHA1 7eb842245d7c84ef4c8baf1a37fbf5e81a8ace21
SHA256 8e877825ab3bb548f0eec1492b83421456ff731b5c91b6e9a4fdea9f66e5491c
SHA512 8a7ea48fc756bc72cad2713869db80f3a29c6500aba3686435d0f1033e8cac84094b24f72b4d682274582cb685997aff7d13ca4e912261b4f52a37f1020a5131

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

memory/4428-1262-0x00007FF9E3100000-0x00007FF9E3101000-memory.dmp

memory/4428-1261-0x00007FF9E3810000-0x00007FF9E3811000-memory.dmp

memory/1920-1207-0x00007FF9E3A60000-0x00007FF9E3A61000-memory.dmp

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\878715c0-df3e-45a6-99a6-4370a79196eb.tmp

MD5 156f28f15aeb6f8cdec3a6a7a5a2e78a
SHA1 b24775ba128ae0acc98910064041f254b696a23c
SHA256 6c25ed7fe03aaf96f1d7125ed229efaa7ac0f6f853ac9c4fdba84e7e56b0676f
SHA512 3f230a1394f92c71d39c526563d66eeac511d3ac996729145d8e15c25016a67a1b51e650595f72aca6449a58d592582094a925ab178a2a9d9f6176cac90316fb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 3f00c1d6de0d2ae9eaca9be998afbfca
SHA1 7e72e8c13ef17fc755a8719852cbf97809450963
SHA256 78864c568fd909c8128e6d5114c3a8c376dbd615f9830f13e1ac64a7cb2ff7dc
SHA512 fb914aaaee3c33bda4046e5303abb87daa7ac6c0b3a150eca87d19d7e65c8e7696b92a1038a7d6116c6151ce5fce64a25de5350dd39fd3f1f0c34462401504c4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences

MD5 1b96ca0a59dc57d283774738b6230767
SHA1 ff3166612bb256f432c54324b201de9518f7efab
SHA256 26f42ac55e6739d56b00f701c4a18cd1355dfd3c64ce78b758b01f320ae4ea9c
SHA512 28a15732a1ed7317bc7d5d7f0954d6cc5e27f1bac2baae00f2f590e93a81f973fc9ee9220d0213723b168f5e58e96a440d3fc2dd7b93ff16a580bbd3a72601e3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe5a16d5.TMP

MD5 df0e468cc7cf587dc93d7a545a86f959
SHA1 635581aecf3d8723acd6e7383c5bb917bed8167c
SHA256 81b44a760ba596ecb7188f770ddbb90513b2d2ce77384804c491ae8541e1761b
SHA512 221b081995eff808c9541042c946bb4ea6427d28e332423159b419c5f8196df394e5a3fea90ace00d4ac71bcc5e6b10eb937b47b9d869dd6a4d6346216f51f3b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

MD5 7655de30417be44beb217273111fac97
SHA1 ed5f081d298f554ca6b9d42d77b20523d8eb665d
SHA256 b27acb468a28b61618880dafbc4d49ac293e545be6cabfe157d96f69a2bc1472
SHA512 6a0b1ed36c004e21bb7b7996fdc51d4025ef0daaae1420d2989e32065cd2cea70a62ec36f360afeabc801028fc920eaf21c42efa3ebfcdfb143413f57d95bd9b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe5a1907.TMP

MD5 a66e4a45717a3394a0998bf3ad3e597d
SHA1 0615e3abb7906334ee09088d16e975583b3befbb
SHA256 044af0d3bae874442d7a3fbfed3b07d2c69a2ffbad1d4ed48e82ba8261d895e9
SHA512 d47dc2efdc4377c0032e7ce3bc5927c013428e330956e4585cbf6a2f30728397976c72d2586a4c892c64ce71e4942ecbbd5e08a5980cb25247eccb4e24e3842d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 a0ebfef436e83fb6a4a215f9096b98d7
SHA1 a0ccb09254727e8fd651f7133735059aa507b3bd
SHA256 4c9ad11f83beaf250c82fd4ea0bda152b0f534d3d736f90a441df91ff7153e8e
SHA512 05ecfcfabb99eab35aff1180b652d5da4048374fe79e027090f8491a6e54703e0f86928b7d3ed43e220fe6165f9f82a27788c3fec84cc77324e598273cd99df1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\256.png

MD5 1535a76a498b65bee06ded1c5f50e4a1
SHA1 018661eeef38f3d500aedbfe207d832b0f90a42f
SHA256 3bca4e4770c35facfc30643c961cdd582df578fbe5c8dc4fac0b58bb11dd4e5d
SHA512 87005610e053dde9f81f2f86e41170b6470678a8dd6963b0bb979e1ae0c493c204f93fdc002a4cf76d17bf627750968802dd0773afe5d5cc6a8fbd4a8425f3bf

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\128.png

MD5 e4e50cc5b187d2c380bd98cda0ce9140
SHA1 4b9e71a015e7201eedec8b1cd51219b18e232eab
SHA256 b7e5aff778e8930f415ae444c9caa6fc4eb6a26bfee7d80603c6c69a645a2702
SHA512 fd454ffcbd68f1071dd5d54a221b3f41aee88be38b5acb63bc285d04232da9d13fdb9011a85f87c579043d7987f0863e6ec8b3ac1013454ee6bffa5acf4e67cf

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\96.png

MD5 4f2707f07034b3bff67c301f7e849d2e
SHA1 3c3fc972f9eb7b670d94b018356a78067851c2d2
SHA256 ef2af430071fedf5ca3a58ee3370ed517aeac8ed39860cb914c69730f9dec188
SHA512 1ef91c533c93ed39246514be9bb4817bc553f755a08c0f36d6f0f40c31a73ccc1003fb422e4ada109d15048c80abb7da2a13bc5a5557ea189bd528c1e3a9cb2b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\64.png

MD5 8440c3597e83ff1c7a7cf59556cf5a2c
SHA1 cb5f1dce00457d8475dae15df3dd71f66c43060e
SHA256 bf089d45819bf9d044583525c34ec0a1199fbd8ae1858f8d3eea07ee332b2a59
SHA512 5b00af8c7ac557c8bc2ec9f9afee1e91cf06c33ee3deabfec7dd4b382a12ff0a942f90c501c44e66b38f38e448b465fa55a8c74e8afbb357e3c2e1381aef4628

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\48.png

MD5 d2febeac064e50019485b7eed903fc19
SHA1 83d85f246a6cb8d55d7d159a82163cbca82a5476
SHA256 086dbea695a07a1c9a128e217c75f33feed49be7c48b86987928ed1286145994
SHA512 592d28728d6278ea1a7425122c88a556e4584107bab883915cd5a7414abfeec2f3ca6efa89b78147399a12943261a80f1931d721363e52e82afe0675a03c63a1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\32.png

MD5 b2e115beeb708b1128414a99e1364795
SHA1 7133bd55ba21daa3a1309e89e4ae6add3c7e582e
SHA256 db9a7fa18af97a9ed6d6936b6661da6d5438f3580191a879079e444a1675405d
SHA512 3760e8ba321ea5265ec92340768b2f8f3247b97751f7998c48694e7890c3521bca126dedaa26272b0b570f2e4338e42b6f377f9afbe581ba7a7d51730379bffe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\16.png

MD5 4ba9bff449aa818bd40d00277c088df7
SHA1 3fd8742ca57a086075239e1c2f76821177aac653
SHA256 1532cd8dd902ae80ed72d42304d8a43194cca7d18b0c993fa4ac938a8631b702
SHA512 8dee24d83ceabe5728dc4cd38f21de57ae7355db34818976d117adfe37e2687b8630d353dde0d5815354c63b75d960769ad151d0717213924b1a8a1abb406573

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat

MD5 6d23d73559a1b02e5c2bfe6022dede82
SHA1 5022b47ae3f20f63f852e7c3092d999595d73efa
SHA256 2ad19a516619bdb7d22b9b72586c39f9b245ed8ee79ef5fd9084a2e4e96182a7
SHA512 3871a234eee506f879211a6bc1dd6012e33c1277dd96aa1d485af8c30428614d859ee4185fc5f0cc2c3e00beee537ee596c91c2f48ecd7ac188181b39ec67480

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

MD5 e7bf511fe1e5a218175a4d8775b748e2
SHA1 1aeb1f6942bd8dd9502e86e1384bed1b9fbabe15
SHA256 3055eb54d52c6a58e851d3c344f0863b55a8326a4181533a06537ed9608038cd
SHA512 0e48b702c23ffcfa595c10939fe939c99971db3895327d994f58094d28b352bfa56926c1c2a635f0ee50bd818a7d5e9c0307eb4d86c52b0f340720dc26787e28

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\0e8e2f22d40226da_0

MD5 97cec0ad21ed629a8633ab3d83b25256
SHA1 046a269efab781eff64e8208f1043eeeb2b6f958
SHA256 accdfcecec86263164dec787c1d81d23de0b273cd5a90ba554492e4845633417
SHA512 41ad35ad5d5eae83ca0173e064f87bfa2bcab38c33d09a7222a345a4536c06012253327fe6dfab507149975ab51c24610d592b2912fdc0be35d1209265118a32

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\fef132170d47887d_0

MD5 e0bdf8522e20e956c5c1865aea9b9868
SHA1 9ecc21586f436f316a1fe6d980a257b2092fc1e9
SHA256 194f70947de7fc73ac784d63e235ebb225702d0ad4b462e6deee49003906680b
SHA512 807b0d6d87d53a4c9f8ae54217d0838dadb80ae60ed583402c099faa8838fbf22c134183937dafcb451fcf670ab2a7b1a02a9dabbf0c886733789c65cf125a38

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\593066361082d420_0

MD5 253707000a9e1d7eda4fa53b5c03696f
SHA1 4d10d7433aba95d582ff6a0e30b5003bcd49e833
SHA256 460b69ac570c033d5ed7f48b494db67e7d9d299eaaab6fb91105024992501f7d
SHA512 d5eaff063fba19dff3481ffa9f3b8d04452118e882f65e5818332937e04c0034d8c7c43fd320cd70f80d1b48e470d4e3308da0f78de7a3c530892b9414cc3591

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\64318a514819a736_0

MD5 a82c3fb689779451a1587c1ea4b2ca1b
SHA1 5dc3c5232c709747ccdc2dd1425ed0efb0fc5f7c
SHA256 2fc89111c4e65ee5ca121233ebc780f155440b39ea0872e8a5aafe16d718b45e
SHA512 f36cd5f7ecce9272d5ddcbead78f6165a6aa35fd7ca61b66e3cf424d37ec377d3aba10a2460d69977e33ddaafd1d2b25d3c8e9df536e869debcca897c21fcfac

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\292fbdd019f435bf_0

MD5 ce49ffd96f3a0f37fd409db959c5542c
SHA1 3603990c7bac5671509d136950c14e43bdf10db4
SHA256 8775e72567355d67ab5d1103b497b20fad47c61be6ca754e58f69633891a59f1
SHA512 5d150812ecb4e6b38343be33784da153c21a7b8cd6593398cb2b2857e300d9e1496d0ece9cdc600f8ad482e184e784d20420cfbd2add6187bcf41d7659aa2042

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\88a052183f2a4b12_0

MD5 a24ec308005470ad8ebf021f60f34c4e
SHA1 73d84ddf6a6dcf42cde5ca155efd7c2495aaee58
SHA256 a9500fc6c51d69be22f6c594dbe92c0eac32a505737120663cdad7096fc6b721
SHA512 3fb3d6187fd1cb40997b1124c0d3d9d6e64f77a465a439bd49d47c0556c28c35e226049f48d1dd46ff9bee810ab788f6131d522c86c7a31c1a6dfb97ff8a7998

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\de3b030126695833_0

MD5 45d06d56086c9b67cfb8b52c8d806ba7
SHA1 a86a2333ec99715ca6352e423a74a84d13b13036
SHA256 8aaefaa38fa069c69851f3261fbd6234352c358baefc9c0c1427d1483e2ef667
SHA512 8c263d46a5384923f5b71e73da8fdd34814b59fbd22f48c60867a68951161af24be6283bab67b68c86ee0ad725ad7e8c30c79b5449de3a7071c9538925b54283

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\25fecb7eba1124c3_0

MD5 df5239903c20374d11f3c757a1bbbcfd
SHA1 7bd4c2d2a26cc4f06aac6089d84822f7e5298d2f
SHA256 bc1738ff3d35f86808babcdd3d8a11603cf213e3abc907b8a9df133d9630856a
SHA512 f4561d450735f614cb4a2f14b23fc6298124f060106a1ad6df1176edc908cc40c91a69baff848f37ebd0c3abd8fe8709fd52d7c7d38fb07b2dfea5fb4c87dd3c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\26986cc774600b65_0

MD5 e639c233ce080d788d8f0e6a3477fa48
SHA1 3a27ce65eef3d1461e157291d45aeab1bc7b0438
SHA256 5711ea052329a3a27a73fd195d33f4f1016649e6383167bb0626b07a070034f0
SHA512 55320631d4496c4320b1728ab4273cb263983b3d5ff423a9876fef2a2bc86f247f5c4bc4c756485609f2ab3b25ed64ad0421912b43257ba875df210c20450a90

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\6d861d3c5a9afc0c_0

MD5 d256f73305bf5d044358e64ce8986a2f
SHA1 e28faba7f00fe14ab0642b19af0e4833bbe05514
SHA256 6cc735cdc0f34a8ed614d884f8df4adc1c50d7afffad3668747103090a0d9cf7
SHA512 2a9d0b0b7185e6be42a8d365813e2cc9d2a012e392c69bd1972a7a3437511dabe37054c8c4f98a0e9bbbf23fd7f80766be858b39d75b9273a3a16e88d7104154

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\5128ede85833242e_0

MD5 bee1c94006f703548bd3eb0ba17230e4
SHA1 1f6a91404255ddd024e35048772bfa57396590c2
SHA256 d0f016d16bb9faee831f2713c2b2f6b2ea40ce29990a0e9f25c8e10f24de5fc7
SHA512 7a6face339d3f3934d78bbcbb11e4f716130e51d806eddc8b57502acef0b434f34a8d92c02815ef7fbdbcf7785af0183ed8761e190ee6e449de2ebcb1e342e29

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\76c5a9253784477d_0

MD5 ea4c4341414a1b8b7708a09fa57068a2
SHA1 9f9a55bf5ac9660ea5641d0e12ab8355b6fe6257
SHA256 8ec6356ec1673d88a3612a74742fcab1041770f67cc909601eb11c4811c707d1
SHA512 83346274cddbb2993dc3821ed4e21dd24b851066de31be27442742f5b1d5986b0e0799b789e525239111c6c44080e8e7b8906d1210d3d221ab791b7de2cd9e0f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\72c2e20ca5d250b9_0

MD5 fe144e8a946692c1fdbbc1e94d5aab9e
SHA1 8e93027375dce95f4373e2c38aa3c57634240d48
SHA256 e9532c23d55b0620c0a6dee30de083b2993c5fbf497fec4de854cfb1262077af
SHA512 815b2ee2e1ab7c5bd4098555ca948b37e473671d6189d1aa8fe6ed381453555b80fd4f118c74cf58e581c33d4066eab4552673da52f5aebb1fe87c1099cd885b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\9c1d7216fb32fb2b_0

MD5 c79374430f99c63078cd9dea8669d627
SHA1 081ab48ee9093d1b0eb1cc5e773a81a2a3c431ea
SHA256 a2b872d715662ed1b369c06b4ee179dee8036e65dadab70f7753f8cfa143392b
SHA512 bdba70c40a19dc1a47e2c2efaf866d8547f810bbec627956652a301df789e46aee9f50be1a5fa89f447f89febd829404cfed35a60706733dc2122e5306add136

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\e7d083353a620397_0

MD5 400d22f91fdbd17ad45b1a39743c69dd
SHA1 fa38d5d97dda5336895e593dd029d224006b242a
SHA256 f3f3a7cd6966e3aec87065042f6b1efac1747fe68d3f676c9a16b86c2dd03fa3
SHA512 6ec61a1a277acd448a7bc0c8539aa06819edff1eeab5153e1a6f758309d93d1715bb3d3fdd1c8b01a101203c2a09d356efc2690f47db27ce08eb014d685d68ae

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\2a9877b782e7616c_0

MD5 39846803ac3f83839365ce751d1870e7
SHA1 1eac7e342ae8a1cbb09e01c2f2e658b06f45458d
SHA256 35a82e2e896ab0129a3a01aba72f20af0a5d09dc351c6d0250cd849c15dc090c
SHA512 063dd219c835a58206254301a7ac896580efdb6f762e0f1d81a9ebb56a19eb1bb842f87d1e233ca42d712f30881d9657c98edc3a1b0cb351ac986cb29444647d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\1ad10c4bb9e37138_0

MD5 e57ebaa421abb69c998b1c801b8a213e
SHA1 386a3166fd447d1ec8bf1f8daf51d81b4f9020d6
SHA256 fe43fa74b6a6c370af142d7ab14d8d89e610923ff0a00a5a777920e4c9d6fcff
SHA512 5ffbfee9970bfa19ff9242b08870ad1b4d3690363f05d7af792cabced98cb27fdafba3f1161f4fc1544ca34da1fa3ac418131f5210e3452e376456ed57377cb4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\cd4004d6793712fa_0

MD5 d8b4c2d97d843da3f576599122e45bf6
SHA1 33423ee82244450056292e4d46a0ce2c8abd545b
SHA256 1dc739f09ae3c59b424c64ce51e701117cb878852a337095309c4589c0b4b8f5
SHA512 06d8324a1e1e7516d45c6c825468a326286ff47cf5a85007cbbcee64643264b0e8243abebd290c2b5b45526aaf677d5176481c98625e0a22ed58bc62f95e9bbf

memory/1920-2430-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp

memory/1920-2431-0x0000027A755C0000-0x0000027A755C1000-memory.dmp

memory/1920-2428-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp

memory/1920-2427-0x0000027A755B0000-0x0000027A755B1000-memory.dmp

memory/1920-2429-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\ae662e046f7b3fd9_0

MD5 bca4c558f9dc9d4becb164bfefb0b8f8
SHA1 a735452410f3b870f7017d0579fea61b3326046f
SHA256 2f2d589a50f51e990d758f9d552076e0fde5f9ce9b8be781465f86c3fe1dc810
SHA512 e85c68f22871ebda2d559a22ed0056afd3631f75b4ca09e89da73fca2f9499df7e32e106b3f7227db2529ac93fe375316ec8f3c0501fa794ca60ceed4b645798

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\11b2a035e28b3e94_0

MD5 813361932b486b0dcc95b6ccdac636bd
SHA1 544e770f3050fe551f2b027fcfcea75d7945bc2b
SHA256 383836a0a9b32d9dd4994ed625fdc3b0b5106fc4895a520f05b0f5572dcb8009
SHA512 421144f48f7972ddbffd709bd5acde5ca0de25060e46a09ec64fdefa71e2bb6a8b98fbf98ca65a5635364e68014818dd1c5fb170c0daef8e75be609fd15e2eff

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\261779a6811bbe41_0

MD5 424153b88709940239d633ca57cd032d
SHA1 8140ee5d1896cca484d602a6abcdd427e56b3f55
SHA256 b186b0e70c9dd55ef860e556c063a996b5ce676d56e968c6d66e1b33e987b754
SHA512 40ab2406840a000a82f5495c48be66b0087289ae256d8172ba60225335b2802bad9ba61a62c20db8f885d68b1a36c0df61d4d35d5373d533f5c54b7ba956b2dc

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\eae1176e3e946f64_0

MD5 30f0904f7e6562f13afc6723f0e2aa99
SHA1 5e46ad2b171c32bb473c58253cb65565e49c05b3
SHA256 75d9e883a0924cee00e2aca5a16219da845086c2d9c31fb7132b6d03eebe4e2d
SHA512 f81da25095b08567b64a68160e9d0341ec7e74fb17907a77c0a4190d89908b9946af761d8eaf50afbe387b2e37e9536292c449f0eb72ff48336426b934404a66

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\dcd100f566d000a0_0

MD5 aa44ff5d3fc20a45b973649d2804ef6c
SHA1 dbf61de0d2a646df9c9cf4307c23f867d5f45648
SHA256 8c44591d4861f4a2377b41396d7219201bcecb733678889213fa57ab89042cdf
SHA512 7e1d16fbdf5c39b4968cdf74ecc797c3db3bf1d6a0629fbacf51e7333570e0980792bddace388b964a3494afc001f02d97620bdfb2c2c20a368fbade29a487b1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\a2223359f092e089_0

MD5 518f51e78f977c87818e3d6fae124e26
SHA1 a327fbadb7ca64816e407fd302eb00d5e09101fd
SHA256 a0bf8d641eb67b664a1bb47745f05e70cc6fe643a4819d4d8c90972df819a962
SHA512 55b630fd4c84475c62bc598131cb1902a16b4f88d1f698ceeb628d0ea450465dd3cdd16758779dc82fe64003afdf6e7335362a11e369fad4458da0a8634ce183

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\8296f0417b1dca23_0

MD5 f65459811d66edc1c7f5099694ed225c
SHA1 d8b35bc139b8a428ff2a10e05efbeeb74a50f9dc
SHA256 2a74a365c812abc80636310066ecb8df6135045f9ddb6e375b9b9979232267dd
SHA512 7405709e69df9ae6f3f4bc9da688e9acb849e31e53a3f3ac2d989febc6cb839f624707e5bf9cd6d98bd3d54569d4a19963d2d82db09d2fb0522ca207b9289c33

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 b258a20473ae106fd1e23df9c9778e88
SHA1 568dd0b5a31e5928b0e8268077becb4e23066006
SHA256 b413f4fd69b9cbf847ff54af4e4fa42bc31d0de643fa26b5e809be170f3b247b
SHA512 b8dd2b273ccc69f0de23817df2e36888d7548f1d20c6054a5ed97b58c6472f07b3c7604cf6a79bcac265c055047e95f04711a99f43ea1c2121d8e3e11f7495ab

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences

MD5 9fe5c7dd02c3986c3f683a8843d541cf
SHA1 34597613d28c95d996cc421df696c3f22905aacf
SHA256 b3c9f7916384fe7a910f2c01912418439a9939e669c7fd499facffa60f48d661
SHA512 ec27995f2e2f15678cdbfb7595a07004e3f362c0b919b25cf93ae20056ca6194c8b816985455b32619c39d79efaa5458d5bd1c335ede73d30458dce45ab64333

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\YandexDictionaries\en-US.bdic

MD5 a001803a541e9423287f10e04c308458
SHA1 34f61dd4de2b813cf4e83973883f92a4dcaea375
SHA256 dce332b36c0d04d42f2811183b690c1018753fbeb0253a06ad27340bcbcc098d
SHA512 54713d13d00de040bf12111fda4d7de1086abb4b7dc73d6a7b27a4d7772044095827a4b070d8a13d195d9ac064a7b18cbc1b1ae7e09e79dd5665e35781210908

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\YandexDictionaries\en-GB.bdic

MD5 0219b9e35a405b78aa6a883976d18e7e
SHA1 7fc3859a80368155a247312a4a891632ae102b8d
SHA256 160aa12638debeddfd670c37415a40bc49004a7257fe8921642b4bd7802d6f74
SHA512 bd786bdfe2d1476c8b88320110afcf97eadd641f728c487775b87cee9ff31fa7f13ad5200559b918db7b9862f5ea99e4584b4020643bab5e5369af9e0cf6c6a9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\google_import_script\24.4.23.0\script

MD5 b807ebd3002f71c1de6deb285528a920
SHA1 14b2c18684174abd078600bc9ac95628c00ea952
SHA256 8b44c53ea53b3ff1465263dec2380c68e88e4964984dbdc1497ff2aeedb010d6
SHA512 2885e6e91a8ddb346b15ee22f8bd0ea4735314d16a7a480c999b890fc3fcf68e5ab7ee137c7e788f1652f889f23ed920e70cd58bd9300a1e0af44babeeb9fdab

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\google_import_script\24.4.23.0\_metadata\yandex\verified_contents.json

MD5 683c4594670f2cfde98a198091bf1889
SHA1 3d6e271a452024422213183980bcf510226648ec
SHA256 d38c186b9c02f7db4aeaa4326e5012470c3eaffc1f40553761b5db62f6c1d344
SHA512 62a24ff8f7d2fe1f5fe1793719b2e3f964ab97552e0c75835f299c8ae3cdd4f92ab71c3c4baead8d234176e96672baa787fdc043ebc2686f6639cbf494c7ab4c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1174149641\manifest.json

MD5 29012066e78d4e28ea709f43e49c9cc5
SHA1 88c04e80be6ad489b271f3f86a4f1c6d29c53f67
SHA256 711594a302c5158486932dc5a5a080a8e7d2542a8c36da00cb8cc388a08a99b1
SHA512 d4dd602aa722bd46fd9477e7b167e65285003594fd6ece49523533913e8281a4bbe1d971fa7fbbb0baf3944aba1d19b5f3a2c6b56dc1101bcdc6a53905f511ca

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 922fe2c0242d155b740458388b99c8bf
SHA1 28226a297ff85a341e134da4ea5c928177b99291
SHA256 2cb1573d9a9801a2942ad36bf79996af7736fdbf03163b176f025c69b825cd5c
SHA512 fe4e94f87622a2fab1ea1a5d8682a5e0c2b8d73cb24ec9199b92f2d83de67e174da652c447a18457fed65ee1ecf424b6275396556d39aaa8f356e7a178914680

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760

MD5 17c227679ab0ed29eae2192843b1802f
SHA1 cc78820a5be29fd58da8ef97f756b5331db3c13e
SHA256 d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760
SHA512 7e33288afd65948a5752323441c42fcc437d7c12d1eaf7a9b6ae1995784d0771e15637f23cc6bc958e40ea870414543d67a27b4c20331fde93d5b6dc6a59cbaf

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1361809516\manifest.json

MD5 2648d437c53db54b3ebd00e64852687e
SHA1 66cfe157f4c8e17bfda15325abfef40ec6d49608
SHA256 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806
SHA512 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 dd8881b04a3a42ff2f03a00fbcae8c09
SHA1 d3edbe7f32360bcc90f075ee15d1c664b6da0d10
SHA256 a72e976ed18b7ea3618cb3ef4126fa9071cde32d66a057a92e2c605a9cf7939c
SHA512 bf52d961301f038a301c07e1f7f502f97e3807ad06f78e6c9c84c9d22924500e06b839ba6f8399a593d185d6994baa897924d6d95fa69a78d99e0723dce41e6e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 89211ab77b1c50aa32ec9e2b5cc2eb1e
SHA1 b791fef2ecb8f0d1416b337dd5eb00620ef47b13
SHA256 69272c4c5162b8e63cea1b555993003c6e61df93b6127dd68ea0dae51d0cbcef
SHA512 a0af2c7c380ff6b577a195451906264d180283dd811a77157f552233f23be3bc78b09b0de2e400fbf1582538b4498c48dd83f570aa119ad9412181ef22761741

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity~RFe5a76a8.TMP

MD5 369a738a7fdbe939a0ba0647fd4a8b21
SHA1 55a1b357b3ba75da8cc6b9f8e0fd8399b1aa8d52
SHA256 12ab3e66991b34cb00c7bda6da1cc131af7303a94a26574a1ed495b796b9d116
SHA512 4f54cc2f3e47b0539eb8422571ee6b1e33e8bd519aecc9254da9730c4d3329e609ae53a39308d471c1fb3d551e50feee5a28eeaf0579097a05109eeeab98f761

C:\Users\Admin\AppData\Local\Temp\yandex_browser_updater.log

MD5 9323eeba4807c8127c53f419219c32be
SHA1 8a5a25cc327f3b3c48e1c2549bdac024d1c0f224
SHA256 768862ee79443cb27f7f72a24543fb0f9a9fc600927564518c1293ad3c1f99e0
SHA512 ba302cd3efdc44847db8537c6345aed19af403095f7c460ca9f3ebb61bca59dc8c366b14d20b3fa8e8ea63a65e2c97800178b91267d63819bf86642133fc2ca5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index~RFe5a8648.TMP

MD5 48372170b73b8f00f658962b0665d7f8
SHA1 3edd53c87cf6b64ba0143a0504e03d504c98f6b0
SHA256 85c7e0c2c32badb73a36abac4f275910ec8d149770cb6b55391d17f0687e147f
SHA512 d813a3bd23c0679b5555137fb8176816e708f62d37bb2f64f01f16a7ed8b9662c464c16dbc4fed074a525f56c374e3dd0f022e8927bd21e46a2001875e9ba227

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 51df11bb0df4722ef87bce792e95789c
SHA1 cfa37975ad1575a62d74b0acffd2266080cae8fd
SHA256 17f04dfcc7dd3c39402c8161ad7c45ee85efabb9beaf39235bb6e75b7e00ce7d
SHA512 f7a11eed640f47bad6336aef040b53b6c01c9db98d74b18d95799ce30fea60ca2c4ae58f89fcf992765a2b75a4a958cb0c53dab65c0d3467c585e97610b3ba7d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 15256e12f369ea7502090255885bbe6c
SHA1 e29b557bee7af64671afcbd27df5d83f0eaf69ee
SHA256 0a339e98a05e145efd68dfe26bae7492601f7cea6089fd815510716bc1e0428b
SHA512 8b9f05908cb0559a9d177056ebd9ea9c00d444901cb4c8857ae7d34b0c442770890567e6c1f962c6716d6239f72f88af0a46efaba5c6ee8956d0fce2d3b755bd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 090113e209ab2765ac9caf2cd5ef7249
SHA1 01adee72f13afb897b47aeb7a10d84831cc3b522
SHA256 96f2c5fc814c744f7281c585b80d8c39f9e07189a1c225f8b85e9b17d52609af
SHA512 8d6ba8ca9b394484b9ce5f5c727274d5f82b5c4f4d2c7a0232aa6177125637b4e5d8716352bb1d64be10afcac2c693235d9fe474b8b6a4de3dd97899aa7d6399

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 709f6b900ddcc0263bb72bb0f11b7999
SHA1 a7f70fcadab029ac74be814340788cee148e4431
SHA256 82bbe0f8d0d51cd0eb8e6f0a8c4501618ca991204214cfd5f1f30df2bc76a068
SHA512 8b654e75f7e6a8d3888b0c0eb1dd98a85f71ea18c78d142975bb3a2f7ffbb1fc3e91a82be30da520c2a510c962fb4b4b5666e9e0703412b360ff06268696c3e9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 45fcf75fc3344ce9c32fc172ba5d8a7b
SHA1 17176dd9c369425cfc1b2f924389af9a1e39c091
SHA256 808e77d9064b5a0fa2e87f9d2eaa7965e052ea4a53e9640ddd76885856f6c058
SHA512 b95fc13fac346172a887e1a9760621ee798d8a726b78825f01388d5eadec8728b466bab16ff4905bcdbd3a0e4f4cfbe455eea91e63ac7d610e85f20e35c5067c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 eb3fbe1bf2d81032cea655b54981a1a3
SHA1 a80b11e3880fea987cc52f2d4dab7c3c51fd6982
SHA256 c6f9a0d458f631a2ea9a245a6d65ca19258fbcc223beb63cb24179e5d7fa9079
SHA512 4312d91be7cc29a65739e5935cc769b3dbe5636d4f7332baae03521338752bed6e40cf91cfc2c017e963b5e476136ee21d5e3237f2018ec05f9e86e00a48f92d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo

MD5 f62a6115f847e0c192f4c4f92670ac02
SHA1 31a1e3e7a248bd3498a2d54856cf605d8a5bb458
SHA256 1685e8a707aa4b9b6f86dcfb89eb93aa632196eef708f3e5e4785a7c5f4e322d
SHA512 808ce21e3232055696e434c42d1d9b8f1873fc3167de2f83bf8a1524ff3a3a950067d03a38e46facbedb583758ca4d6b263a7e3e01fe3a869f37e07d6f0cc0c0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo~RFe5ae2ef.TMP

MD5 5d0414083e8babf809471cba9aa5e5b5
SHA1 628a34df5219fbdcd757942552923054f57919e1
SHA256 aed72a9b08791afba1feb6f5235dd8d5bf4b2e199dd055a8a80988fc21d1c38f
SHA512 f5a3f363d686cf4b2ccf0e9f4c2d53f47d5fbed2207a3c44354a1dd00e57a7a40766e99fdae0e8807d83f2fc72786e1b9f7cc14bb83dc2a5d4ff98a03c69ce54

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 c77b3aebab85769996588ab39aa5493c
SHA1 6f53b06e039c61bbb8edd89dcb679aa16384dbfd
SHA256 24cb79f031ff2ea9c03c021b7373acba0db53af5c6ff6f103e2bb551fdeecc13
SHA512 84c8d5382c75830ac39ac708183f528e290a34e3942212af2ac0516efba70f69786a014d1715de755a3be69e0e0bded5fad0408c53752b39c30d0f3fb27b31f2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 04c155ac7b4937fded0bbdb9a680ae9c
SHA1 cac0e139dac2566b37821b853abbcd4234edb83e
SHA256 bcf3b49cc47f22ffee635b1a32bce1746ed80b3027c4887572a75cd42f35c524
SHA512 91cb29dd2a56d68000a28bc5787eacf0058d04b193bcdf952f5f8bb2d9ddd59c50834a88e489f83584c41648397d8256ab4d0ced60aab520b8acdc96840d954d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 f7eba7d064b3470e63612858c71546e7
SHA1 cd407a86c2f4b44d9e1ee57dc328c454e38ea78f
SHA256 f3fb0563256b7bddd4e1709ba31f96529465514aa4ba23e48a4710a222212e5d
SHA512 71daa14a462067605259cda9a79022d240d09e12d70d25ebdc632f9bf3e8de707b98bd9ee8e60404ae6da52c7aeee7cc098173a215a5fda66c29d89d4cbe8093

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1095762810\manifest.json

MD5 7a74e28cea0b1a8f1969ff4ef4430047
SHA1 11cbf0dd7060e36283dea377fdfb1105068eddda
SHA256 8fd032d30c7b9340e45428cfef8aa409a5df1f5a89be46ec0ab92e7ac53cc2ca
SHA512 f5cb2e55c0ef4e56fa12bfffe78829109214aa213c193da2e75a51d6bbf5bcaef1e74bb40e091abfded7bdb076b2c266212abeb05aaa87f4cfda804f581c2b0f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\TrustTokenKeyCommitments\2024.6.20.1\keys.json

MD5 595a80c921652ccf09afd0b196fe3a94
SHA1 e4ae3f8b880e57b64c6e899505a4ad1ec99d6d6b
SHA256 7d9965e3d4c47a32fa6d7b290704f22382b70b80e414ce091eb0b0964dc509a3
SHA512 0dec0a48f2d13100e07a114dd288370a4449cc347162d6febc8b9b1dc66dccacec6bee79b7d42123c12c7500881e31f30cab5ef3f77029493546cf262de583cb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6ede9f6ba259b11e57e247fb90581f77
SHA1 2f16c659ea78d87ed70652d80b1ac0d55213b743
SHA256 d9f5dac53103211c3682d44fa232495f844ca9c97a1135a10c501d83e4b2e8f7
SHA512 29f0d586250b06f99a45d8eb3a1d11a066e36c3230f1e782de85d6b44d29bb9a52419a60a2d24d4d9eeaa90b1e9adb441e25370f8155659cf1946e1224e4b0fa

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 25aec3d1f8a0dc50dda3489b0cb1dcd8
SHA1 1d1ea9025590882a2bbd5e10cff10d0b8682cdbb
SHA256 087f935e4306d1f9d5b3a9f5ec795b329b1854f3da593feb26132c0cdd6dff2d
SHA512 489364f170395a4a8153589d6e0e13d1c848b463f317acb419f5f344cdfeeafdba83a443ec9df37ab76ef9e216671e69482ad758a2617171b5c68e3c4578bf7e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State~RFe5b2d17.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 2b630b428b511483c9a023224b825349
SHA1 6287bc16d8fe3df58fcbd44b1423f20fff0f4e2f
SHA256 c3ed9fe62839029d9f072c413cb5662f0d4d61e496b9dfea01598ef6c5c3d17a
SHA512 6e54b900c2265a41f6b84d45f10ebf47e9ffa74c4abac2105817056857d15adea52a1eb961d381bcf56610b71651b5be559787dacb27e1b53ddd4add81a60e0d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 b4ae3458c006da53c778cc0490d50132
SHA1 2fba13d9f253a173ef94dcce12512fe025346b5c
SHA256 8158e4a1cf33f9baac13f228fde303d77ca6b07828e4e6350d71bf4cb59e8c3a
SHA512 e8f706954cfa2924062ad973137e90b6c0aacf3f8db49117af8740e6d6d4190a599992a010bfb249b38d2f7dc8677ecb45372cd1d4d72a81cca8eeb3788ceda8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_226942362\manifest.json

MD5 5be67ca403afd6d1a47f0c56578bd8c2
SHA1 434f0f82a741dd869c20af9d87a7c8b74ee6a132
SHA256 0425063c480769e254f7b23b7d850db2f9ac5ebc130777f0878e48bbc5337052
SHA512 d008b88aba3f76a3165e31b137be6a2b29ee70831c393119d5c652abfb784d61c7229293f289c4112db593592d86b0a2ba4586bfee292154136a2447e9b2249a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\SafetyTips\3033\safety_tips.pb

MD5 3e3b6ddf8fee9a502253ff810e727efe
SHA1 039bb227ee6a33bd9a5702992757302b7e261562
SHA256 574f584b1eb99c8b3b72dbbeaef489ad2a41a998185374ab06337ba19edf4689
SHA512 f71de8802493d8a15d1ec10293379e2e6c8d7f2355fc5ffdd7b37a27676b26641127e52cd7bd08a6d68da687ed3058a901775a1dd041a31134d15298a968c206

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 3a26c9d63be151c2f34b0d90494006ec
SHA1 9ac7c3bfcde25b91212b547b9757872486bb9b54
SHA256 e3e23504a90002efea893b8dcb25ce2549bcea3efe2da43154df2143cd8b30c0
SHA512 b1afba866a12a5aa03e1a513bb4537a70c0bd6c4f981346e3ab8a1e3db27ac85530cca3f3dee91fd74f358dbd4d817b06e2c02ddf2d921b4ae02a843aae4939e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 bfb1b271a246c52391a0d80738543d68
SHA1 d61645c04da2628d2e8cba8ea61802dfd6def201
SHA256 04ebbd1cd9d6ce8cfd667f7522561bbc72931ceb8b7fc768b9db62afff2a9664
SHA512 40ddd53b6e8ea8fbc7def779f0d62e705bf172fc686a615ad2cbda0b140c7a071212740466a3d664934e3e60583fcb7684eda0a016628a189f329700c46e6a9a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\79d4fa5f979d0a01_0

MD5 43bfb86c1d011699ef211246864c6cfe
SHA1 b7be15381856d40eafd3b007c2dea68887eede77
SHA256 c18f7352c705ed4af0d10209f66ddab3a1b46077f7a09f3a128fe870ff195c01
SHA512 71e1df51f9ccc31aefed304c82db84fc895f5e8f983b89c2b3ca2f5a0c0ed5d09182b9b026502b32733b47ec20ea7fcad6de42445647820937956890c097a6e6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\7827bee013d00f80_0

MD5 46086179e2a1c05a6c95d5e9927ce8b4
SHA1 8e5f0f8db27998195dc14d9a2f08bc8a2f1f9c76
SHA256 417a7705a2df06e622e49d07ef6b95a7882708f7c429925da44575f30cc9a0de
SHA512 0771bf05a7e0a6302ea33fa2fca6892f50397af5473e6e91df4ee3923007b37b32a0dfa42aee6ecddf4866cd90d68f0c7ed14bb4a016be6cd16887c6fb897063

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\60066e49286e850e_0

MD5 abcfc9e7442d5d9aefafc6c34fa50d2c
SHA1 0fecec408085b0c0b0f3921c28c6f5d71a159c18
SHA256 4c7e186813cc90abf9e914e03900d446837441ec4629f7bcf776be1ac5d71a8c
SHA512 4ba471b7dbd9cd96ab4e3c49d8215eddc5f06a82f14edfaa2b6929dadcac6d0fb656b54828dc8353d21c5ade45ba4034ee85175b91a4c719b53b1c013ae9bc5c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1458602318\manifest.json

MD5 10950d82748d86dd18d27a3ff48e3d89
SHA1 51f45aa31aa80eea0a895c2593644b18437f0409
SHA256 b01191554fdfb5be60e485d455168942b73fe1d92f6994b40c859161f1d252a9
SHA512 84103bb69e1ed9ba8fa50cb6274afa3509a46333725ca5e5316f066041844605287fd938a7dab7b0e0997aa0313b4abd0a75ce762693ee5ff6609668a6647bea

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1458602318\LICENSE

MD5 ee002cb9e51bb8dfa89640a406a1090a
SHA1 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2
SHA256 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b
SHA512 d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 03e22c2c7fac1c656989f09f4cc95210
SHA1 29bc3b3b1591f0ca90bcef44dd9544bf22f8a473
SHA256 8b8542733de04faf87d8b6dc3a2e474a61a4ecebb9ea83b8ffc892f31c119210
SHA512 399324036f93b3513d7453c4eb403ec018ce4d7a4f9767de0d4e72d869e00c3d2963c73e5a9f42bbfa4f0261d6b8c85244e024a22d24be9959e5babbc448ddec

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 7430ed620867a07c3ede4596bbf41169
SHA1 bc3a7e53dd362fe0e6f3c9f3c862cc7f581186cf
SHA256 5e324500280220bcc97ab11bed22d55eac47b143fbc97eaf54398ef7482e824a
SHA512 53bc7c58f90569221606427a6c6fe9915698b3e7bb165a525c5ec41369fb62a5d3bf59bc67c8654959e68959d6074e337fd84c2a543974a7af6d80fe4a3b2466

C:\Users\Admin\Downloads\Unconfirmed 439379.~

MD5 4e19e70399076ab58d1160d0fa2664ec
SHA1 e7ca7e0f1895c6bf60a14d6fbb0ccd4fb10a3134
SHA256 b9ee60f31be0b7dc3f814c8abbc7caacb6a3e1dc7eb1504b8e831dd42277f8d8
SHA512 f6338b52cb5a80d960e6b1ec72a28538614782a75d0270cb89e911160c0a0e8e3a4d0f93fb902c70c37cc5f4da0529043776e2c0b59287096f976addb7e584d8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 eef4d6b897ad4e3b1a2a79dca9314fe2
SHA1 8b675d3cd5a21fdce36e12ea98f4b16a17ecda67
SHA256 74f7ba8e3239a6fe44ce7fbe921991eb6c0ee201b0881c63b07bad43a6b971e6
SHA512 32901bed7e7b98e87c349e460213be805f34a2a97733b439285ec0f3c7e291b8af787f2ace0080d6676e99bb1c40ad6191fda3aabe1d8dd5b891021b897ac7da

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 b6a627f51cfe3ea963fde3d791c2817c
SHA1 6dfd4a50bb83c17665ec705503e49fa651c762b7
SHA256 6b18b23cf1c0c8ca58e07d8f90558472bc531dda1abfcee073e83cb46ae3e77c
SHA512 1640e5a7d6b715a757a1b6fbd387340e19046d11f67eba51955ade7515cb2c88a56ee9ea5f668a1601b6f26586faaac5f9f24910ef9db2624fdb0a5eecd1a394

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 8103cc082664d470ba5972cd72025ebf
SHA1 999ba3571d61901fe00ee8f5196587e355c168ea
SHA256 ca2b734b3a571383676875a17260c3fc60bd9d1b4f2c5aae4c994b8bcc49828c
SHA512 28414cc313219b5111898c8c6367d1f83a03291a32f2363b0afd2f88d00c2b4263721bb57682849ef8d5952c1eca14b11da51862196c1b0b70fff7f75e9e580e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\58940c10-55a5-486d-9572-56b37e955b72.tmp

MD5 2a2cfbe9e614c2dc8ffca066043e07c9
SHA1 6f4b0e45bd84238d298ee2fcca60fb8f0e2cb14e
SHA256 fc9cde01208a16ce51e199c974a4c57c4f6c9c415d33ffb550f9b5f77507a644
SHA512 57952b53221ff928d13f60c58314ed6c0891f7fbb52ade56bfcf8a6a6511f0cbd0b1bbd7c91ab8619d7c064e9b477e6d2b15dede723f10621ae2bac0a0e865f3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 55b77fea7df8ac5bb056c42282f6aa74
SHA1 0eb657b2448d40c808dc11206e9375158680bc69
SHA256 6e65346430e3dcae021edbe48f2f7a97eb12a1bcb460fae5f124157a351ee9fc
SHA512 2b9314e602038e6795d25ddbe80e6b501f3bfe019098484cfff77569441b996c1ca27aa16ca9f107fb04a1fc1a490f5b00da6731b8dbe574642adbdb81a60acd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 975ff6b02fe86402b9545b9a293016a9
SHA1 855c26e8c14d783e5569aa9f5f8f61957243be56
SHA256 e0c61e4cdb42533a051899c4de7eeb50a2c614039704b4bc77bd2266c03680db
SHA512 ad73588ce123c3d414115746fd491f4fe46cff5bf250e577b1063c0b71c0f521ec604af6d41deca31d309cbe7b60f39a6c6661f32dff4496e7facf820f8d6bbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1bc1419c9253c21abeaa1357bd3f2eaf
SHA1 aedaff7b6be71c36564d10767923f275654ff343
SHA256 b38f20cfa30abe7fd399a3d6b346236d56163ebb5c7cf6bc00533d715f1c7289
SHA512 18c0c1928a0f362e1f3c395f89bcbcf12bf15e4e6948377cea1db137e6c07bc81ebd6b858bf162920b0ebf285ea588319866b8b7b2856ac63d79b5466c33f0e6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\ee0728e346456ad7_0

MD5 c0f12d4a0b58d2eab3c05210c8515ce7
SHA1 7331e3b2d84b5bfb479ee8e7aee832b16996831a
SHA256 8a92ad93f6e01aa2a86db4566e508d7e7ef7c57a89c0d3f9248b7b4b53c9a289
SHA512 e9e0a50791f083ae83c092c80f959a4b9e9c8b94667b16a0b5e27ce4cbc8776fdfc77aa4364ff46947c46f257da7c8c2c955bbfa96b5aad131d9e02dad035597

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_872191792\manifest.json

MD5 b0081117533a778faa0e45ac4609a5f4
SHA1 68a08b5412b75fbe547073399f023d168d638125
SHA256 848e8d63c8e1f7378f55b4791e8dc60d491d7238b77a1b27e57b4df922701f4b
SHA512 cc5caec4b4b47263efd08025bacec1e181e835f83e1e7edf77bacc991d2ca7d90732d80c0981062b2a6fba6011ebb61a403591dd1a7475337f7f5e49a4ecd97c

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\7z.dll

MD5 4da585f081e096a43a574f4f4167947e
SHA1 38c81c6deae0e6d35c64c060b26271413a176a49
SHA256 623e628393bc4b8131c1f4302b195429dfa67e890d3325ceaa56940660052b1b
SHA512 0fe168bf1661691dbaa103e478dd7e46b476db094bf1938bf1ad12ddb8a8f371bf611ff504d2eb3ac319862444cc64a27ebee8735aa3752aa32a399b09427243

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00004a

MD5 025c67a0703a8dabdcf0339a3913c78d
SHA1 f0be153b2e42ec9a0742ca3c850213e9af0b8bb0
SHA256 5a25dc4bf661f7a5020b9420bb9f4cbae3492847c54e3413d37c9934cc06711f
SHA512 192e13223f9bf363f35642af64273a1e8cda0f98b5e53296a74331a5e1942f99fa6a72ada3c10df80c59159ce4fd760e253aaa98d7d97beb9511fe14cd98bc2c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000053

MD5 351abd831ef165b0d53a677732d916a7
SHA1 0a3b58e32b4c96222f95965b983c1883866d5923
SHA256 74cad18795868a3a77256e6a1bce43e5761782e7c72efd85d578d6d91888d5fe
SHA512 1b11ef517b4a4fe5f8404e2318c5d7e583dfcac5a2a0d9ec9efdc75786b15262058a25bed41b9a291767aeb7147fbf01440bf618a1cf4778ba90d34cc825ce18

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 c209aa92bca3d1175474eb0f40d753a1
SHA1 d44bf6effe0cd483a1871c25c867b3ff2fa80da6
SHA256 3be345d3ff45bd408436abb93b8c678f6603bfbafcd9a0991e55b8e0adad9514
SHA512 7955f3fb94d47abcd1154f1d0a418884f9cae1c170d8f83df9b61d53a22131923d6e148af6da78c4fda5267e84b7a391f67f09299d91994f894f95279526ab66

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_788690434\manifest.json

MD5 adb45b8125bedfcd51b4121e6e91c7c5
SHA1 880e19f493484107beb040c6c829a6247db3f663
SHA256 9383ba8c3d352e8fd0f12ad7acc66964dc6fc11277c024d6eefde0bd8986f424
SHA512 8bff4458ccf1f6fa4a45e43ff02f89c458114209b26e4ae6ac3337a88dfaedb7435e77d96fcd94d3c29fb341be55a13d48a6cc47c9389e6874cf0652cc8eb16b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\yandex_payments_autofill_popup\component\23.12.20.0\popup_config.json

MD5 bc733993188cbb21a81e932fc69f0c1a
SHA1 d90b12a0c1e1be4abbea27bd7c820fcff7406f41
SHA256 aa6e9e04e1fb6d3bf665dc19511817708629d428e55b33170ec142a7233a88b1
SHA512 825cd2a869ce40e1053f745f5e42d398f373e3b3bcca484f88fa64ca76ee95074a5f7a0e62c6768de157d33a6795744e05f501b96f7bcba039177c0f6f800ef9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\yandex_payments_autofill_popup\component\23.12.20.0\logosv2.yprt

MD5 1d41750213afd92544be52dbc3b3c894
SHA1 8b1cf6ba3247e2ef5f15d8e8b121977d28d22b2f
SHA256 4bf3b7eda9cb76188d2a14daff85cc7a3acc8a865c493601d51e2c31e03e048d
SHA512 6b793210b4363d69285fff86ae85521871c4c014bec07c1f96c971dc8e2d9508ed1d753d0470cef08760288b63b39974c653d3ef8cf80022b819757f4feca96c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 f4d0344bd6d5dd72e7c4ddd9095b031b
SHA1 782639858a086d07bbf8fc18adc8ff969c15ada3
SHA256 289d468998b315fa243eacb178dc0df4e358f49efc084fa1b92d245990e02069
SHA512 55b5d65f4f105e8e6a71de1963e97849d4275272d1310aa59f5f07585d05fa9250548d6c6152eaf7d05a4baf631025e6be2af5664f6c5f2529eb21a6c4bfe800

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 9b67be98c719ec2e74782281d447abbb
SHA1 043c5e10fa016873dc14451ad8c231654efc157e
SHA256 a6133d5bcf27d64d1d101824d200df47b2344a2662bb9b66fd68e6393670a240
SHA512 e75e7e2b4300008beb7ad0ba08f2f36621224a3e1e3de5e56ed06e23770eed4b74a168337fff53cc5883e8407b3ae81d6b28882d15ef6732d861bf9e12b6544c

C:\Users\Admin\Downloads\Unconfirmed 572327.~

MD5 f0cb04ad4c15fba31532eb922fa6de6f
SHA1 097d5c12eae63ba6f9e7791aa4d65c6dddb4bce9
SHA256 91068efbef44f8ceedbbbdfeea8959633c4ecc9100c3ba08b2603d7c5d59ac22
SHA512 5ada7baa49edc7ad430f1e242b0fb648018b25dda7466059b2c963f95881de0be867e0237fc4fca997ad420c2c6a42c39db0a9e0242c58ac02b6a575388f0848

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.28\mscordaccore.dll

MD5 3143ffcfcc9818e0cd47cb9a980d2169
SHA1 72f1932fda377d3d71cb10f314fd946fab2ea77a
SHA256 b7fb9547e4359f6c116bd0dbe36a8ed05b7a490720f5a0d9013284be36b590b7
SHA512 904800d157eb010e7d17210f5797409fea005eed46fbf209bca454768b28f74ff3ff468eaad2cfd3642155d4978326274331a0a4e2c701dd7017e56ddfe5424b

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\MBAMService.exe

MD5 31804b530a429b25e5763de3e7e5238b
SHA1 4d8eb7342a2bad8318ac51a02b7b55f978178422
SHA256 1541c57f87f24610dff7a77af7e932992ef574d16ef3c5e7007255776951ee3a
SHA512 efb6d78ad79c6edd8378640d2e6082320936b20462279ace63b127602009b06cc7097c822706cdbdbf9603e33372bfb5c8492c0319030a687589def37ba3c416

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json

MD5 d94cf983fba9ab1bb8a6cb3ad4a48f50
SHA1 04855d8b7a76b7ec74633043ef9986d4500ca63c
SHA256 1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a
SHA512 09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\dbclspkg\MBAMCoreV5.dll

MD5 0ccbda151fcaab529e1eeb788d353311
SHA1 0b33fbce5034670fbd1e3a4aeac452f2a2ae16eb
SHA256 2a6ac5a8677bd1b410420183169b9ca9ec87dbb78ce0f11ebac2bfa022df7c70
SHA512 1bf9b8849b27491ecadfb4caf4e61926f9a0a8479c247a2281ba2d7c1ae0587251330ee29cc053630047e279ef6b52d3a125e21144b9688f1328f101bfc3c2e9

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.inf

MD5 c481ad4dd1d91860335787aa61177932
SHA1 81633414c5bf5832a8584fb0740bc09596b9b66d
SHA256 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3
SHA512 d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.cat

MD5 60608328775d6acf03eaab38407e5b7c
SHA1 9f63644893517286753f63ad6d01bc8bfacf79b1
SHA256 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59
SHA512 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.sys

MD5 9e77c51e14fa9a323ee1635dc74ecc07
SHA1 a78bde0bd73260ce7af9cdc441af9db54d1637c2
SHA256 b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0
SHA512 a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186

C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat

MD5 5e0e2d584de048ec8e1d96a8402b9074
SHA1 bc939970e17845f19b5487ebc0f1962aa4f5a756
SHA256 2b7b5bc2a6db622fd284281cd712081dc0a8c2650ac55133a96d2a719306f41a
SHA512 8481bc8a5a7188e3d242f426d9daee162ed372101327ef6c452bdabb64cc3b5c38814715705d8341303a3ae1b377e6a0c77b8e0d7258376f563af8f9d21131f9

C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\ctlrpkg\mbae64.sys

MD5 95515708f41a7e283d6725506f56f6f2
SHA1 9afc20a19db3d2a75b6915d8d9af602c5218735e
SHA256 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6
SHA512 d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08

C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe

MD5 23f1360ae0e948d300f0f62b53200093
SHA1 e44fd6f0248e0a02525ee67664d83b535d9cb7d3
SHA256 40dfe0689b744e0812ce857f7221ff85431ca37315d9b4f75ca40892af5870da
SHA512 6e34d2546626736aa26b369a86745bdb9816138244fba3d5b5e29de4585cf4e66d52c35b5c5a577f252b62a137e340dd9de36c08a06f5395baec5a726ffb5222

C:\Program Files\Malwarebytes\Anti-Malware\version.dat

MD5 c75e58e20ee6aa037b02db7c0fb96c6f
SHA1 164d12ef06d7932f91d0f41cc7c9a306d8b90ff1
SHA256 fd2aa8af915bd9573aa678b8af2810567b7259b5458ca8a33d55ea29907ca55d
SHA512 2ede9925a9f33dbfb0622ee9ba509c540728cb2be94b153942175427718bd4b374812883998862168e3fc63c44a2a9a6a26631fb2770150693d152fa4da68bf8

C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat

MD5 dbee8e7bbcba63adfa242c00f228afb0
SHA1 6aae8d9e4053cb52a2f1b6847e65ec6335dbc0fc
SHA256 c01415842abaa4bb6ada941a44c132a4a41c55097fb7e931decd04e8b5d6d380
SHA512 1e82896df024fe6a2390e415bcf8dd92f71125639daebed99e115bd9ac219b5667201d29c6b2390a2fcd505c3780ba112ddfca128137b665da0cfdbd4d63f038

C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json

MD5 e3bed29d538f72ee6210d0e1bf54e2d0
SHA1 970bffdb75bd5f6073db54df16b6ebf591498df8
SHA256 3bd2fa4b015f59daac679f35459c99d4ed4497f3420d3047077be29b8e4782d0
SHA512 9ddc2fccc0e95c1dc4e8ebb54662096ef7aaca3fdcef2de44fd32a75e4042a2bfd617a098eb99b684c2871eb8d0efc3767d0004c305acff15ee3d97f32b01b81

C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe

MD5 46f875f1fe3d6063b390e3a170c90e50
SHA1 62b901749a6e3964040f9af5ddb9a684936f6c30
SHA256 1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec
SHA512 fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557

memory/4448-6633-0x0000000000090000-0x00000000016B7000-memory.dmp

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo

MD5 2afa956341331f4dd825580841c6d366
SHA1 25bd11c14d0455cd548d09d91f6b377ac8dcc69e
SHA256 ea4b918dcf1cdb55944b3c6636f56bf17099d9be61b3d1239c7369cc1ccedfc0
SHA512 e092c98ed3d4b8386b019c90315cef5f9808dad626b5c3fcce6be1019732c912a8997c0dc9051a7bf953fe9ed0d28929df0c086e8af4fe8f2aea457dbb91f7bd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\neuroedit\24.6.24.0\_metadata\yandex\verified_contents.json

MD5 3134d59c293a968b89f7a4f43b48d592
SHA1 a68472b86d0db453012fd81dae5e0e7a038ed62d
SHA256 497420490539f0d802f7b49667e154b9978f614e6eb59a6cf7ad7f3b0daab247
SHA512 9fa12e07eee8c6292957e2679c8b256b58fe8fd4f19ef741b73e0047c4f4106c00426e15e50d421c5e0ac5409f7cb1d9144b6d3c096c08e40994e8f4e6f839df

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\neuroedit\24.6.24.0\config

MD5 d215c62f1ff65afd2cd28fe8d7ae3ad3
SHA1 e615851a7dd8c356aaba53ec87d6e9d2cf2771e1
SHA256 e442e6c6e14b910942b4e6f8d9420db13bb478f30d30bd53b7f87b007b1e9ee9
SHA512 62d97990d76d9f5c0329e8ba5fd0a1f7e065a0d09f41b294560bfe1ffa63ad1b18ba284455dd5baa68cbf6d86eb1022740b5c24041c2704125434499d13d3066

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_970700512\manifest.json

MD5 f778ae37d62abe52bef6cf0941ce323f
SHA1 a675c897fed47dd8ea617fa09a7210196d9bdd88
SHA256 4b4c105aa6388014ba46c22875626eb1b6fecba383f1dcfdc247d1c443b7e83b
SHA512 f6a1cc3bafceaedf8f73a741423fc06bfb8dfc377584b47d472d18657ff624c53d99de21797780cd19b78a639d2fcbc43f173129fe4b917fecbad3324aeb4751

C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf

MD5 5d1917024b228efbeab3c696e663873e
SHA1 cec5e88c2481d323ec366c18024d61a117f01b21
SHA256 4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8
SHA512 14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a

C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.cat

MD5 8abff1fbf08d70c1681a9b20384dbbf9
SHA1 c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6
SHA256 9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658
SHA512 37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f

C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.sys

MD5 83d4fba999eb8b34047c38fabef60243
SHA1 25731b57e9968282610f337bc6d769aa26af4938
SHA256 6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c
SHA512 47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 d0050e00bb76dbf53696785fdabdaf1f
SHA1 d7a044e578e93a008b2c0a89008b606556b109f9
SHA256 5d2bf652aceb2b68aefdbdbf53572dc0b38a9c513556f0c92d9f8fddd0950a3c
SHA512 c70b445c82182fc6675a4ad52f11d6e0ac7a878dc87e4f98638565f2a242754f3bb7f4ce08598c9127dc231e6ba241ce1dc9b700788a6ea5fd3cc6fa1d221338

C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json

MD5 a2f8ab3467e2c8c07b6c220ddee7dbac
SHA1 ec3f3bac51d85abc3a2a3a09288bf7b2ebfa4c88
SHA256 5753adb8585f8cbe1734e038912b65d8f2d48c2b2a497a882e950d3c70b988c9
SHA512 e9d9df8f53ac337cd4d14e3ef251bc8beaf2abe8bde8aba1b77e10c66660da2e39a782ba99b8fca961f69b98e6890a0c3f668779b8a41db1438a6a012f8a20ba

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 6aeefa4893da8ddf28b45ad703e05524
SHA1 9dffb3c13fe876264c1872b3c1fd22f8d304a803
SHA256 6de3c345aea09bedb5bb44884af22ce076891fa2551bf2cdb302ef97b853385f
SHA512 65e4f77885c75f05356ace909d3e7d73becc38ee8bdeb0351af57d2818064cd46b05cf9fe18a3b42d36aa8f9c76e7ac03e8123dcb067170b27afced3a36bee1a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 5e93141ab6781456258d2107da5e08c8
SHA1 97801639d6d74ac74958fe6692b7e020498c9312
SHA256 df24b050609d1ddb49e9ec4d67104c8d79ef7a8ccfd7d569f2523b21ecb67e75
SHA512 ee366bfd601a4d27f6f3a4e7d400401f91928749bf25d03d374025387684d97f010b6fdea46ec4ecfb897addde565c72f5dd6e45f21029f827b37db25bcf3721

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

MD5 63361d365c4ed74c6bfde4a0bdfc4dc6
SHA1 db9ecff13d16ac8a45b1b725a5ddd94db97eee32
SHA256 376efc225c4765507aaffddb21f35a3ad071ca8477be6a029fe4c8f402d5281a
SHA512 13c9adce11510db3b6ed9f83f360e837ce4afedaaedc70cc92573085b9a9ca25a346091a87b67970a7a57b6909f9b02e9b509a682897c4c1ca398e6129572ff5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 bff1e2296f90e0fc486bf779d76a2cc4
SHA1 b89b57d6b0210d1a7ec0d4b6c1a89f619ef7ff11
SHA256 60b0876a9b38e45593d1a4eea359608f80d304341cefcce3ac83af9ff287f05e
SHA512 3e33d634b829d9143c425fdd2562ee4985ebddb6e5d9ef1e379b00dbd95a3e1da0b0f227769f37eb415587174fa242fd6c7aa5896b8872e580ae1c77f4028326

C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat

MD5 0cbc6098f690a2b51177f51b005b5731
SHA1 a60aff1e78e7282da282b61498d4a721b0b7a367
SHA256 bdd8b7eeb9650f2b322c1cf13f478ba53033f22d9b5abaa781938284ac9f0b0b
SHA512 b6d4e725044500b121a014aef8b72f38167469aef79daad7f27a186a8324409c55bb282c7243ae3bf13d7d4ef15d383dd70f02959494c68e42cfb33fd788ec51

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

MD5 ac880a689e4561b9d4cb896c4dae1634
SHA1 11f41ebaf1bc92e4357bff508a6fbddef446dac6
SHA256 56845bc76a580e13a7597a5020e05ce1ffd49494ca02aa2402b45f92f63ed92f
SHA512 a52fe8bb1091bdd9aa63a2991fd17d79e2072f34f94eb649c98cfb1aa6f518aa6253dd4c14aae308e3da706789932a619a2418175a679ad3d434f15a25deb771

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak

MD5 e32567a2c89afdc0f52fc056e3df7fae
SHA1 688f86c082915cc369714ab0c642370b3b2f8036
SHA256 02bf8b9f8179bd374f7f425c16977955c1765745f195c692deb33d1d01f8b7c9
SHA512 7f097f337ffcc357798ceea5a46dc455a347b5a5fecc06a8909fb803efe3ef360a6902e1becb0bcd33a8eeafd6c5d34ff3ccf9975248f8e21f0b24ebea0ea4df

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

MD5 0c5340ce86d603145f7af32533c42e96
SHA1 7e9c0307b4675209f240d955ce5d477a8b56a9d2
SHA256 e82433c668a0df4a32469fc1083652d3fe9302093ede1e53ca58c6a3bb0cd241
SHA512 e8534e7e9ad63ff27f4057afd6a00c5dac2390c90b7fc0c053774cfa04f8a43d00b161a2278c7075c1642bffa5a623010dc2c745d10b4ff7e5f618ccb5116eab

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb

MD5 2f7423ca7c6a0f1339980f3c8c7de9f8
SHA1 102c77faa28885354cfe6725d987bc23bc7108ba
SHA256 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55
SHA512 e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb

MD5 546d9e30eadad8b22f5b3ffa875144bf
SHA1 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d
SHA256 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f
SHA512 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb

MD5 d410f4e79ee7b2320d303826772f9e74
SHA1 8ba186ca70d33a15647eec931d718a9a8e6d5b72
SHA256 06b3c6a6adc9bd68204d469e0a1df78748ead0be39ba84cff302f2969d743d16
SHA512 3baa212a2bf5e5a254fd286e0d6e9d080bcbcfaa42470af4d5cfb7a5ca6e6a663c2919e5c2024931e29c2f8ea880e823be42f38cb79e30bc7b5c4961a9ade32b

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb

MD5 3804f87087cccb0b35d446676b423ae9
SHA1 4463b5d4fa3cbaa41c7323a60e62019f6f923e25
SHA256 4d08e4b82964d74ff57058324551b1c0038d61c07919bfa0c5ef56adef4cf3b7
SHA512 19feb8d2c53417158b01375ceb08b3f144e185551953444514621ab2318e1e265923f60096d406a93ae541a9f2126525c68244a903f146003999c7d3dbd22e5e

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb

MD5 365b76f0b1f87e99d3a02249af03be1f
SHA1 8856461d7480a61350545fb0fb0123a41be42ef9
SHA256 48c2c77d1e5ff385cc6fbc8d487196c4d9b2b728ea8b328daeb1fa6c8fb552cc
SHA512 8651cedc6b3e8e45c10f68603b8fe7b8fa96ac2a93386f20a7ed892360ac98e8843b34b10552a14242d4eb57bfe5cd6c8cffc3b1eba5e429b29d4c16f83a0590

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb

MD5 484fad2ebc63e56ea05a278f5852f072
SHA1 5b40b61ab222b0cf1ada5a928ea4bb6d4e3669bc
SHA256 f9d58d6bddd03b67d7a1125737b0e2cc05dc007d70c2d15cc9daeb478bf7c8e7
SHA512 6ea478f9b58c5e5fa5056df6f179d3db987f0fc6dd1c562bc1da04d5a158d0d62789f1a23adbf3f4d6dc5e0eba46f0671be8ca1484c2c0f7fbcf8b30b45f85b8

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb

MD5 68fcb05b981a9c846e2ff8f2d24e3c0f
SHA1 75b2c28fed98c6b468170659ac3019c1dfe100b1
SHA256 734ae7dbee6e614f1ea948a1531c6a515d7d728b2220a92f773c556b64dad212
SHA512 a038f9201f37b6e3380f5a22d1b82434b6011a3590dd7186ecea2b45648b85eb5c5f79c376fecd2eac75d1278aa9da6fffeabae254443590949d67ae82b7d430

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin

MD5 69ac80ec518ddfcb3428c91e1064f4ec
SHA1 0d28ef92f3b27a70dffaa780999dfdfca078de1f
SHA256 9345fe4378ab8bc156b8e87d59f76f5dbde8f2a554941d5697c1c5d7bab508d9
SHA512 6e91f24aae10fe9f872a9ac7c62a8ef86f9ceae7ef47d06d38d355f31d874d00a36527c08682b28ff4bd31040bfa5b2738ebc3dd732b74a01a0e764c549134ea

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat

MD5 2498cef0de1c6bb0886b9bfc18c0f94a
SHA1 c3ff934a610e3259fee57aa1f5cddd9059be0898
SHA256 fa6be786109d895223d5b8efdfafda1c16a719d7f827c8c0a1afd22a4b186369
SHA512 fb5c99a92956d1822b1ffd2ac0fc68cf02ce73ad2b6f38e713c6d368d29c8a343b4570f05ef82a08049188fe63e0653501fd1d585302a05f85b740207317783f

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm

MD5 d051cc125a75063b57b7f8df0ab7c71b
SHA1 c0b0f56a30f5072f1121a70809d152b014d8943f
SHA256 f6670d2bd29f8e1b028e71e263b77a377797a1cd52380079d57c2908bea38fa1
SHA512 5cce6a21e420aa12acc73878106d958cb806c25048f9101d7a3b0cb196ac1fc0c81f52796d8b922b9bd4c8283aac860ed18bebbf914916c4683ceeb14dd1f583

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr

MD5 d806b3d9414d09ae0455b0fcf9792f0a
SHA1 ff482981eb8446276df306d85e9f381840a958f0
SHA256 cb8bda25b18c39d609c2bdad1d2fe7ca6f46adbc6eb6e4577c521b2f2d45f86a
SHA512 644c07f0042404717c46e33cedc5b63b198501402cae40dde5668f212a57e0f7ed1f30fd198fc3ded4b4dbbed242ddd756813e5a0c4b100af09e188049eaf5b1

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat

MD5 10f23e7c8c791b91c86cd966d67b7bc7
SHA1 3f596093b2bc33f7a2554818f8e41adbbd101961
SHA256 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc
SHA512 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll

MD5 f802ae578c7837e45a8bbdca7e957496
SHA1 38754970ba2ef287b6fdf79827795b947a9b6b4d
SHA256 5582e488d79a39cb9309ae47a5aa5ecc5a1ea0c238b2b2d06c86232d6ce5547b
SHA512 9b097abeafe0d59ed9650f18e877b408eda63c7ec7c28741498f142b10000b2ea5d5f393361886ba98359169195f2aceeee45ff752aa3c334d0b0cc8b6811395

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll

MD5 ad5afe7fe3eac12a647f73aeb3b578bf
SHA1 29c482e6b9dd129309224b51297bff65c8914119
SHA256 7d2c7bc745e07d54f1c26c06d7438eb40ec6f5d17dfa15928b67d447f4c63747
SHA512 5be9f8384cc22bb7d69d8e532e7025675db16777b2d01ca1819a6e3d8c7daaaaa23d842d338d55d74eb9973e230a8f9a11ce7524667fee09b18fbdcb5a49289f

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe

MD5 ffe5a249402aecd1d0b141012ef5b3cf
SHA1 9fe9b21390d35a0f82097fddaf1ee18e91fd2f2d
SHA256 1acc1c8c918e0ac6cdb4fc41d96339959d42a71947a02f573686ee091606ac57
SHA512 1f7427472ca3f8a9abf06d761595fadca59b77ccea93477e6d71546a1385d654817cb356585dc05499ef87f61c504511399620852e95a46601f31fc6fa05f2d7

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll

MD5 956b145931bec84ebc422b5d1d333c49
SHA1 9264cc2ae8c856f84f1d0888f67aea01cdc3e056
SHA256 c726b443321a75311e22b53417556d60aa479bbd11deb2308f38b5ad6542d8d3
SHA512 fb9632e708cdae81f4b8c0e39fed2309ef810ca3e7e1045cf51e358d7fdb5f77d4888e95bdd627bfa525a8014f4bd6e1fbc74a7d50e6a91a970021bf1491c57c

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt

MD5 aef4eca7ee01bb1a146751c4d0510d2d
SHA1 5cf2273da41147126e5e1eabd3182f19304eea25
SHA256 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f
SHA512 d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat

MD5 6dec583b32d35b10b33f9c22f84b42bc
SHA1 8691e274bae4520df69fc42a493d917f80807b1d
SHA256 fd60298f767f6c1c4c625154421f5796dac15e3c21f4f61f4d61246e734c7637
SHA512 c2c54adf928632608bc1528bc27d6a076c45dd666d503cd2f271dee59c112f9d8695357280d563cebf19cb89540ce1f0c92c043b6ae58621df8c03224a70f330

C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

MD5 1118d772df1e66491cd72e91c81fe5b3
SHA1 7a303f0bac9df32006a2ec9ddecc334ec038681b
SHA256 1081edc588ff5527c8e00d26338b214f100e5e9f4a212c5ec206f18f38f670e5
SHA512 72b8d02e55989e260e21015f7df9e5e2499f6b3a14af8cf2d0f2c149ee09362717762761631953eb6d0e50496fc0cd7cf224cf233e39333bc494643d4c055bfa

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 ee35a4fd80c5656794efb78e53e9dbe9
SHA1 34abd7fc8baf6d33bc658d0e6248187fee6541bc
SHA256 34e8bc66a71f4bf1c3d153c47eb24aca37010b27181a5b05f7e0eb6c66dafde9
SHA512 63c1c65e1c17d8328a872ba555c977816f63143750677fc0b43ad113e0903e09a39f8ea9d6041e577748c9c10aa72cf4c6e1d0978934cb2aa70c3bbde2b0145b

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 38c486d07992a9a20fbcad9a9f6fb118
SHA1 4d8d25dc6e060437692cc223ca501400ee97b1e1
SHA256 ed0fd5c77e267dece3c545a45b3da58ababd2c64ac8928a95c17d3b96323fb9b
SHA512 5bba7cb3dd7d5c3aeb48ec989672d82b19267e6afc98c87eb6ce111c970de6ea6d61978d63a1137cf30b33add3ffe4d219a038fe82b49a8058a3621d3105501a

C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json

MD5 4cb061c124f1ebd6d062bc396a6e63df
SHA1 f2fdf072c76b5654b43ca4529326ff0cc550a442
SHA256 bdec72ffa81cf841ecf472c241591722a71753ad43d5f3fa01c5cf999cc10926
SHA512 f76e0a5eede032a7e829a52ae87263a92121c22bedcc34c46a24994609f308368221621babfd7e578e8908070dbfc4286c545d3588a0fdd3803e996de2567c46

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 60aec775ac4ad0a7c8de95997e59d539
SHA1 2245ca8e88ae925089eb62d2593f1c94880686ba
SHA256 0959e176dd4a09dff0d329803c87428202721e83b77760e7e5994ec73328914e
SHA512 dd57799df9f50f80dabe6f812cf6e011ea560c3eedf23c9593c484679722004cda2af5c80336f83270cc9b664bdf2530d88ed31484fb802f8827103eb8ef3426

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 dcdb366acb03752667c221eb86aebf3d
SHA1 cb6bd62b1673a6b3f6a427cd93738668f85735b4
SHA256 204012a45f3fd618bb19bb5f27d9da1b8aa9bf00f7ae74ffe6c10805e51cc350
SHA512 005417d7236366b381e7f2d3a2af4b7302006b792a9f26271a04538f0d2316483017a5b3f3d9f9d6bdef71d3d6949b0c54749ca33fa9d6761e3cf4d4b9d3c236

C:\Windows\System32\drivers\mbamswissarmy.sys

MD5 4b2cc2d3ebf42659ea5e6e63584e1b76
SHA1 0042da8151f2e10a31ecceb60795eb428316e820
SHA256 3db4366ccb9d94062388000926c060e2524c7d3ee4b6b7c7cf06f909f747fc6c
SHA512 804d64d346b3dbb1ce3095a5d0fa7acc5da0bf832c458e557dac486559fe53144f15f08c444fea84a01471fd5981e68801a809b143c56b5b63e3e16de9db0d98

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 ac1fc815d0eea670ce5ddf8ce20b96eb
SHA1 9429df93b8f7d261a05ff15b93c112b0b43871cd
SHA256 31a4c2b103aec5e334341c65fbe01969b208021d1e300b3ea1a06aeae598e506
SHA512 21b04ee98dc28d354e2a31c582bc6d9e0beef59444958d4e73cbd275bb3aca1945cbab8236f872c9b1a81322e2d94b31bd89efe34f9abdbbbb9cf078e15c8d59

C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

MD5 070570b999f79c1daaa437a1c3e1dc65
SHA1 0bad720370467eaaa707b452a7dbcd9ace4a56e1
SHA256 a65bdc1d7bfe02b394a3164955ae18fea9f6c480dc2361cd5e6f16250d9198e6
SHA512 6c47954b5da7d961ee65d01ab40b0aa65715c8c9a06b9fe5d0155eb165c1f4890eb60c33b8f846904f1292ebdce557796d7d00a749abc555defd3365b750ca9a

C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json

MD5 f1f74a39522176214da1e7784f859f79
SHA1 7b24de81c06de7030de33d94fd16c54f79074cf7
SHA256 84ab431e388eb7af556ff983993588bd41c7b31dc2733e7622bfab1c6ef2d920
SHA512 ae1bf10c2706e2bc4eac5a2e786f68e07d9f0b8cf733e8b89586cf5d3bfc795d1d34114ccdd99f6e140d29bec576b002bda3d5cf242b11cb3919a06980a0dbb5

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 a60287c86e5ec9193acfae05f026adfd
SHA1 3c47f47df9a510144b4ef4db25a0fcacd17c3710
SHA256 d9c7b4e6cb106797b7655c1fb75b3a5ee3bdd6791d4963a7f65e0c17d4c185a3
SHA512 51700833e5915308d8ebf7ca4d6201f4e35007dc8f1ad59075718abed45d01f6fa651ac211938feb03892f3c0951334935655c21bfb5308da8c97d678678a9c6

C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json

MD5 cee5d5df36bed2d3ab8c451f8d2e4750
SHA1 c823325c5665856a472048fa132113a81eaea562
SHA256 4af39f71cc788d6a3dba46b0f7fefac8d5a1543dcb650d60d002d4498720c984
SHA512 c804100ab382199994a172d2d0c5185c8ddf5fafbcecf2f13f98f8aac2ac5096a8cd73e48ce80502118ac1f4630dc8cf777c27110a971a30527e7c905624b8c8

C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json

MD5 a301b21ae3c069ab934a7d28c719c02e
SHA1 656d5e99e6c219da98138b26b30311a897e406b6
SHA256 f074bc8e5061a9d9f49b25751d5ceff6af2a41994a74378d7eac9980fd83e3d5
SHA512 63072644f28ae9e040b3b3c0ba37162c64752a14b3f4bd1fe2c4f104ffe636ad5a771b3d16e85aebe562aacb777adb2426dd54bfe067d73ce1b0d33db3febdae

C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json

MD5 50071755723a21cd37f3177ae411c0e3
SHA1 0230312e77a6fe036b34270437487e836fed0a25
SHA256 ca8362ac9a4a8fa6e655af2e42e9b19c77371c17de8e0df220ab37d261d0cfb7
SHA512 ac45c938740146f0d8f99d79c67569fde952c205103425ca3368312fd081295e641e75f91efa5c278f8078af58e44143e285e804c0bc8d7d2e9f9c0b39be4a86

C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json

MD5 8352d8c73e2f5ffd56fff7cbfc364583
SHA1 da9b2ca5688e0f7b5ea5bf88765ae96c045f3166
SHA256 adba87dc5da5091c666d6d38dee51aa36aba8d860baeb4e21d9c5be64c9622aa
SHA512 69da42e54d709312c059466dc6d5bc0751d7fa9561ca3bb3cf51936b014c805ff5a60eeba54dd6f34b10681072210b9d6f31fed9fabef4fce01cd8c2a8ec9b93

C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json

MD5 39a000f7b0309f9a42aab711a0fae883
SHA1 90d8c808016fe8b138dd6fcf55e252ea63c9aa69
SHA256 e3e07fe1fd1c1e347514111e81e6ce281346d7488a71392a2ae919c6e5dcfe13
SHA512 9f60a27a837ee2dfe0e8f8b5c19d1c13a3f98e46e2b2833d48cfef9a9283adc9c7e34f147f646e80bbd7393284b265ea6d5617a492cb688ec01a015474d5da23

C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json

MD5 549a9e323731d1a620d1bcd9450c919e
SHA1 b2d9982a3b69bae75209578c9bd1a06aa89c446b
SHA256 d459146b2f57d50b898276749d037da07bafe56ea020d0e62b7e6c4066fa06e4
SHA512 08a65420ec8930961af05a8b93b815f5c316337a70f720787d6b5f61e666cf1e9a89d6b30b41dde8e8e33accdb520c95474a60765151ac227c2534ce2d4333a9

C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json

MD5 31ad8f6faee605b58e6b571fd598ac45
SHA1 128ce408b6ed95293cc307c74b55f26818b8acac
SHA256 71ebd34913c5228f3542b589d8dcf856810425fc9c4dc36f9b6b2aca1f5ff21f
SHA512 a24b8ecb94a2edf5931e26663a6d0e042755de9583efdd79ae6f14e0f700cc581165dda15c553f0b2111c0b5c73d07fffc039a34e89ce2ecd79b5bb72d5c8842

C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json

MD5 740b5ae807c40967e29e4b5f32f34491
SHA1 5f829fe68fe25a94967727192e8a2704e111a74e
SHA256 167573158581e861f2fe86ee55f7708997291d8303ed17c9b4c3a36a1ab4cd9a
SHA512 be35bdd67a9f44d7cba252a3695bcb87f1416e1b8d91e9ce17f0d46208c038af0a20d3c31db692890e5fec63fd3403290217988ba1c3515003035b2552a302a2

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 8fe371a707c4ef3a048b9ab01d8f96ec
SHA1 84bd4d3152247bb25baf6e030d0127520fa0a00b
SHA256 1e736790782c0ce0475608cf8bf3c30eeec3a73cc54e4507a16ca4b1d208b1fa
SHA512 81f05dcfa3ccf2f00d38488ffc67bd590b226fe9371128f30c6dc3cfb7b2e2407e7d734512d62d1adc10c08f99ada8b744bcaece9ace3918db2d44d79f59ada0

C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json

MD5 cefa4e054aaaf6afab4e7eee00d3b3d9
SHA1 182cf790bcc6f5516e8f551134f0d0c7e4e2f97c
SHA256 8f0258c2ff2fdb2b7f34b9162e45ce482e4fba74b084cfdc6da6266721ede95e
SHA512 7d43d12ea98da9a52115c6478e66fdb524c8c7b76a8a7241d2a63c893b6d354e35c33ca7005b77a3e6a3c46322f7066be9cb0c1005f1c4e8782d496770ce345b

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 152df61d48f70f31d9cd6e8f78342e25
SHA1 7aff8c6b5d9a23f906d14dc54effd4882a23f828
SHA256 96521a706787d0efe8cdbcc55062128cc9a2b3a3a1cd931ff575f0bfbad18589
SHA512 e49d54b2bc9e84cb6ec769f7fa71cfa5fffbae1070da2c70f9c1f4fc5c4bdaadb96351b88e30ae9b590736dc678a01d01c7f51b142f0a335ca4a959dafced368

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

MD5 9db749b1ea5c66441474a5ec9d61d091
SHA1 bb88283ef174ca612accd41d373f8cc9794225df
SHA256 f35ff0b875e6bc92acde0aa6e954f49b105bbe6bf8d10b5cf3fc9951290e5aea
SHA512 5d22a1ab766741ae6f6aa3a6c8e260b1d2344ce3db66f466677c137ed6cdc161a96257595cbb9943dae7356b09ead711d77861e365bba6dba342a6a57f58f1b9

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 85a93a3c6c803a60b5b04041f7053d5b
SHA1 67e6758ad39e18109fdb624eb62eedeb5d708fff
SHA256 44778c5b58b8864f2d9429a1fb9b7516bb59b562503d23e3b67d6c66e84698ce
SHA512 3423632ed1e41face53b55e39da0cb387f76b2f541256511c699c95ea695ca90909e0f13bd80daa037d8c3403e15ef8202896de80c6bc1c3118ee35b57072225

C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe

MD5 d289d84c0406750cef937bdcdbd32740
SHA1 89a8a040a62bc0d2c2809177773f6a10bb83fae9
SHA256 e21d1060a4a2ad8d0cc781d0ec252b497d96915b648fbc9d1ab46ab750c8d00d
SHA512 c8abdac9756ba299ecd3285a134219ccc222acc9f005a71eae85fd815a93b17b8857ac1e446a8122755e8702a39b76c13df962ba79f45855c752e3347311e09b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\images\passman.svg

MD5 8e8139c10d25c08a14e12743155b3ad3
SHA1 9a82c5e35be8627cfd04752244f25f645babf899
SHA256 aff48837d10f9910c4b31d78f451fe1aeb8ceee7f815dd276713b6fd714e358f
SHA512 343c05d3e1cd8f2c13e08fe06e75d40f17eb34dc69a8fae715b48a1c01fd85e5dbe22e68e213e7f81fa823785c07926ca478ecedc2ad2212d6e45d09e45987f6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\images\master-password.svg

MD5 3927482ffa72dbe0936f5941bda020ee
SHA1 287cb2a28fe25c694adea6e16af5f85b1198d9e4
SHA256 a98b3b44346adf4c2f943fd2494f31cc0b9ade91c7576040826b98d5834652ef
SHA512 68bfcada6f46b243f212ee68816dd76a97fc859bfc42f9b09ae4bb79ac9413b83132ce95e171fbae074879cf20855c4b2102a0d7966bfc34e30e643ddd8b7e20

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\promo_config.json

MD5 45b706f76509ff79df20417fa49c3394
SHA1 436c6df3aa1d7e03e7ffd741b95037f5cab601ec
SHA256 b69a56818b593a19c36955b4b034b7390f2ba4c767e3028aada9486c95c07c04
SHA512 f8af15304e7429971fb71c8982b3ec25aa35820e36b79e7adacb94f1bd39a919b50d9ef65d175b84dbff5cf1f98df9067b41bc81a180af58a68728cc254ccfa9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\_metadata\yandex\verified_contents.json

MD5 f36bbf1bbf7604eb8aaa377231ea911a
SHA1 741ee49a7fa822a2e6dbe7cc667d6a376054532e
SHA256 b5165ca6b10ada34f571f075918895d7afbda6476300bc7f4f917fb32fa715c6
SHA512 0524366a2e598ee291dba05716bf59dbc4166a452a47b2cfca8672d30a3184a14b0aa9b10c319d1bf46aa204ab5dacda9365a29f74acee3d00d06c28683ee6dd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_990869364\manifest.json

MD5 39bf038c38380deaaad6a9b8c8d67b08
SHA1 8f5916e53be27a1d3239c69a3ff22b5425ae354e
SHA256 d755ccd850b4ebd9c3ca0ff82e61eb036943dea91319914f7cadcd9b766e8305
SHA512 0e5095017386d4f4b4122a23bc80636966da1ef2bec86cbe7d5ecaf995a97276cf0e7edfafd09c80721b17c713d9365c7cf826a8ba4c2e6244c922ab32abd603

C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json

MD5 56945c5d74c2c06a3f18f501380e10f4
SHA1 687607964ddea4bc8146701283e2f81f3a8075a9
SHA256 2274b49c5583ac9f498206edebc94d1fe5bc1c0c99f86f33cfae4b767de8bcfa
SHA512 ea521b3b4c51b8ceb165468361065cb8588068cda528c60d858e0e14b174bab9be9fceee0a1d51785ed7ea5847833374f12cc7019015c866fff7048ce67b475d

C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json

MD5 94445125eaa50ae6f262ef250d9b9861
SHA1 c57606a07b7adf75ec99f8348853cb5e488f9c65
SHA256 6a455eacb9d4af03baa2f43de4c4e3df62bba177391b43435e6acb92db25c88b
SHA512 5ba2c795ecbc120867ca9072182eed3807aa14ccd20a46911049b6f6cb621d57bc6b22927389deb5885ea39c35f896ab6a1576de2a18e58575217c3990aa1537

memory/4448-8012-0x0000000000090000-0x00000000016B7000-memory.dmp

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1403988593\2020_2_1.json

MD5 3ea541491b8e412fd6e7be3058f3e651
SHA1 1c1f6e440c0bcbf4dcebfba9d5881f1fe957f1d3
SHA256 b3a705dad69a19e25c633530a83787223ada6066ef2ed1708b15dafbb643fb4c
SHA512 eac95b21209118d989e90894660dab64a1e840f3e0735627062843c8989337fe485845ff3f3ed3718138b6d63793cb4dabbbf169e1f288b3c21f1c7651ca99cd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1403988593\manifest.json

MD5 e81b9b90daf8f265537e800b50933ba6
SHA1 367cf60b4766851fd92b4cd4b6ccbfd02d3ab2c0
SHA256 4b884808ffdac54221f6802cebbe00878939daa1ef59d697284a9fc08550b214
SHA512 24520c09085694c624bbad81121b6420fc1fe0ac0e349cbe3e5650250c0387cf6c2450e48c97885f753acdda00268946397a4ec3103e95641008c7283b2f4a6b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\YandexOfflineSpellchecker\21.3.10.0\offline_spellchecker_model.arch

MD5 74dc47e56e74d947fd0248cfb7fa2d0b
SHA1 f7b0998560465e423ee1e99113609c602fe4c9cb
SHA256 0b6ab7a17ae5faa8fbffb11938c634e7e4f0a9d79835d227a9b4d8f26f606f5f
SHA512 3b1e4184119bcc80e0058a01dfe290c7f22d7d2731f954feba23ff7a8b7c885ad139d626f8bd9032ad08a203084043ba42d7586b3700dc5c87cba1991e8fbc5a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 70013ba1a5e3e55c1ad209d92fd5101a
SHA1 cdd63249f6c7251e11e09f269c5a016452c8d336
SHA256 c4d727c49765b13681283352327fb4f2f94dedde88ab9cdd8121a8e2308974e3
SHA512 ff3a02fcd07e1597c947bc952683381607f57f2a471070c5bfdc67831dc4b22e7a89a6084ee951a653b1032ac2921d189b172a609db3406aff6b773d84c22d5e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 b061f7ab980fa59438625ed34490845b
SHA1 499241e30d8faea38a9cab6f0d44c512e6bad33d
SHA256 f31a98935622db0377ecf131e4010429f35ff6ad561cca211dab962568565e62
SHA512 deb7af4c85f04b0a020d31d13a8dcf74176c7ddaf378d4d50f0489dc80d27fa48d085d502df5e919a29a0c401f31625bb8835ae65dea23bbe212ded7de80de4b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1121078399\manifest.json

MD5 b03bbe6f9c3847f82d7a2eabdd31d2fb
SHA1 3891a99295ed1fcf221a39ecfba9dbae5251460e
SHA256 8dd1393dead0426492156cc7284fe6f97a710132937d8d7d8570b0d4ec1b0bb4
SHA512 0b0b151c3ded7b4ddd1717a09db31d5f003d476efb6f66689f37e9f746784bc37f000fdfd6c3a9f3f9fc8e38a5f072bd73a97b36ac52cadd0889de825ae290ac

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_200342775\manifest.json

MD5 6c252d30449c846bbacb9f4dfaf91c0c
SHA1 47167aebd834f3d2e53df30932f7d1f8f71f7969
SHA256 c542497729c6b000ca836790767055d752db766c4d0a7e820010f37e1deec010
SHA512 8ada876da447e75fb638a71a3d305e040d1354631f13b8d75a58197c5dd61a71874775125143ba6c5d02e991ee61ab7076602c9684ff92a1dac7c62d083fca95

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\TLSGOSTCertificateRevocation\22.7.21.0\crl-set

MD5 5145c8911244791d70b3c5a20bd8263f
SHA1 17c8728784ac9fe7f898798d1706e697f38c06a2
SHA256 4053eb994c8b8d57e5cd4c84b5da498b2cb21b5f4edeb6eabea3c0e8fb35b789
SHA512 ee47e826496293dd102b3097c0ed065dbf8c9fa0e99f9a1245c7691511ab9c9332334746bc5e121d3a4abe818bade332bd39f9b18d6794762bd75f7c536e01e5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 ec0108accff40771fa739cf850fe4e43
SHA1 97c5747f09076fd1419264ce8758347043cf9c5b
SHA256 a7dc885a334cb6f7c1dd9a503b6513495a7165550ffb8ad24a34b880c6102c26
SHA512 bdfe87a1f7a9606c13cdfda1027dc78ecd1a0909a739d1ef06a77e3ac93e42de0972302220a1ef1251b0e6df0dd66a90a523ad3b95875835b12cdc45f4aa0cf6

memory/4448-8326-0x0000000000090000-0x00000000016B7000-memory.dmp

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_729750481\manifest.json

MD5 47b06636b47696b370927a257adb98aa
SHA1 f4a17f5393bb270b5f7346d54e1bf5a98274fafb
SHA256 85866d57538954514761f28ff3492b4fc59bbbcbc86743b212081dc8dd0510d4
SHA512 c604dcb74c5fd3e1c8792740afaba0006ceef76dae04e6315809a3da64b6b6c4c82f23026ec2ff6fd1267964552745b5d638adac076dad155e393ad916f8354b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\CertificateRevocation\8878\crl-set

MD5 c42992179c08834060766b641c160e8e
SHA1 f80040b8edd04b97c2927a17f62881b15ef54eb8
SHA256 7dc8a1550de57ef1011a26e24721101ba2decf79264d73fad557ec71abc82425
SHA512 5caad95f396bfa4870e620baeea581f1d0365345139d73b22be74a3e4a65532cf5976e9cf60cfce141b53eb1676fe34ad851cffe85543a3dbd755b61883c34b5

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 ab6f9e24b2c37d651cac40a0e9e8bdb1
SHA1 565f88043b41185f5fa0a77d365e317c2513fbd0
SHA256 ecbf55973beb18ed776569f627dbb7e6c395b686178fd14405d9d16b8895fb66
SHA512 3f8ab591279e5e32faa6b685c7ef46bde3c3868bcb259fd0c0290848f9a6098fbc30d9216f90bf404746eba25cb52e78b4d33982c7f101839a2948923a521af8

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 5cc987d43bfb052887612ca77228e61f
SHA1 0838a9a38dc2af2c9a40d924d84eeaf19ceddfc5
SHA256 c77718ee8e742e675b6d8a975be3d72719e44e56f9bc10f9c1537dba38130c46
SHA512 c45b357cc5082dd10f22e8360f409baa29a552169bf142a83bebd82d0e7a28f7c41c2d02910efa6db6a9e750b5bd1e3c1144c8d8e35645cac1077fc6f95be213

C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf

MD5 5a9717e1385703e8f06b27aa10a69e87
SHA1 84ee67a9167b5eb6560711b9871de98898ad07a5
SHA256 47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4
SHA512 dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44

C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys

MD5 2a0bea88ce233b8d841d56df26195e06
SHA1 889af4a1f2b77423d5557c8ba7980e5d25e74647
SHA256 6116b30ab6f4bf5f0e8eca78bc67890e7aacc6c74fbb4a15a93af44bb34f2636
SHA512 c3d2620e3e1c19b63bacd578cbe55d52242dd01fc3ba5a90d0d001f8cab105a123959f0b18a8e6e71b4dc97d7995e832c8cd2d3693d808c8a81c98499cc63fd2

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json.bak

MD5 6ee719207507850ea10431e25927b055
SHA1 3ef1d91e3f38013a38bba0cb779395cb438c7337
SHA256 99298be80faa6a0bfa48927bf19d3a4bd11a25eecc93bf312381efd44f5a4498
SHA512 4ccd61fe60e402b1e78595a5afe9dc72c4fcc0d2d35ad5b5fa3d1a1158ab935587bda43400521ecc899c7294ad5e07c1a97523a984f5166ecd6889998f20db8c

C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json

MD5 396dce0010860f628bf80cbe140af012
SHA1 5a4323fab655912368bea94cb04a7857f461cd0b
SHA256 929fe075aac609c525ea6b998abdf0eb69e296c0c2f846d0184dc43f9dc0c2c9
SHA512 df258ea7bda074ba01a66a057bf4966ca801219f3b0c81934672506662a4c72e96f5e08655cbd042de1468302ec297452b49d4cb37b20d37a04f8cf15144cb58

C:\Windows\System32\catroot2\dberr.txt

MD5 fa04b35d15f3da4ddfd25f13dbf28330
SHA1 bb43c3eaed102219ab633d3cef8c793ce004902f
SHA256 be4ed78c0faa7c94d997057e56919236ac8f64cc787ba68d68ef16ebe8eee976
SHA512 e6b3b8844b2411adf8b5a68866022283fb02c65804fb96bc2c4fefee437d543acddebf472c65c65f6797263d41075d933d8da592fcca0e7b816ebc007c20e4bf

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 f32ab2b27e9a7c7c6fc17fe9e86675e5
SHA1 9cc357b09d5775118c712a67527320c9bdc09090
SHA256 1c8ba92d631dbe235e850f40393d5497a20f9b40e686b439a029609c1e87e871
SHA512 9fbf18e86fba17fef521ec1c4955b456076dd760d1c26f39124dc496e7f31e174e1862427a51045b42ddeaaae4c43da774fd4a331201e0e05a47210edde9b73b

C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json

MD5 ec138ff737b7a1a56dadc6cc5800e08b
SHA1 22bf06abf54ef122ec3bdbbf0d16e55012486a88
SHA256 740580131681771bd009c1a27358800c2d893b7fa971d678456b3f501acb2be2
SHA512 2a4e93f8fdbb1ed7e1d207febe08bcee083e5c48681663a7000cceb8d521e926f86bec5af08f6f3b178610a0f7bd370030008dace8375fa8aec39d9f0f711ef0

C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log

MD5 c49e2b8ede87d2d0b2a71905acefeb10
SHA1 ab3a9e66be0f02c1b5455155efe5512b5a82a7ae
SHA256 1388a18e26f81be1d6a5e3b95ac2545d16805cff6948be6b0b299e0cca50b635
SHA512 16e158f15bca36fe53a921d214c509ca5cd2ce58c6eaf78d1bbf3c49d5f905337279e75e888c0bdc32440cef6202d6cb19401e427d15339630ce32beb2d4ffc2

C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf

MD5 358bb9bf66f2e514310dc22e4e3a4dc5
SHA1 87bfc1398e6756273eee909a0dfb4ef18b38d17c
SHA256 ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17
SHA512 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09

C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys

MD5 9c4bec17ba2add58348045dbc762ab67
SHA1 b00ed0ca3634a93a23f70e79bda67c945dc915b6
SHA256 9c3b11ba1d4e462d9470fa0b50a61fde9f00cf4adfafd8e8b19f1e8af369cdd6
SHA512 6aab0e3d3c189c18ea6540d1736b64a518958c62e1cb0a2874826f6cfd76e3a06fdbd28ae0b81e2fc8fc20601d00d804d86fe9887ab6919dd8090a696fb52b31

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 2c36e9d569b709dd3db63d51ce563ae2
SHA1 e94ace165ab3109657f82c151cdc793abb5aceec
SHA256 52182d0e056cea3d2626ea624ae112ec790d7f7365d392e8013b5c9a2d13433b
SHA512 12a7dd638a697038d114ae7a705db62e309f2a24e69ce9d5eed9be53161e5f8d79165536634c43ddb8284624e94a5fa830a07e12ec07f0c0d2e184a763109b84

C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat

MD5 cffd7ecf8765733aa7a2c36ca5f1eac0
SHA1 549b0974cf92676a7589466a3ee29e1dd45afa6d
SHA256 89c561a58d649d5f29fe1c576ca46245780369845df32045a64739b4056d8bb3
SHA512 47006f07c3270f358ce67c235739ebaa17b8fbd9a05da9f05a079322a003f8e6d704d3c5353e1a186df74b1bd6438526f6701a0c173563d676846c0f0f230be6

C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json

MD5 ec2a55b01c2b68d3f25672d0c2cb5fd2
SHA1 4b55537a2e5e682d9a01edf68b6bce9860053194
SHA256 cd6afd874431c2fb57e18b83324e2a9307f6c405a57710c0e34c2e89e7490729
SHA512 46943fb55b2ea3a4f612f92b2f5bd889069086de572900d9c2a894675166e016ec800ff1e029c867a927609bcfb3ffd828c808d3d14271cc578a5acb931b0172

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 11386db21c8be52b4da56c5bda871936
SHA1 9d2e551409845199bbe1334f84b33e06e55db784
SHA256 47dd1cfa073c55156cb9e60ee16126e48de9363a032c377eedb50b7fcb66287f
SHA512 7242b3b1e8083a36ccfde67652b5ace90b00339b13f2ee048bb750e37d10ba686c6006ed9bbd139b7db753850c65deb5f1a97ca09f507b226b17abdfd167c457

C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll

MD5 52c4aa7e428e86445b8e529ef93e8549
SHA1 72508ba29ff3becbbe9668e95efa8748ce69aa3f
SHA256 6050d13b465417dd38cc6e533f391781054d6d04533baed631c4ef4cea9c7f63
SHA512 f30c6902de6128afbaaed58b7d07e1a0a674f0650d02a1b98138892abcab0da36a08baa8ca0aba53f801f91323916e4076bda54d6c2dc44fdad8ab571b4575f7

C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json

MD5 f96eb647c0137e414e44a6f4e012e942
SHA1 a68a5fa899586642dc280329e5b2da09cd81e075
SHA256 87911b419e24bafc616852d530d83a89cb48af08d9560cf3e04140bc3faab9f5
SHA512 4ecb31a25c56334991959f5aaf67414fbd6fc018b3ba11ed721e2e858f5f77a4e4b094f5e5935931b44b8d53310fe4fae21301f1e7363734412025adb0079fb4

C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe

MD5 f32a21bb599377682a6ed7daf0230b2f
SHA1 82bf2720e64b24eaa63a009fc7592cc73c7cb823
SHA256 de9e116467266b0e7d0cd4fd318f41b841487a1fe125b437f211c801ac8cedfe
SHA512 54760cd4d0ee368b9729c48ee04c3655f8f61d8c9b1a2be74b5b6bbc3ffe6a71886dab023d1033e1d94f9ce8e499f326459590428ca29b6db0b75438f2d81fdc

C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

MD5 528789d223c66d837ec3a22c0c8eebac
SHA1 cb62f82c4fa1b06a699b27ee56fb499eba261a9e
SHA256 8e796ed13282ffb4f202819258f33662ced2f6b1fe0ffb85e44a5004b3caf88a
SHA512 5865db24f073b8258c495fa47e6ca79ae3ea092da837c99b7017ba034574619e3131c4bf807a228df52a347856ce5d0bc1f494ecbdd512df2f1f2e05b4ea0c1d

C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

MD5 9093319aae2a786850ed1478825c2a6a
SHA1 7207e892a8340feacb11137874d4bf6fa62d29b7
SHA256 5cab96528c5a325932d260869bafd7b598048b8aba8bd221da0cb6a6ae7a1a56
SHA512 6a90603a14a821fec4a7674d5cb4bea9432812b8f4abd2543a77c670b5e0324a55df7fd23b8ac2dea1169a1a814f864ce9c23200df055b9441f0cbc95ec9a1d2

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 74c0d7345d29c7e1ae8c109f2bf92193
SHA1 4cfed1a16dfd43bf92860e39a3ea1703da3a9a8e
SHA256 4ce04540b24bb6ef6f873024116fdc03b3833e14b59ff6c3e14be48a822100cf
SHA512 143b7dc83e92db45608ca69b5827af1c3c264fe390c70e4e51db15d2562eb749a9cf419e78ef852d3d381ec75ac13609a00b42c8ae0c331af057be831be8a3cb

C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

MD5 97aa82d90d4dcde02dffe6d6e01ec9b4
SHA1 b3abab7636986dc3b1bb53db96efb407035b941d
SHA256 c641f66a31e8746df210991fd09e965b4d2fc092112ee6fd93bb71928614540e
SHA512 c5c88ba8368479e0254bdd6854257248be1a00707c955f3dc81a5439400418164b83d45a544fcbb3d822daf7e6e4963c860aa6fd645402fcb9220c1f46124a9f

C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat

MD5 7ec33c052afd81a7eb453f3a4a581c15
SHA1 b1589c853cc11e3842e89bab21b3b6c746ecae29
SHA256 d2ff36638e2efbebf663186bbc59bb128ddfc1023bed2c20d4803495b410c6a8
SHA512 7b68f05947ee9b899b82283fc3bed115e2ac2ea1fd2ccc39c87dab2687321d247d25c4a2cf396063d7871957727ec85b40c45d373ac5a9edb181530fa4761526

C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json

MD5 a3969608e1939a70e79e0baa135c6788
SHA1 b2ecc7474e8ebb47efa0f10e569b6714c6a5f6f0
SHA256 6599104d413a220c858cdeffb986baf2c24a0c8bb1e037c3edbd0a043e56a436
SHA512 c80763c00a4a4aa92ec0bafdb1441a3b407ec98f3d791f6d556560ea0b1eaf562b8826cf2e2cdfe0a2c990b9874f21f1075cd113ecd4012f1d0ab2bf8c012c10

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 953ae979d7bf4b5ce130f291945f2b6e
SHA1 f68bde880aed6c9645cc2ca348283fcb3a39e12d
SHA256 04d354817446651620e3aabb5809982c66f1fdca6efdf9c617f9c8d86a89b4a1
SHA512 aae072a2526e49606b606515bf17d9bae19276a47ffcc64384c486fe5f501ab4b9b55b101b88f9cd5f02036d0bef3b024bd789918afc6ae892c3f2d63c50d492

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000038

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

MD5 ec75f22a8f3296ad66e141347fa31781
SHA1 ddfb4d9fdf9b42572cd9801f1517be199d9a3995
SHA256 1974ff320b861f171268b47dece12ef6e33268fc90a419572f437122b11367fb
SHA512 d3348c78b9380985874673c360a75d0e358a44f57e577762cf53404277cb7295a3ab464a3a2e76e016226556ccd83823d5d5b4d0125343d9935cd4a1b9490428

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003a

MD5 2280e0e4c8efa0f5fc1c10980425f5cf
SHA1 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23
SHA256 b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74
SHA512 b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003c

MD5 8e823d05ae750e75394aaae803f2ea10
SHA1 7bb90597040a4d589f6e6a34ab975ef191408176
SHA256 a03b9554c194d538b41f5937dc41d2c2aae2e195c29dfdf3dcf8cbb119838735
SHA512 3e9382c2bc83929884c50c10a88a1e610e6add7d9312bf6014aff9aec7a6ce2a7fed10b77aa6d3a1b1c7a701670832fd80ac28d12e0c740dfe85f8bbd690ea19

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003b

MD5 7565aae1b8065e71e02f074a5d40b541
SHA1 3d176290fa822fe8b93cde7b10dfff4923735867
SHA256 2d8353f13c1e7dce1c9edddb3e477c4b1d6f1549d6f08fc917238b9dba53cbdf
SHA512 4993e424df14bd6ee5086a568cc9d82186a70e5c1b593c1f8273c3008a8539ed137a0ea7a79d7880b8279f1684722b712f4ded005ef29e664ad66260ce0a2c73

C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC

MD5 5bfa51f3a417b98e7443eca90fc94703
SHA1 8c015d80b8a23f780bdd215dc842b0f5551f63bd
SHA256 bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128
SHA512 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

C:\Windows\System32\drivers\mbam.sys

MD5 113e213914c40631aedef185984c5629
SHA1 57bf886bfe1e4d765ea43e4c91709a5c4a9a024a
SHA256 d314cea3ba19c49342763fca6b64a33f12d730a8fa531ed9f7e75675035ba004
SHA512 76d7286963f28430d8a9bc3b59adf209b5fceb6a5248b7be54c60fff0b931ba2cf46a779f7e66008baa0853ad6ce55a4b9dd56e33574230d1e2588f7679630b8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 93593366ac288ae2c2bf7718089dda20
SHA1 41a1b940719af065d85eb484971e60eaaec70478
SHA256 c1b55fa5371dff5861de6d0f5c53746e987a8c82443dc9c22a725bbeaffe3a93
SHA512 711c1a7ec41dd4df3f58c83d2948e741cf8b91df5220a68e92ec500d540f3beec25ec43a3ba618bf6b59ce8eb60fb1dd7d62902e0df0b20eadee71f2096934fd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 cda48af44172ccebd1c9380cbe54fea6
SHA1 1d342938f5379361a148f5668242d3f83cd1628e
SHA256 814707571ac91a9e262ca5fc00af5c84f21b00b5c32cb621a1089dac07267963
SHA512 18741d0f912d7c08196c0ac1fe62ec7aa49b6254064296184e9d57dc673edf394e17d1b6a5f0ee12558421181cc086fc08059a8b1e84a80e52c04a0cb15cdae5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 89e1c825487cfb6db2bffdeb6d6eba5c
SHA1 d74c0c30db6a14e172b55fdde61e240db54b3cea
SHA256 a8e9d969107dbe6fecf66903aee1159f226bf2b75dfe9fdc708d0a2fe2c7a6a8
SHA512 256f8a2d3de9bff4ecbb8799503bdce26a21aafecc79ca44c6a7cf601e2e27ae3316b25b6522c814a043c094485a778a1c3686a0e845474e3c2b10bb36dc1257

C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll

MD5 3bc4d2bb173c005c678da34697c17d99
SHA1 2e07b4f3af7dc82d8f7a5fdc920578f6e908a0cf
SHA256 fbcfade08f8d2617b6e9f2e279f81ce3b5e1fc0cce5bcfd927cde1335114f6da
SHA512 36864cef0ba96899d1c9ce088ae931b10461f1360a21fe8791b61acbd6ff1b30786a0f6745eac6acbdcfbcd3f05347aa1aa05fdaaf9e36e8fd0da3768ae78a17

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 fa0469b071e6339cbd1a1c7555a4cd45
SHA1 2e00fb1a3553b6f751b1a1799d0a953805cf63c4
SHA256 479a43154c143d0dce1e75f3db738ab5e854f135ae5e94e579d0a5bb4d3520bb
SHA512 304a690fdaeaa1792ce327872b412fe81f511b5cc9ee1c730efa4995fc9e42dcb080dab268971a8273c92d75f6286af82ea98e260330cabb897e19ad8fef9efe

C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\expapply64.dll

MD5 76a6c5124f8e0472dd9d78e5b554715b
SHA1 88ab77c04430441874354508fd79636bb94d8719
SHA256 d23706f8f1c3fa18e909fe028d612d56df7cd4f9ad0c3a2b521cb58e49f3925d
SHA512 35189cc2bf342e9c6e33fd036f19667398ac53c5583c9614db77fb54aadf9ac0d4b96a3e5f41ec7e8e7f3fe745ae71490bdcf0638d7410b12121e7a4312fae9e

C:\ProgramData\Malwarebytes\MBAMService\lkg_db\version.dat

MD5 4c5f248e7de666e8e3c7cd147d397717
SHA1 9be8c25b654c93e178a3687c352069feffc7efa9
SHA256 7b66b5d4247f504645d87ae88a77501c89014b09c566595c367ac22877bf6b82
SHA512 31d32845a9cb21e0e79cd439495f56adbbe48718231886e81d95940ef0fd41818a4c4cc9b68e7e56d2073a140fdff290b57fbc287158d395b36a689577166b1f

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D20.tmp

MD5 699dd61122d91e80abdfcc396ce0ec10
SHA1 7b23a6562e78e1d4be2a16fc7044bdcea724855e
SHA256 f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1
SHA512 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 de954e1b5ce1ee84b3fc149ea2640371
SHA1 fbebe7fb38d8d6ef36b256a021060e5e77f5360b
SHA256 58f59626643a02dee3d42a89cba8e2ebbd86937b79d2b7c1abe0e8ea6680b036
SHA512 c6d13e86a66b3cd2a8cbe151fc1abd8e35135aadeee605ce0f4791e64601d0547eaa8c4be99da6190c47563d92c354b1ca03593d6b7d36c923d1c1e0aac2bbd0

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D28.tmp

MD5 a7b7470c347f84365ffe1b2072b4f95c
SHA1 57a96f6fb326ba65b7f7016242132b3f9464c7a3
SHA256 af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a
SHA512 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D31.tmp

MD5 804b9539f7be4ece92993dc95c8486f5
SHA1 ec3ca8f8d3cd2f68f676ad831f3f736d9c64895c
SHA256 76d0da51c2ed6ce4de34f0f703af564cbefd54766572a36b5a45494a88479e0b
SHA512 146c3b2a0416ac19b29a281e3fc3a9c4c5d6bdfc45444c2619f8f91beb0bdd615b26d5bd73f0537a4158f81b5eb3b9b4605b3e2000425f38eeeb94aa8b1a49f2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\gpu_configs_overrides\097888c7-3994-4e81-9ec7-e87338f1bb2f.tmp

MD5 3eb37ca928adc5adeec3eb4e0430c656
SHA1 32cbc61b2546a921ea788f9ef3e7c57cfbeac07c
SHA256 63a87d252d41adfd73e94dd41c859249f1c3992853d977a82da87f505b75a4ac
SHA512 af656685f5840d7d2b4ba6fd95a785e93b9a9b158ee064214f24e7658bb3c06748ced10d37e4cde648a44654a641d631e36668fd67f9998091e6aa93f7b74b64

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D32.tmp

MD5 3b337c2d41069b0a1e43e30f891c3813
SHA1 ebee2827b5cb153cbbb51c9718da1549fa80fc5c
SHA256 c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7
SHA512 fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D42.tmp

MD5 b5d0f85e7c820db76ef2f4535552f03c
SHA1 91eff42f542175a41549bc966e9b249b65743951
SHA256 3d6d6e7a6f4729a7a416165beabda8a281afff082ebb538df29e8f03e1a4741c
SHA512 5246ebeaf84a0486ff5adb2083f60465fc68393d50af05d17f704d08229ce948860018cbe880c40d5700154c3e61fc735c451044f85e03d78568d60de80752f7

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 10db37bb6c4ac1e14c594d466aaf00aa
SHA1 054e0fd2ea4e78750ac51bb7d61fa4dbaa1cdf44
SHA256 c00d22255f49f0e5033c47f6dedd6a0a5c175d992f87b18bbaaf4dd814717de4
SHA512 c11af6d3512a6363e3ee759d049623b3560d9ca4a1d0a9454a55e376985fd3181903711e8f1c594ebd3cec754382fac6029d6802b5a35ccaa9597a2e3c79778c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 6ab98778b28de3f4b9dbd8c6200051be
SHA1 e919e404c73e973ea8ff80c3ac3a165e70df026d
SHA256 a7c5e9f590df26cc16b9274ea91d60621bce8d8c25c299e5d13d5c1d670990bb
SHA512 b46cd4f7ac528a78eddf51306477c6d27cd89b0bb08ebb182a79fdbfd55e36faefc347ee7c63eebfc04e171a9d1fdba204b7b576170806408db70f4bab56200f

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D78.tmp

MD5 607039b9e741f29a5996d255ae7ea39f
SHA1 9ea6ef007bee59e05dd9dd994da2a56a8675a021
SHA256 be81804da3077e93880b506e3f3061403ce6bf9ce50b9c0fcc63bb50b4352369
SHA512 0766c98228f6ccc907674e3b9cebe64eee234138b8d3f00848433388ad609fa38d17a961227e683e92241b163aa30cf06708a458f2bc4d3704d5aa7a7182ca50

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 b1d736a78e9f725ccf043eec6d509692
SHA1 b7a3619642aa2bdf5f9602adddd310878a072763
SHA256 59860cc73d33f569dc053d40f0a679d66de7894d829e8d81d649723459e0efeb
SHA512 67a0873298dcf08d87a89fae052b076bd93be194e9b9580c3b5c67aa185c19cbf99438cfc11630dcc90e53b2cc6eeb0532e60102260e6c84b5c567432fecfc2a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2c7f9035dcb4cb2946266e4a5e32435c
SHA1 d74a2a947c1d2703a7cd5047359ba765156b479d
SHA256 f31ac09bae0603463488ac4cb6541e96b89eedb1fc7c0bcd514073ce90b7f682
SHA512 8ffedb208851b51aa7212c82cebdcc228eaf4cd263e3c539a32046dabd157b8a280a48e4c9fbec9ffe4d947421367ce41833ac4633833fb0936095c0347d8faa

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 1036cdb132ba4cb3be08300e2a590fe5
SHA1 b9a7b101af6eadff1234282623cb7e15d94ecfea
SHA256 6912b60ea4e2c230606208213adfa34ce2a7ff5e077afe56dfca27efe3c83ead
SHA512 7ce9343de4cd9821e3a88b7cbcae3b6c5f97f419a9cb07d5909d7a8903d9d45491f21012288ccdc71006367e8339a8458baa7a489ea281d48952f136211010e5

C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D8E.tmp

MD5 54dde63178e5f043852e1c1b5cde0c4b
SHA1 a4b6b1d4e265bd2b2693fbd9e75a2fc35078e9bd
SHA256 f95a10c990529409e7abbc9b9ca64e87728dd75008161537d58117cbc0e80f9d
SHA512 995d33b9a1b4d25cd183925031cffa7a64e0a1bcd3eb65ae9b7e65e87033cd790be48cd927e6fa56e7c5e7e70f524dccc665beddb51c004101e3d4d9d7874b45

C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

MD5 c10da8cb7cb1b8ba092ea8efc16fbe5f
SHA1 8c186dc61fb15c50592669e209095d0e07e0d1c1
SHA256 56044f175105fd5a24733a9e9a998e3b964381a1a74ad6b32ca1f26b57097182
SHA512 73ccbb6ea3b77a4069536403a9d41bcec7f0c3f86b504f9114421ec0b2719aac9f1bc8c1201776f7dd3c82d0f0eb1531121607c6d83e5e1d67afa2f38692eb8c

C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json

MD5 63a8ff139eed8ef4e1a78f48705a86d7
SHA1 1a180e12efd8c9a5aa56608a982b4f0ec95802f5
SHA256 10de788783293e5b3cf5065126bb105b4532417aa1d283d2666fd4022c511be4
SHA512 eca9b9f052c98024bda8723428d397ef9df390d172b73c64759e0ca99b67ff9f419bc539c671993134467a1e04fad95efb3eb03c46318600bb9ed3fbbe3b1737

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 6161e4e3eec9879825d4442ad1841b52
SHA1 d590f901982fb028ec66011c1484124f93363946
SHA256 d87a3100f7626e30e703af960cb5c92ac1e903f69073d3f515c864fd90931b3b
SHA512 c2f163e042d9b3b7ca43043f3c27e57a18b09065e11d22823239c48b516b1c9d52431d43674086e70d26a6fc2707cd39f1ecbf12538f617b49746aa2fbe8c01d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 27a81febf11ac9ade11e7cf282621852
SHA1 bc70d1ef15d504dee9734ea684ac1c5d6b9e2524
SHA256 f0f81ef30630c2c00732f96cfb156bb8952be6288b75a4fe5dbdef0cce0fcd6b
SHA512 00da22d032dbe51f6df96d415a7453b978df2b8b54f70f52e5f5efdd1c1b8489a0a8ae9a71717776bc335eb0bd1c7708767bc47e8f6793854233b3405fdfac35

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 6a9d79459591d674c88e4baf649d845c
SHA1 c290cee909b2a01ac769db9d601b47b2c777ac6e
SHA256 22d97ad84217b5830c7481da2296437bf70c85af3fb18dc627a45d2f3b42bb7c
SHA512 6f3d9c26f56eb460d647cf02f8acb86ee1a24d197322ac26c20fafe920f5b2741d7c044afd76ddcebb5b1392f0c01b710cce3f892e7a516129c6aca41ea25462

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 187bcf764f9d2f684dd2b5c8a441179b
SHA1 bbdaf1d88b9190576a453b9e030f013e1b67d8c1
SHA256 bdc7e7cb7973ab0b7c15331fa4a5decdde95ad2195d17a97939ae4f41aafa527
SHA512 92f796c0b43f9bbb9c00e0832aadc5525b942eeac5fadb29570f5f49b06c8b1ebcfe51367b320c7913aa0e9a104347647e7f93066afad56a1b2a45f3770e8ba8

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 ae7a2276eb912f2be447d0278b95045a
SHA1 b717682f5e9c6fd4268993515600381e2f5e29f7
SHA256 1d1b3a2e65ae9ea7f417a54caf055e66777295764d5ae35dd2f546b3d459814f
SHA512 fd9c997b7e85b468acced79a9c910c9b726c8323434cb4516f56767e52fd5d3a5ca34b64becb156909a96cd1983f82cbcce2de11aa3f19124fc5e3cd18d06309

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_177353798\manifest.json

MD5 72c9bf7fff57d09fd69597bec1020616
SHA1 98f2a30051a03945be3c1706cfea8c4807a19266
SHA256 8e79a67ed0a1885c2ae7aa4e102dbe944d86fb80bc7261683fe442022f11bbb7
SHA512 3a4b2a2fe361b6855e6608399e585d4c3b6de933bb2ef5fe1f077f43abe5c08fd8ee1cb7d8b6af238c36a6538f43d1ae64caa558df8d7d1186be7fc1062bcdcf

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 e0ba20916b1a114230a3765029e32381
SHA1 2796a3bb892c47467e3d7d52d14a7c6e0d92c31c
SHA256 b99440701c9d406c4eafc75ead2d132a3e90856a91a4c8b77aa3e8c2a1859a9d
SHA512 8736ad2d6f942590ab1de662a4c3499ba31df52544a04f37db28ac054688c2248ea05b2114391c3f26c682467e5b1a11d3808ea37e86ad7aeb8215377ea6f7ac

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 f12a6c6982547dc25e40f7489f4650d4
SHA1 7714a4a4e10f321412bc494ae2feeb5931ca2160
SHA256 40b23329ea599314ec3e8083212a9eb7f3722b1918179dea276ca4fd7082cd6a
SHA512 2b151e94ab9a1768c2d0cad070913fe4f8f0fd1495d67f28c19307984d4ed245d5a7200bbe37e7752e094bb4bf1ce8e2b677cc38575e669f42b88d8ca58bbd1e

C:\ProgramData\Malwarebytes\MBAMService\ScanResults\894d6df6-33f5-11ef-9272-6e89720fda0c.json

MD5 2627ecf780f8bc4a44bd6b4ce2891ba1
SHA1 6ffa5d5d2e1b9da17df72ccdf1623a21fda27e6e
SHA256 90fe0f93e1d6a3080daa7c4d96218214a5f643dbe83851ec31e96c72a21a90f3
SHA512 e2d95b654dbe8405a5ddcc4d76acbbeb4c2b86f687e763c00fcb62f11aa14c6689ce2b6f7507c1e1fe07773a94e3dfa7788aac2f41894f7436415691f5c72f35

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 67d5f1dfbbc4ee59dfde2567875cc2f2
SHA1 a9d4b1e995e06ebe7fc51d698af6d9619b566887
SHA256 8438dd9e9b5ed0dbb518fe3e5690e7d1eb3630a6c0542a66af0a1f71208c0d36
SHA512 9ed070f43cf74aad394b53edcc744384e41351321fdb11275753044a07272811771985c14b3cf29909a25f240f22f590e68163c5d111404a50befee22fd2bb5b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000071

MD5 081c4aa5292d279891a28a6520fdc047
SHA1 c3dbb6c15f3555487c7b327f4f62235ddb568b84
SHA256 12cc87773068d1cd7105463287447561740be1cf4caefd563d0664da1f5f995f
SHA512 9a78ec4c2709c9f1b7e12fd9105552b1b5a2b033507de0c876d9a55d31678e6b81cec20e01cf0a9e536b013cdb862816601a79ce0a2bb92cb860d267501c0b69

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 4fb71ebcbee57d03c27a4dd23ebec919
SHA1 b891b30b33591c4897ddb7493f7a004066f477a8
SHA256 50622eded19b185d355dc8118284009a1ec5c359533302ca72083f293daf595a
SHA512 c8f455c1ded2a11c265cf536445bc61e331c5180dd8829ef043363de34dc9f1897c6c410c7957698d3aa32447d4fed315c70b802e0f1e64c9fdfb1405b4e084d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 97e1deaed5f74288c5327c51e978f6f6
SHA1 d970ace5afc1b990265b615b802871d1c967e4a8
SHA256 3a765eaaa8328de50b4d96df145c701d09c2436afeeee745ff3c6d1f24efa661
SHA512 cf8ab4d6a0006b7deda3e3c75f6e38e935b9677b8ed533be7b6fce0012705a373d2208a271fb4b610fd6bc300169b41654c9c0fa4cc14e999c4f345bf81f43a3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6002b3.TMP

MD5 fd0d2264512c8b557abd40ef4d769501
SHA1 ffa6f71b7f3db178c0f452cb05e837f058f5e8a3
SHA256 00d685aef4701f4c8e108a64c11479a9d4ce3f4e22feee23488abba28d061c1b
SHA512 4bfc2e03687a00e470f28a1d574b8fbe953c29f4310b115e5988a90837a3d2ce5fe36a3e8eef769ba2964b881b41e5b244f32b3aa521b5ebe416d8953c05b9ac

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 4e5aa175d706845187f39ac79c75572f
SHA1 18c15b7d665207fa194238619d62a8a71867fd07
SHA256 3ce55a81993ceeb1411b4796866bbc5a180c53a26d8f2fb3416382cffdf7ca5d
SHA512 5c8fed5f3142117357aaa9ed4c60f0bd9d53042e98ece9d6002d5786855bae7e2de8fd0a4233e046fc11d4d5bfbd25ca210c340a0662cc336f7f30b4782dc2d3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 65606829d2310bd5c2046376b91e287c
SHA1 e0f96f078e50499ab8f9b53506557783ef70c466
SHA256 9319d2ac7f7ae653ea30925da0545919d257313c7a292910fe9506841d536ae1
SHA512 f3d7c20c7786792e3c99995be88105bbfffaa1f5e876ffbaa1cb9e8f5bb212d5c1728d659740deaac38bb0e38d023a82852c0cf0c84f6ad112e30402858c3c80

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 b9d7d4f042b80a955dbdc0af86e275d3
SHA1 3d976a4b638253a6750917773ba381eed570ea80
SHA256 997791ccc858650e045f58a51bb1f726d0b9b032fc653844ea33d6165ce59e6e
SHA512 8b2762f227c5d5477692f046cf8b645b52d4fe4710efdfd76c4a24bcae106b2db1ea90e8606674f6e9fbfc4e833138672ea00dacc000b285627a18cbd21b9618

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 619d4987b00b0460cf5fae7b97bdbf6e
SHA1 a4e04a7cf0b7bf7e0bc37fbda307f6334b34da7b
SHA256 62d3cddd819ad537ad499a74a074a8ceed0b8e8b000ccb082813df9d240054ea
SHA512 f9d4068c4a3bddf7ca11da8faa7ff6c2bada78ebdfaeb96572b9c1bca49310af9bdf4461df3cc12b10ae38b7dda52dae912a723ae19e8d73056a7d6fbe39bf01

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 83e0b8b157158916a2fdbe6a8933187d
SHA1 3580858299f81ed5b1974754c06fcdb251444673
SHA256 8ce73984fd93e26fa1f3ee7fb68bc3d92d6570a8d006fcc3bddd840b1336d185
SHA512 63d9ac23b649c83f38a25430db91435d72b738c3a00eb5287abffd8f9751095258ef0b1580adf033f04743cfb296b65a8e51a8e7082f124a90f117b953492734

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 52103898a725fdbafa3540836e7c9131
SHA1 613da2c4633776f6d69b04c3f2edcb8a161e36ee
SHA256 3f064147e9523c2c611b3705131b6cd33c51b4c09ee1958f9c8f561af76a1917
SHA512 b711aa53d993b559141349d10b5c066f9ac306328bfbd2335653599d76b0b77d0bc53d9d72fb8afc9eac19ea171d6f5a306f5087bef5044f896de3e53b04560f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e57b65a218e1b42d18c9859cc0d1853c
SHA1 ab509d1b0c07ddf559fe51372973f16c4e61f7c8
SHA256 d18b4a99cd30da5e9031db1735337834e4b775a13aaa2e2cedd10ca932a5254a
SHA512 90d490be8ca0d6811e87df6efe4588a6c958f1d62dc1a6dd3fba220ac3a82bf7ef388047ec968f7061a600bf54a39663a83d781f5ef5cbfa8323634e26ae5ea4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\694a568b-7bfd-499a-885e-e7d80cef22ab\index-dir\the-real-index

MD5 8cb844257d77c2599ab23b23fa849127
SHA1 64ac196815bd4876c1d513c1ee53429971208fbd
SHA256 c97389b4781e417607eb461150fac25dc34c95a7bf127183b36c00f4ff2f6c3c
SHA512 78045e36eb15c18f942e86b64c733218b0f70e9170dbc63e0cfe94a5a69370a6a27f42a64c22e44a3fdd9a1f101755a19d6cf91b91d92243e02fa18cc55fb125

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\694a568b-7bfd-499a-885e-e7d80cef22ab\index-dir\the-real-index~RFe60e301.TMP

MD5 71413218f203cdef611f784537cc0af8
SHA1 78098db85068b707e52ae9e379899f5878b4aab3
SHA256 5deab0e00b220957e4e1301507861004fa6d4d4795d27de80b442552270f8db8
SHA512 cfc24ffa7e3a847a3b643f1a1744b4a2666e5d18047b6aa25f616187ee7adff78acd027c828afa40e377f6b42f69a80cc1fbce279a291143f73424028c613ac9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\index.txt

MD5 68e93981915a34a8a1fec8372b991602
SHA1 2dbb54779226d7eea221029dc3ac6f9d858074cb
SHA256 1d13a5271c3a0321e97f2c552906847c3688200a0699d06c6732ccf55a887624
SHA512 a129bb39ffd864445b0b76f498d1658d6443e1a02453a7d13c23596732058c54e092be8c4f43561274b3a36829021bb67542e43ae71d3a1e45604f92e2d6af74

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\index.txt~RFe60e340.TMP

MD5 652380ce409e5437265367d2c1b8c852
SHA1 47809f5ea7035eea6ec8fd30bc3d26d3f3c8a49c
SHA256 6c3af1d846155c9a9efa28b444a0fbfeb4ee2a3c9cecfe5a85313a1ed0d233c1
SHA512 1dc1eedad178b5d53b7d4c6cfe7bfe5d022df95c5b67577b5831f996cfb21f14ecc76959bb85b58f9dc054d0a574e46138faffc6c448b9dd80c2bd3a3d723e91

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000081

MD5 df14665f460474a948ef6f3ca958f319
SHA1 78acca6b4ca9499ba20a2341060e9e62d1365a0c
SHA256 e1351a972cfc2b3cee94b36da7a2d25d94e86166685a084a7f8fc1f3e578270e
SHA512 8a6bbf19d0a305b4617604e34491fea97b0d5d88b6bc7ed635daa1fd7c580fe5aaa799eaa298c949bf4cb69d8d415c0e823b6128476008e527c130a26cf59cc2

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 97d40f2173f887a4febe8518961587eb
SHA1 08c71b1ac318c9b09e95368d19a8b5e5a2346d05
SHA256 30625a1ffdff558769320305b3ff35f727ce816ef00c2a96f8210d8603d62a46
SHA512 8b8ee1c1e4f368ff0440e81a6175fe1ea9bc9e52a666cda9ac8c46f4b7d73269277f3b068e3b41be4b331f6be0d379a081b69b7eb5ffd2ed2512123b8b21904a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 c7bc255c467ef359b90e1aca60e9e02d
SHA1 96bd843e65b43298983fcd30f40f9da5bc86120a
SHA256 fe2441c4c1e259ef95e54c4252a667684c8d31cab197698cdd002f76e4186925
SHA512 a22f277f27892621db4726ed9b062eda9c90ebdc3b3fd2c47701382318132bc488d05cd154b5fba9411299296fc1088615f26a412f3bbcab176b4ef09aa2f1e1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 774b055bed8870f5fc1a9b661ea36f4b
SHA1 f46a6e1b776a43afbc7e97fb3a618f49ae8cc49e
SHA256 9e7a6deec49735a983581e5745defc68de16c360c7660f78a5ab417ff41b18ef
SHA512 16314c2fcc8de8550ff18abfa0f6a4cd5ad7ce3159992dc114e1ac0b57c42ba7f472cb34eaa8c37ce8e4ae75746c67fd400362ed31f6d6f2d9f0879b0263ac72

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 8a865e444583947952e7c84ee545b06a
SHA1 9601d9d959377b0b8f95ff1fad8e9d280002ea13
SHA256 ad6446e2d04ba49f32b4520c1351d9af2a5986e577022c6f489d97a240d2b888
SHA512 3a44c1adc202d390329ddfb3e26744f9c913c16238d3d5404bbc566a10ec7cb979fb2097f845d40192acdf78281d211116528e4378838f4642b929dc32a03fcb

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms

MD5 5c7a41b221b1aa2e463cf7ec599a376c
SHA1 ee5ae6561f1dd76fbd8d31785628d3fab42f771a
SHA256 08a7a4c32c98465e15a1b8525f86ce787424e5c028a309f053937f602f05ca2d
SHA512 ba1b5b6c30887baf721d5581c35c65d234fad134662292984fc060498c530faeb2a81f51bca6c108caa29fdcae8b624e223fb9b5389a9ec61798b649c59b6cf0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms

MD5 aad375963af215cddfe62f9b235004d8
SHA1 5ab258f00481d3226f07df5244e9d9c02e3ba4ea
SHA256 1b075db1c88f3a2d371aa505e46118a2387fcf89cfa60e660f07e3c369e7ced4
SHA512 4bf441d8370724e978218822131768258e632329a6762d43a8b8e49e75a537ef424f257ef0f86928a59e3f703c7dfd923263a18f0a9aff33a737e6c76e850deb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 86c4ec6ae58876b42c90646c0c75036c
SHA1 e04dde40c75995aee4b618939b8a18ba9cf742c2
SHA256 843844e595196a0ddbd71d3c310d4e9d10d24c24f258dba8e094523b5a4fdc1f
SHA512 d69825890cef3bd0b5843df88b11c2a2dfb1179d394ada57a7a31895085fd4c9cf0efe2cba393439a185e8434ce0bf3e7725d99851f5a758634bbbe74a8983fd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 4108bb351aea663cb733a7dd3b121225
SHA1 aa3962bc2819def7ff312b20d872867465c76201
SHA256 8d057f06972d0f4c5fd7b4510593d6d4b0931e0b4eaa5d5fa937f43adaadf93b
SHA512 4dac8635b109f3dd6d15e58be809762f9113e8578053fe546cb5ce3416983deef349e58c7efef1b37e4c3507a018dc7e0996d187ff538ad3b395c9e5790e779d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 8ed457d78903a255e1be85c2c1b5e68c
SHA1 745f321fa087de4e430631cb4f7a7e3b0b214877
SHA256 df5675872faf9a674a17e0aa2d0ca6531f61c60ca8b9ae705255e76e645d63a4
SHA512 707eb0b79f2b9cc298c8c75164749fa95cd87ecf76c86205af636048cbc099d98c4962d3bfd55c536ba39f50e269521941e5a7ddd4eedc5d4bf37b550d23b281

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_597436417\manifest.json

MD5 5f8ddd9c965a31ca00e216b06120d1b3
SHA1 6e191c28d4d27704147b5b1af4710f4540e7d4b1
SHA256 e240a5ed41d122a9be044dc98070ca34791b0e7b44f216fc546fdea1789da58c
SHA512 05f6b64fc7d43247753a60ab74797024a9fe6c478cb5bda9f35daad716806ac52b9f6ea0f323afcaece4e02c915fdada35d72ac359335dac3ceea5e1239131c9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000072

MD5 4801be8e10d90b7f116bd5c0317aecad
SHA1 7aa7b575011fe38f6e33fbec98e8c92fb1b26957
SHA256 925fe993dba774b69b734410aad20f58a2c95eccaf7f0662abcc2e61530e105c
SHA512 069f2aa0e6957a0287753abe91df33b88e87d20879e8054a4896f19382fb3db0dad7676931e1571aa3697f466d01b139c22ec1cfacc12ed3598a14d3ec68e512

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 418d2e0aed75038cee257c676e7c3bc9
SHA1 d477f076c93d92a6660ae466f4ef220f4556e674
SHA256 47aab3c42f7e03fb0c71c899905ee1a8fe6984e341af15030c01f865072a6dc1
SHA512 f28d9c1d21ef661be94579b04a91febe89c8e3c826ff9de30835ca6f7843cbc949c8cf7d5d4ecf1f8e4dcfe846d30c0005e19a002e3479aba29d5e88f64b23ce

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 9526d6ddf8d390f57cc4bf4786c0f8d6
SHA1 c424469a6fe0fe351ad6fb09df7bd80386fbd202
SHA256 68a8f26511716e95accd97c2b86526a62e07e07829cd70ac3cf2882be3e69216
SHA512 d77910d1bd889e59e29c33cd832bdf46ad1722d2f54603159c2f5723906db5658bf905972946a5adfa3fc6b7d7cf2a44aa4aab6fb9512718aa7a3e370a7e762c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 bd8f24fe14149bac7c828535e227e54f
SHA1 cb3653b760c92a21f400f2d494e889525ff2b9e3
SHA256 9d98f5d40ddafb795712bec68e9e0b2163a7839e36ae65c6aeb1e08e9a85c115
SHA512 7663765650a52b96351ed12d1b29adcec58cdc12a85b7da94eb4d7b6ac789c906385aa57e821972995290cedf6273897b896000088e7ddbb11e2b88fd4b4eeb1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 3d957d212cf325f14213adda1c605dc0
SHA1 b5db4d834db00eba72acd35b73c995a44d9e763c
SHA256 0d73783a150f8b6c2a230a1376ab0e8ee0f7985684e8dd629aa0eae95533f8ba
SHA512 e7364c25a93962e1ad9940f4eee3588c3530a69386d968b2fce855a108227e1f01a25f914b0c43a681242109e4fd098fa01e6e5df337106e1390c9a70e64ab78

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 d490e3465e1708a052cc1501bab029ba
SHA1 fc6b4007092b84e3b53b876f5b278a06a06d4596
SHA256 0944210059ee39fb2a063625a89a30cf91be8f89ebede9680bf690090bbc6047
SHA512 9a3a3f6d5b3e9349421600d0860aaf3b84d7da2c1c75baf2dfd7a8267fd28f23bd0d219d662037605a9c8ec80dde70ab42f4e0f5407b2839d396e2624e9c90cb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\d0e8caaa10047fd8_0

MD5 248a88a4d1d6c0fa39528a5be77e288c
SHA1 f5d4accc4a33af426cb9798845b0e87871e52ad9
SHA256 181f0d9df443550d4d0947ec9cc8cf10a16e91d04af26fccf753b80d73569db4
SHA512 9340865d60407661ba10cc04ef11911527b68f4081281e86d0a3ac1050a2ca0b5a12b1188fdb732b62f4228bc5e1fcfd9362aad1dea5d995f0d753fc46f6504a

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\LOG

MD5 a31a0c66ab904d53b4d3efac7df95823
SHA1 b9ff3043bbdbc11e994489775e987e8a50093174
SHA256 6af97d271ef5d87396ec053a6e578150f3bef65708e2783d25b7a463f85c7e60
SHA512 c3a923162d72d317e2853a3f22839c0b4a1cb7a74dd07b50c1d3a10b16e4a14e337ed82b1960a8bf37bc270298b3e9302899bf3b0925e6797884c718db0ada83

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\7f994acb70d815c3_0

MD5 341dc0d5f687b950d97de7c08158c47d
SHA1 103499e2ef49939fa05f02b49c2fdc59f97a9c3b
SHA256 1cf60ab7899cb6ac3b12775766cb19f407c34cd26d65d89b821fef0eca88f7ef
SHA512 dec2b0e21d1fbfa997d83fc6a2dc9080b6917123bb06631885e40dbae7a7a58070ec1bba16a8ac0f794dc6b2b3e9c9f71c934bd43761c65f81183745be14432c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 9c75fb805b1c98687eaf07bd0f298cd9
SHA1 730dc9a2e22834b9bb11ede62466ef5588d49b50
SHA256 690444f79635c7f2013b9f3535a67296261d40a93b10a02dae8f8e35908e7e97
SHA512 24c0b1b546c868c779a7c228ced36e89129524e99ca6f7c00798cf83522e9baeee0ce9307de64679048dae8dc489ac815f31e0af4dc861b0b276f6ece6744960

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 40ecff6470a7336a6242e77e5a7f4a38
SHA1 6ed4a3d98129071d78dc76d4e02e27c5f3c0c386
SHA256 e068a590852057c9b85bf58ceab5f28adf5b898f4ffea586da371a0bebff6a65
SHA512 7e0841279c0a89ce3884a77902a13cf05f41c9871536ce056017adee3b5e62e8b750762e3967eacbc16bc7c4f594036466781f910539cdb0a632138df6056729

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 4e0a3fe4b83692f38c7c4a1e8c2514a0
SHA1 7b90da444fc02071ac44ac533086e24c61eb1ea1
SHA256 2852608dedbcc9ce47145b05798c301890237516b8a5140db0d5764ffda3bdcc
SHA512 878d67a9db9c8ae70e20d2cae73263266c8777adfad0be94f7921b3b1724f3c14bcb41b81803b0a692cc792cf08fd8ca32538dc9914c1293ee167336617eabc3

C:\Users\Admin\Downloads\Unconfirmed 779299.~

MD5 6c33b4937c5ed3f19f44cda1a9fe0bfc
SHA1 09ac5309b4d112d7cdb275572c28e3513748ad8c
SHA256 54336cd4f4608903b1f89a43ca88f65c2f209f4512a5201cebd2b38ddc855f24
SHA512 de2d46289164c77e7e5815d011164b48fe3e7394228a4ac2dd97b58a9ec68e306e7d18b18c45913fda9b80fed47607ea7600004e5fdffcda5b1362e71ad68056

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\e78d6f93-8ed1-4d4f-a42e-ab1a2faf9cec.tmp

MD5 94c60e6704b5dd11a139f2ffebde9135
SHA1 cd89f1cf9428a3eab554a3eb9ff6ca869e5bc368
SHA256 106bf123359d03963b1df1011fb8560aaf1c5e811de775dce1d8a53758a69102
SHA512 586bf326eae890379fcc7ad60e0a70384d069898aea46da32baf6bd60854df97b461019beaf17744ba3dfc0e70eb75970b977c30f035d296ae89763605d4ff6d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\65a9c93e-9291-4f8c-8d39-581087e282c1.tmp

MD5 dfeea73e421c76deb18d5ca0800dccf2
SHA1 0497eba0b24d0f4500faad5ae96dbebab9c64608
SHA256 8158dc0569972c10056f507cf9e72f4946600ce163c4c659a610480585cd4935
SHA512 23ddc9f28314d4cf3b05d88b9e0b6fd69f9804f5e9c3f7703258ff2c5786721061321379fde53e21048d3c7cce1ff71e2872d48dcc580d059397fa0692335630

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\2d597405-39d9-4b4c-95d1-76cb1d4b067f.tmp

MD5 1d55cfae27355963f91f998f1094f6bf
SHA1 aaeb1984f127187e192c0b2ff5e6c9ff608f4388
SHA256 0c5105877c4f67e97eef59faafc2bf687bdcbf600c8fe80901dda65f5b7daf57
SHA512 f71ab8017c94a07545733ad45dd2ca7eff899b2746edaf3bbab2c6e509329b5eb660bdeeca8c0bb779f2ea82e2fc883b1f8dbcb67472a00f030bc269c823e04b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 60f82bbb0344565fb4c46e17109f966c
SHA1 0d0764e836a06db3c3d99ae4a9d6122886855c06
SHA256 65f798f1b1f9897a0b799b442425f2fb5bcbf3a7ad8d27c93c22fe114599cce6
SHA512 aa81899c609672fdce8c40245c6b0eecf68f3bbf0880cb36d5716e9f5b300dc9bc6d617ce8ccfa154575a12a9117868bb2f8a52a236de0ca62332f49a6c02f8e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 87f6828cf4fba85716a514e1c7764310
SHA1 3b7d22e84303d7afe11a14bb1ff69c9650d7bcea
SHA256 0bad1ad8bf367833209d7829ca63b72f76aa47a0ee3c38d9433b71491a5a440f
SHA512 a2f2a72c362120ff3c5d4a41731233f3924a8c9804d90424ac1bf65a19b568c1c8d802d5a47415fec3b7d101b8b88ec6a1bf16627d78889f2ddfdb21c6c8e76f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 db5c107d6e47c55bf8d284307359f018
SHA1 198cf2287f6a5a61ea81012bdabf367696bb6ec1
SHA256 ea7e2d4f46d222da66373fe1f7d151034b26ed68a75fb5b1f1e2ec65e4ada9ea
SHA512 9e4d1ad608ed484249c5c57ee94cea89522115a93fe0a226da28d6fbba459f065803db71e6e1922c6dc9a19315ec4fee1a5d6ba9b9d26447baa2812df687f5b8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.4_13363905152363152

MD5 39d4a761d50ad514999eea1ff5bd9e5a
SHA1 c0be8d5cd3484aa9feae61bfa9dfa347a8ff8e70
SHA256 35152247ed880659da9648369ebaad0b67087b6c6a04e6b274bb42eb15275c0e
SHA512 e9012a91b75ec50978528e81c3b9819ad416f842e36998c15280b2b0f0e16f8659be678f28f165bf2283486755d853e29356846b38f1f7c44d87a6c68b77a177

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.5_13363905152363152

MD5 1d91014060766350430a35691aaa5bdd
SHA1 2721ad31dbb737ea14fe3735cc49a3c86d0e9de7
SHA256 cb4a469b64347de6b0ebb52db4f6e8cc81365cd9da695929400105320ec5aa68
SHA512 7083b70126eaf90ac63394a6da8857c116a629e1db37700e2d5f90ad24bcdb5b88c2fdfa43e8cae986c32c9d39c1b0d51ad3208abc88888543dfcbb1e8c049cc

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.8_13363905152494152

MD5 5346d6fcff33ae661fe74d8823af3ae6
SHA1 802da373279ca944a6b8c53f4ee9e0e3bdfa06ec
SHA256 ad121aeadcada100c977346d050b1abbc0c3cea3159d90868c79a9f9ca7f4b49
SHA512 f9f5f9f8697b12570d5f19e8aa9ff9d24c306de81ed4c3a300ab639830771b88833d39fc36a5d93167595cf00b81fdc99e9c51fe863449afb559796f43bddaad

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.4_13363905152495152

MD5 04987bf6f001583f2c35b4445514467e
SHA1 335bd88220817392e7770fc16acf0c79c75cf87a
SHA256 78f7f85fe47ad6d3c541d95409ed93dfbdadf5204905b8e292e8bdec8a00b968
SHA512 2e6a89f66531e6fe906228df8a698a11e0c4ed02f88a71977f9071109dcd93b0b0bd1799c28b388892b4c253227d91de58c8820c39c35cad7e499d1a5688e1f8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.5_13363905152495152

MD5 e62c99b9a9839fca11d98fb7b0f015c4
SHA1 50d215d1364a7a8362d55f11cc5c23f129203d78
SHA256 ecea89fd66b8487005ad9aa0d40c714b3d7148bbabe5683b4be43d9a312b1006
SHA512 ac91edd9410ec7fbad3516ad62457638d838618a228595c40c7343a932ccfb3a7de1ba7f0c6653ea42e943dfbbcbbaf795a08f3915cd54d3d0eaaff2fc8851d1

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.6_13363905152495152

MD5 c0ddecf6068358bb8a92211b0144b6d2
SHA1 e435a499f92e43f771f29b09e7babedd4a93b1af
SHA256 c5cb58a43aaff8065b3e1b9ace826046bcd891f74dace62d6466c9835cdd1d85
SHA512 7980a39e18201419468605384dbafe7d8c52e2dfa63407ad5cf2795d3a1347338af9d4efe0c9ea18aa5755e3a88e4eb5fd3256121152186ee21473fbd59eeb57

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 d1fd0ee9a32077370562187b9468c22f
SHA1 dee473d116cbd80cf1c88ffc718848fc46fb00ec
SHA256 572834fcdc67a8cf67d5fcf2cca4a8316263a51ca32dc08416d331aff8868578
SHA512 29ff4d612d606303d80a5e989e95d8da40ea9a56b3bb185787de3754911d17f955da39b4fff4de28895e9bafc5ae2ed6912501e63c196378ed0337d89cc62179

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 cdb09be2bffb7759d54d38d7a6e54e50
SHA1 cd12903844da0d242a1b1294c0af9f886a0bb437
SHA256 5199e4def8914fec473d8389b41d987795d392eeebc4a335bbc70f0be61ae104
SHA512 97c842cd6b970807e5034908d9991a77b84cdd8d082e9262ad14da7dae7f6437bde537610143a6fb27fec90dba3ccf93a8cc16f74ad654f6c03a06ff527c67d4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\000003.log

MD5 5b053de2d9246876050ce4d028a21eb0
SHA1 4c5ab4b5b3bf94093822d9d71230cc112dee2d61
SHA256 0fbf8692a20922788c89dd99cba8b6dba92a794784ae65303c6f52994871b020
SHA512 dc9dfcd051a0a323ca95f883836b366a5bba6fe046dde5c56d9d7439571b40d93d94681be3c67e932e28785fed2b4fdb4aeca39db7a4a314f9b641864f8108f1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms

MD5 c07e3a3b90d97698a5e91ee9800ca17b
SHA1 b89d1671747a70f7a5f4b78d2dc2bbd143adc0b9
SHA256 6a93e892daaaf6db3fe0fd628108400cd64d2cc0f3f55d2ba1fd5e8aa2417904
SHA512 7c0b28cc17b91f0b7683da0fa869a5bf25fea4462f02f827d8cc25d2365138be3fa1415b31acadc8a35812b444989dbe47df6d379e8f2ac6fc1e9ae3d7d15fe5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 7d23cbffa8a5c5bd38322f914754e063
SHA1 8fa08a43cca63d876abab9002aca8adc20bb8aea
SHA256 a2a4d73554ed3eb0338501ea317a412a1328f9a16f32323f2e3c69f9d5f2dfc2
SHA512 e43c33c5a7a5504c4dffc1db2ec664996690feb1763a82b56af0e15cb4d0a1c8e73f6845bbf93c8b6727bccff137829e0b62975800221383c3223e0dfd479e00

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 065539ee12a61a1c14a5917f4b63359b
SHA1 109b4df0ab915984af584159ad8e95d80e7c8c29
SHA256 53c731ad3ee64eea5bd5e2ef9e70c4b3c345176425f833f726d9daddc70e8181
SHA512 26aa0a84ec95f26b41f0f014d70e6c270890c664c172ebcf47cb876a55d8fbb225adb14b713ebcf5e22eaaca8b843d36a7ba21ee61b74c5db9594692c7ca4568

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\c2a6daa3-6e3b-41e1-9dac-6cdae66cdc66.tmp

MD5 e3ea374c893f17344300f4d97b7d3d67
SHA1 b76de9f3bcc4cfe9294a973ba59ebe7c44a2a6ee
SHA256 214e4b3a40eef1ee383f6d2f334bd18cde297de628065f56612bfb8ded603086
SHA512 0e955c69ee00b0c9a29ea71b19f16d9d6fbf12fba3a670a9fb5339f31d4563273166c632b9b435ae26da021bb773024528d6a005b38ee75281b34cb5b5d40676

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 6f159da927fc0b07b507a46aa9186e60
SHA1 4efaeb59eeed35d730ed1f03da2a905271cbc8e4
SHA256 0212b52f95772006d1e52be31f8ee5185558a5a09310a998b6763cdab2d22c4a
SHA512 d20d8a00bb119c1369f21a40e6c87923a7d297cd1d59152fa964ccf1881c80b235cba1ec7d660cbcc9d97f35e33516ec8505f4da03424c34bbfbfdfc8b6ab300

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\HostFeatures\24.5.20.0\HostFeatures.cfg

MD5 c08e46f24a09c3dfbd90bafec92ddd2d
SHA1 21d0a9ab95356c5e8fe00ec8f1bc18aac0593d24
SHA256 76c854822c8f86cc775868c7d5d437fae12d42965d02bd8ac8bf47ee8cb0a699
SHA512 6f72b2d4cb21779c7a4fbec386f24ccfd86e69aa4f3e771bd21e7322e3bd1f390953ff76c0f172476ff849f33282d577d8f6e8977579b09938f401b841c04150

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1539304296\manifest.json

MD5 90a2987146df8c0e2ca40290da874497
SHA1 fce65ab426306a4b88cce3ad325f9ae69ffbee98
SHA256 8be59dae3ff3c367bbbeaed115882296970e12dffb27dc429dabacc91958672e
SHA512 a982cf7ec1ae08e87fc3accfd838a0980aef979fe4d130cec3f410fb27c8ba257874e4d85b5f3f82ffeba315771d96b92a45c413629c0eb0e91157963c570109

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 b7098180b5171261d344b5af42d4f0e3
SHA1 ae0cd4dec2bc5d7db7509857abf7d1c170f88375
SHA256 4543d91796fcc59d45bebb3e6a8e962ac51219e01a8b2ebed7832c0284f52762
SHA512 2725e3190c73005cb3573d79d86f4e66ba3a2f81ecf65b621ce43cf119c7d36a8df9ad8ea17e079cd80a0cdb420e6ffbf34a3eee55e747c2b3f03f00ff4ab524

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 658c225025514432aac9c35b76f9f393
SHA1 bc3f6230da23c36614225d0ea951095d599f22da
SHA256 b5ee531a6e5ca1da5f378de6fa3df260e490a22044753f1ba302764141fc1c7a
SHA512 e7979624437f98415cfa2f8d8ec72405fcaa99554e4001203d11752f6674a4dece5a265c1b17cdb5562110129915580a3008262b28a418f8a2e0a7e34cc777c0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 6d406ee6373fd69bf62f9af494dc588a
SHA1 1a7f2f414eb30d82a98d6135859b90b7b0d202f0
SHA256 51a8af8c6e8a679fa9c445e873761d689f6f5fc247e2c8c46f83511636241eec
SHA512 165e4dda466829b375353e29dc7ad744d600e9240a45f4912aaf777913e98864d87096dba86b28c29760776f4cc55610836ee64daf60108b0fccc0d14bfe1e4c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 7514e3d01cc9d842bd40b3de80ffb010
SHA1 83371b9165b06c49105222b853a7e046a9a4dacd
SHA256 e55ea95cb730591dbc9550ab962de8e9391e88cd9a74a6ae032957800cb7e95d
SHA512 3cd238218395aee56258b8c254433081c9efe7d832b74d65017e7e4afef98374a019a04b83400683863cb59f6d99f185680d2b69043f1d2362cc7a7053b941cf

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms

MD5 520f4be3473e1a02903ebfb530381548
SHA1 0269f12498b1c0505db3f11aa53bff0d317339a4
SHA256 7b94c04a354ad0516fcf5a8c6cb8ac22d2e224c9e9f337a4e39872b3ccd0c10b
SHA512 f9e4d5a923e3e75f702c90d59da1005fae85cb08eda19c21ef62cb45450ebba6e9099e583fad0b98ca3d9312ee6b89222d84cd83cbb11fbf40ea6062bc4c8d3f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 ab837d856aa739cd11e84710a1e5315e
SHA1 5e8ec7ae49f30afd1aa94b839def0e0ebe55a52d
SHA256 cd903ee4cf3ffa821476ce04541c83c47d39100ef36ce449722598f4254c4234
SHA512 37b943259ff5ff414fcf85f45ff5596904d17342cc83a02b372586cfb6772c0de4f3a55a0c49639310ab4fdbf477eb2ccf8a45a80bdae580ca71c6cd0b38b3b3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 37087ed2a8e9f9d5b101e8cb584517c1
SHA1 d50a171c9347bf0078d9b88e56a5f71d5942b06e
SHA256 3ddbb4935000ac664c448a6f6e596334c9023c243a3ddfde85cb8e2acfb7e607
SHA512 0877e25d97e621ce5b62e643faf0e746cc0ebfdb3f52a16d8a95822f6ef2ed4c4f517329c92080121d0a68b672921ea2d2c0dc2a8cec95f939909a149ab8f53e

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9d40c6eb64ac74cf62b0b9d42e73e40b
SHA1 da87f8c9c720098a0197df1b54da4b4a0bce492c
SHA256 d2d6228c3a7a341388a33b7b2e897c0e14864ad3a22a1d1fece8e21b9cbd86d0
SHA512 2b74a9792ff648672c0e9241bee316913152211873346fcd04e48487598a6ec922218a5d23815cd41f8844929fcc06ab20353b4e0a252ce9942b5b0dc0fb7bb5

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 f22f81245c029897ea4416c53609fc68
SHA1 52f8c0514b5d8c612a0fa57fe1f91637669cfcbc
SHA256 dfee67daf4a1c58bd402431ab255bf4f8e5513296dcd5fcd7cba1c1d3c814d09
SHA512 4a7a44419a7e78f1bb96529d6c4ce264f19823f998a2750d39b6f9cc3b18ad1030bc3c7a1e1bddfe44682e4f47a821c7b95a7d0a31eea0c667a9dc57308203d0

C:\ProgramData\Malwarebytes\MBAMService\ScanResults\894d6df6-33f5-11ef-9272-6e89720fda0c.json

MD5 cfba84a7e44f3faa3a712338ec60c748
SHA1 0a02fd4c221a94183ca6dee8d35771e3aa7dd916
SHA256 30b0805afd1285d95cfa72c3c509829049c0bc6cb2bc0e7a37c7aa0120d86d7b
SHA512 d40ea0d8708d5a96e8ba1c511a234e9d2e0263efbbc8a0766217eff07477409d7f15cacee6be9e22b12476086b85ad3a4b91201b3a64dcfd659cda0942db272b

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 66464249b7502ea36a19b54fe665952e
SHA1 5a104e62b82a37ea7934738ae6a719c8a120a0b7
SHA256 26ad9014058ae571a14351ea09f424a49db4ed2e8cfb0e1c97660254afec097d
SHA512 07a84d3b65acfbeef55fb2db05e59f6c6cb6aaa6b5dbac148c055691bcf7bcbff395db14e3c9e52c805c796c432fec3eb728f6a6e2c7a0d6481f1dc18b87e9c7

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 e2d05f4ecba29211a7c0ed1d04d27ec7
SHA1 15fb5ee35b246413b1f243c6b28c655e6a1f7c80
SHA256 3890070367bff4f5578e98235214c4b06ee03efa3138f5af3cfc03fc79be2aae
SHA512 df6cc936467325429cdcc3650b241bc8eb688839facd0e0a314556de0a1dacfe254ec9b4b8015efd4965de6fdfabea6d6924601518fe69da30d1b8902e21ff70

C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json

MD5 b744a15d0f664c70bcfa1d92d0541e61
SHA1 ffef67ac8db0d07566733b5e13c7c0e05b45828c
SHA256 9280c2def7301efa21d5ebac34faa8edaad3ad20958cd6f79d575ad7d23e21c1
SHA512 53e74e506823946910a6f5e348a576a84dd466371ae2061ce71b3654f6254cd3f85d21304a149eadd1c487f616d429ea134db478471e24f5ae29b4011801322b

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 011d6d97f3fb1b2f050d128e0b20ce59
SHA1 d5cbaf22bc37c767bcb8ab343a3f26f3071d24cb
SHA256 698524832e77dd816472bb80902374d162504706f556310d78a3d12449bfdced
SHA512 f58b9e2a24872978a4a81ca2ce69f299c601a39c3400e44403e398cde8534810b5ea189a47789b95c9cbbfdcacbef8810b3d75d8afe5a59358f46d64ed52fb7d

C:\ProgramData\Malwarebytes\MBAMService\ScanResults\ddf3629c-33f6-11ef-b012-6e89720fda0c.json

MD5 ec303e4697a0f4799544bb31170d2ac4
SHA1 2f92c4ef2df87cf94dc6d430b2ee830a8ff1ad0e
SHA256 65a89acf2bb3684a6dada8b28146131ba8ddbae612076ef41d7ad362d428d7e8
SHA512 3fcbbbb3012f23caad795eabb938671ad84b1a770a20a3617479dd444330348c8aa1ac02fb9e8283be9205ae9aa24a2bcbfa1cf9e7f78b4c34724e3b51738a67

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 9d221beebba00c888eeb04a3a9dd330f
SHA1 11c906a26370397eea7593c777ebe9b21aa54e6c
SHA256 65c23fb12c39e010945b57969d85368cdb9c847b6126000502b3e9b48c029095
SHA512 2fd7eb48c382e15b26ce7e78d818557e717da9a859cd0e6d66c7514d5b044819b9fc595163ecdd635db2fbec12f003c037d101aa5ce075f4bf03cd14f3245f78

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_0000d0

MD5 151fb811968eaf8efb840908b89dc9d4
SHA1 7ec811009fd9b0e6d92d12d78b002275f2f1bee1
SHA256 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed
SHA512 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 9a76dc45d9b3681c781ee0c6c18adbab
SHA1 d6f6a6a5ecb1a816f42661e3c7c6301cb89b2f36
SHA256 194fb305756f92e06153ccb2985596e6c9cfe2823b00779ca5975639f152be7a
SHA512 0df734a593e441a12e212c5a0e2fdfeeabc80ee1d0fe3b642e82c903c9aa2ac256d62e6ce1349405739a5d8face076abfc3071c1f3dec254bbb7db16085fea9f

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5de318737d34cab1afd54fde35ef34ac
SHA1 987d6d5cc50f4080bc564aa16543513010252f87
SHA256 2adc863be133808ace7a4373e285f88f66b462190743f0477527dcbd92afbbde
SHA512 046f9da2a8f83000c940183edee2cf0076ab8600201e3054a8ea0b0b89eb5d3e5a012949f156ccba16d6b7ef358509f17b5199242e9112335e95ce9d2c224892

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 b41aa26ca58cab7455d4f1d6288e5d0a
SHA1 83989639a7c35404978dad5aa47bd5085dc92753
SHA256 4fc8a24273ebf3e25794cd5e3d1ca53735b238d3ad1331e058cdca5c187c8a7d
SHA512 e918f29e902ee9b56444bf04b24a4855ead63612c74114b674e8f0f642aa49850f3737409652bee3ebfe1de7d494aff9c340b61983f9f9c286b5318b2f5eb711

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 37fa2c63ae326e01dc2e7e6c1ac2badd
SHA1 48a2e08f46fd0989c0d0558dde51a1b2bb6a4bf4
SHA256 e41b1dc8bcd5268693fa7f50242d057250433ac4fdbf8ac06392cd33490f547a
SHA512 09fb78f6ce5c755d4453fd59657fe17f67dc951923e6af8295356436c8659b9dc0967b4cbf6c2534cf3af6e709d2812081db761dda4f2b92aaeda70c3f70a188

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.7_13363905453491151

MD5 dd5f0370ca0de734ecf8b799c8cbec79
SHA1 08a288fa5a8f669d4bdf0ef1a4734ca4782645de
SHA256 1f32f4c78048955e425a2223e3bc8a8e927eacbe859f3650913ac38d31664b6a
SHA512 a3674dcafe8eca15023b6e443c1d0e280a8a73d52e0eb4123b39ead527aa5199f03311cea733ec48b59cd48aeee60af520e27914a0a1ea802579c97a7de58be9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.8_13363905453409151

MD5 e5516abb736368cd806da87493dbfcc8
SHA1 86e254669be545f0a475fa9f0ddb918a04e8854d
SHA256 b5dcd0fbe39fcbfd36a5d197e07c97f2baa7cfd0a7e1f60583e7537940e0b5d3
SHA512 1d84008c5835a0d887a417a23e4a038fe890998e69195686c17c6a16588f29e53ed52dee224613671dc02012760c5239ed4130bb37e4fa5a5ed0629ffd559a9c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 29c404f252453e56b5884f9d712124d6
SHA1 c88a53ed6532f02d9854085fc9b1d4dec13f4172
SHA256 7d71f76b2aaf17ea7699caacc6fe5bedb21718fbae4c48e2964fbea1bf3b3cde
SHA512 9ea0807d2b3404ff612f38c5688e7c2ccba344b933fa015a36be17afe794a781646c49e217741c29bd465efbb65de80f9b2c9efba8b466e2a96a2ef3e0c4f637

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 f6784e2905a6c1d55bf58bb40ab22a22
SHA1 e6d6f139f34c40f7f1df427568268eb6e43998ac
SHA256 6641fadc8325863f66cd1b38474008237149e736cde7cc44876b27203f1c80a3
SHA512 ffb525cc396844101e3a4f48520d7d7a0875fb95e147b711946b566da9f7605a7f824bf265fe14ef4eafa220283550ed61718ee76308cb17d50988bb2b972514

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_822940501\manifest.json

MD5 63b6f1511a4ebc568a3ed95c7c16d313
SHA1 5106343c81af64fa4ab6fddce6becafaf06450ed
SHA256 f0e20ca0688e825d2a55ef03f43b81f07090d81206b81b402430449901b3486e
SHA512 302f348b6407bac650639f0d9748927cf2e2832202bc164e2dcef59320ff6e18e286ba5896c696def7c1367313d86c7d583db5a0b676a6e0cac4296702bff7eb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\client_model.bin

MD5 75b609b50d0bce489b22bfb9fd6db19b
SHA1 4be619d3e4d5b6eaef8c7f655600601bf2914183
SHA256 5c16b8a50e14c7216714aa2bc86799c269acdfe887e2f29e25d8c2c7fe236867
SHA512 61b393812bdcc494ce9f8b9557504a7de9d47dbe976022cd64b588bde472fb2b62402203be0fe672d50bafbbacff3b559b2d73e278410849971bb5bfadd5211b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\yandex_scorer.bin

MD5 1e774db10a3a3dea8719717872208b12
SHA1 8973e81c816134240e426b0f288bdc2f91e31eeb
SHA256 fd7cbbced5011e27ca5134c0bea242e283178e489cdd0e00f63deeed13409d14
SHA512 c2613daa851a215cce77c7d72811e2afdcd21d5892c9f87192b44bb30b02851755686e90ee033aecabb5c111b589d8480bf172fe77ed8209dedd3b8fe43346bf

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_902976373\manifest.json

MD5 4af2280f14c12e89f35d29f18dd17b9c
SHA1 165d1f7e3eaafa8a8be8e3bf55cc7727995d1dd8
SHA256 33bbfcc282de256684e76356fee33e67cecd17525019862301ab43fe5302ba47
SHA512 855af11397ba47e31217a77b8131b6ebe79e25dc1b540b1133b192d0464f980606c98c4086c06f442eedf6efecaf3c375eb136bb392a63a77c7e31b7e3a2623d

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Subresource Filter\Unindexed Rules\24.3.4.1\Filtering Rules

MD5 9bfebfaa983825e8c45d33198a991843
SHA1 d5ab5f77ae09d82d179c1b9e9ef677fb8b57a897
SHA256 c4fa39cca738be39593d42cf9d6d7e422de01040652868869ba132b7882b7a6e
SHA512 b5a6921da789026dd7fbab57c20dd7c76af8d04409b3b8b2417d1dabb6382be47a0f1333dae884680707af77671d03a4937e752735fa98dccf956fc08dc373f4

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_910834400\manifest.json

MD5 0d5e980744ecbfd72916e0d0ec70d83a
SHA1 2bdd16987cdc0953f12d5effbc09a12a53a70002
SHA256 2cc2b573d8f7a551f6836b550d7056a828eb1c631b089f76a167e8a29b98cf69
SHA512 8526d3ad7a08e33b1d5cb1484a119ea36199c22a7abc6cc949ff2462b09b3199b84ebcd1594af33514f0bf653d648eeef612f5f7111f939ae88e54018daf3f78

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\CustomRootPKIMetadata\24.6.20.0\ct_config.pb

MD5 f25ce071f4814b0048150f5f05c55f76
SHA1 ef75e68e24f2275b8989e012817a37373af7fba5
SHA256 e8a39806d73f9a7710bd2ae25e8414357be702067133a0a0d92fb22ed1131270
SHA512 16e4dfbf513fe4ef256c5bfad48398b7930c52c4bbf97f86b622d9b9f531b53372e748a6392424aa649b171f0a83b1b380c11cc64aa202c0a4c5d6d713689baf

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 4d95500a3a4c68c2341f15814321dd61
SHA1 2d370b676914d933915b26e075dd24e7cd5c64e4
SHA256 dcb7fa3abcb38b484634aa0dab57c77b929e16b41fba5cd73fa2ebaf7959300d
SHA512 4fd0c507f0b98f1fa26e77219b9e4cc9fd6b473e430705b1dee7cc82174d91de027aac0048fd5605c6a6cff06a0c4c50fe476d45570914ddf39458b45f7a970b

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 0b4397b4634bffe20e0ea01b16ae6ced
SHA1 3234bb09de021ca7d02a33ddc3d50727a27db9e5
SHA256 7a71254700446e817c3f9d03bba33cead929697009ea3e5c2897105f550f47fc
SHA512 cd42274256f6380fbd338702797e51886367740ddf92f717af5bb421f86b6597776dfcb0e3d09f5e0c5fbe2cb3ced8c24c5c8b751b13eae7bc80146cd8bdd7fe

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\visual_model.tflite

MD5 57cec4137b614c87cb4e24a3d003a3e0
SHA1 23eb4d3f4155395a74e9d534f97ff4c1908f5aac
SHA256 18f5384d58bcb1bba0bcd9e6a6781d1a6ac2cc280c330ecbab6cb7931b721552
SHA512 4921de1edb2ecc8ca3a22823705194b902cfa471675f2d1ae8bf67d0c7b060a7c192e36ffca9f1a0d90ac2dbbdaf429ee1ec97e160eb00dc80b07000935304f3

C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json

MD5 8246c0f6170acf8f166ddc07f3c9a476
SHA1 ea093112101c8b7d11a005c114387f267d6ca077
SHA256 61a3b428f5fa4ce5826386a350dbecdef936c109b11dee172877882936cb4c84
SHA512 eca593df3ffe6a732e9985cd94796d9d09b44f377458217ca26437c17191350102315a1e92ea2a85f2870a6a649f05ef44e912777bb0fa83b435ced982c1a248

C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json

MD5 af43267688bb04d43bcc74292b475706
SHA1 a72ddb905f57711d7fdbb423bfc9aaae2dd59356
SHA256 aef86b6608d3dc1073d21118bd730f6b25ae917da1fbdc38e5ffa9b02c7c9510
SHA512 af6f1813df11b9126e4dcf8da2e5c8c4b76a939c4d4caa8b833b6a06c897056dfa99adc265c33f551d6b2b7530331c9b10c6b5f1de4a042aee867459061ea931

C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json.bak

MD5 6d31d809c790779f872dea89635d18a5
SHA1 ba0066cadaa26349d179e35a0b61ab199ed37193
SHA256 db50016716ae77791b5bb08d1ffc11572e36526a8722523457c603a80b2e5b77
SHA512 26f6e93f3c13cf88cc4f58ce6807638126883090851ffa47d92ba6d00b6804c36280d538df0e2656c430ad46ff7965a3afe694edb409373a8c49ab5eedb1db1b

C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json

MD5 b3039983ecdd7b26be3694a0602e1a38
SHA1 bb6ca1e3cebfa4bc9c6167dd66a45bb1737ca9ff
SHA256 c1f1208ac22d7b2ca2bff940d5a73a4438d41a76fe73b7741fdcd42bb326d45c
SHA512 52490871b32b6901376b2334f9a4e027393d75f23716d3aff8827f9c455e97bac60360145945543db9623e523aaf59c59362e25481edf76e8e869381205e1fe7

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 46016ceb98aa52949bb37459dc5ad5bf
SHA1 faef592f1366dd0636a0726480a65a4da9b54903
SHA256 5b2e95bcc33364cb8f68111fa87fb06c6c0981907f6b69a4a5cfbbfc494a38a9
SHA512 4137e174bbc3fcf77bcad831b130bba5885578043cf06be22b19933a8b82d66c16eca19c1e1b22bbdbea5b6ee255b7b3ce778199fb7b2e07e04f05cfc662d2ba

C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json

MD5 28ec3fe20d4ed6bd58b3f67eae2456e8
SHA1 88d95a0f2bb95e3f8fad447f4d6bf725e0f41645
SHA256 9d391942a65c1b52bd992e17a083cdebf6d93a480865109f6ee900e948966b0e
SHA512 13410c5c1950779c710a0961d1ba79e69c7faae96c7d8d8f1d8eae33f2aec38a540ca3ade26b52238d202280546a8aeb88c89bbb1086c396cbd830c6fd148668

C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log

MD5 9af98d6a7b11744ac7ae7b8711d62da2
SHA1 b446af138fa1ad3a5b10b77f5b40502622d5c14e
SHA256 70a55f9919e687c6d0bfd7b48f664a32ed3ac43f77afa50b27bfb59d107c72cd
SHA512 1bcf4b383b0996cb2adaaaef77eb17d8f3b93c17f09d5a4d3e14c47563ec5f5620c78fdfc2eedcae8c6bc3318e72700fc84997c4cff201b2f3d5aa2d61dab523

C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json

MD5 75b749af0fc54e681269009a258a6aed
SHA1 903fab87ddf4092f36c1c2f9dcc60d68c3e57858
SHA256 ef4980590cfa360ee65161d1259a7abfa7029ec0339aba32c857583262b99692
SHA512 91522af36edc0373ca98497cb504156d2e7a65a406c3b6629d4ff9318abff7bbbabde285817a244397603e203029d00fdcc7eb9ca3b2e988fe82b5f690200ccd

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\c48ad14d-e8b7-458d-bc29-6ed04d6a3b80.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 be12bbe544e30fb84b06c379c3385ea2
SHA1 601d18a8fbcf71547c6cb57ad79c29f1bf20255f
SHA256 0f31e48bc513d383ae26df3f4b88f9785c5c7f5a4beef265b37426145b200237
SHA512 d9816a55d48e67bbc81af48bf9fc485d0561c21fd97e34034772e2b25dc0f6391e702a50b786d841c09a5c88ba988b4783efbbb95b6aadad78353a64c9d7eef9

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

MD5 6bb9629d6dd0593cbdb8b43e840d069b
SHA1 bae01e4fcacbc233fa613a684c2720c72f1a74b7
SHA256 91516d85342da640cca1c667eb0639f837faf2b952c1763a3e7052a97d00ac8b
SHA512 f035bf8a70837b6bb51d0d58b23d7f6a555ddcbef7dae85a7a5ed2a4df64a9271cf75765244e6faf44b20c989074f78a326ae7983b39e8a0dd90e63a4cfbfe6c

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

MD5 c99a58c044ab3933c3afe9fa3667085a
SHA1 50004094057e1e89e2baa5c02dd8d3768aae59d2
SHA256 97b0f389624d6feffa30e22987457b8af093bc821a781658968aaff67220e81a
SHA512 461ac9a93adc349141f214907de7185bc437c5e2edd9a20819348b784d50b6beed4606ae2ec82a53d0656b6cccc13611f617a4d47b97bd6da5ddc83ecd6176a0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

MD5 4ec2d728fba693b2ecd1357083ffe384
SHA1 ec64857a37c51669f5944eb0d433093a5f081721
SHA256 c3b40e60642ca557dbbd361d1462e429d8e3d9764f9b9b9a367497027a4d3dec
SHA512 2ef0efec9408e7d9fbe2392a4874f965b3125aaadb618ad2cb47e70a711e7863dd0fbd0b9c08c40027d72bdb4899c60a17eb1cea6060addf99277eb0c8659dbb

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

MD5 a1433b54765b180e9f52b27fd2b6c238
SHA1 c4005d775922643ebd9797609a6f9abbde0e046a
SHA256 f8df4ca0a3d0fcfb3c8414ac1fa0c936fb89db88e0193513e6310f9c4bb8892f
SHA512 5449b2d5a1d436b11ed6d5d5ca269ad2ba50920bc12aaf0bf5a57939ca973734187b0f7afc111580af98f6b510bfa01d19dea65bce14a57de3eff330e91746ee

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3564297ca1f139a837b9542d90503761
SHA1 a827c14770432b4244590c509b8b184489d07465
SHA256 8c8641c67a95231f0b28f57a862ef652553a5bf5c88e55e192781e2f12ceaafb
SHA512 5c2ef9c6fb602072d16ad03f5fe82a9d7f0a09a723730908c2f6a8673128ad58e7c938875adc9db405ee5655b6f19f13d91d42bebc29d322ae6ec10f52e820f8

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index

MD5 5ada5e4e0faf15a9d76fbc835bb3a12f
SHA1 e7b9f6e5af98ac4331e72635b1e4488a24fc4a75
SHA256 5487cbccab38bd35a74234e12bcd786b3dd52bc97de6b4ce6436c1a57c15eb91
SHA512 cfb50a7f8d3baabd790f38d9b429c71944eaf578f9bd5f2ff0973ca88efa2646f92fb36bd75feb6f31de20c724c267f10de5ad13c416d9cb01ea6e757d4306c0

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

MD5 379fed7c42bc3888e5ed9989a494f845
SHA1 71b526ddf836715e692981e227e066a02f180117
SHA256 ece253906f37863db843d04d955d91507cff5bca2952de03cdeaa0e7d7acf439
SHA512 f13c6510980229532ba39e200668b673751e0887e366c8ca2147e9dc9764652833e31927940a5f18d5c82cc76da20b341a302f910c29e8c18c84d8886a763da3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

MD5 89265fac4f1005fbfc16a314cb0e1f54
SHA1 b5a874f7ae61caaf2cdabcf4d69da4f979fae700
SHA256 d81d2766a5dc68c17db5adfd7c8d984695225447af328591923a9b9d18523c3b
SHA512 301047fddea1c616234d479e3731bf235eba1307598e02936519acde056395f9beacb2b20cc23d11e9ebbcef50ee352f75c27ed83a5b1abb13290227bb7262f6

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0

MD5 79a6c4f2795375583d50ccf771e07c02
SHA1 c3b9a72f700891657a8d34e8ffc25dff29eaf15c
SHA256 ef2238fbc22b7052219ec00674a68991c83d79cd73c597da531453056a56d314
SHA512 fadfa970a09e4d74ff8d21a6eff59af847c98e240d76bdf5a3fa49d3abc84bd2b5464ec10b926ce742a30aa858cdd2bd582a8258b9c738458c186c9b5a219ec3

C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1

MD5 9ed85cf3205388c17e0d642ec5e3586a
SHA1 12154ac011e8ca85fb0879ec830f739a4e0a5570
SHA256 0118a4490f09b0cff1d1df8e0e323674f1dd3f5ddf15574f51d2d426dee1b4b5
SHA512 f9601fbbf9a9f86e38ebcc0494f587ebef28e0b2d58ac0a6ae606df797a321d13333adfd9913e6798ff3132f18e47609e0b7201434bc560a359a39b259c6d68e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6880f29c8c5ca1ac5fd30473c45087b6
SHA1 b043c9ad3f55df32544eed8d4f416a981ebd8bec
SHA256 7bc5af68b6ade7a7ec98f3541202d80f02e11653450fdd5fb4867515ef60b741
SHA512 c75dd408f0dce6fd9f8b5ca5fffa2fadd435e7dd653f9b4965b2dcdf4636433f4602cc548ebd0325b1236c62297e8cbf300ac7ba7253ed3c87e97857fa2c7f7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dd0946b17d478191a8fbff6a1feb91bf
SHA1 3ab13351548d1b371b5f727296a84c52914cd86c
SHA256 70c01b67551b87250bb8003686266c0ba5819c70e421338df9fb37ebd401a149
SHA512 8f3aa6e9e1a1d000a2d3901fe5b13018de0296a4c86430371d2a70518d519547de110297c4bea67846dc130996aa2999c339701d351db7fadf1a39ab3fbad0c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 630fb1f67be3c17ad8f26b5faff827e6
SHA1 5c5dfbc28cda6e99169196f980d3d80237fde0b8
SHA256 1df00c90aeb7cee5157b2448af0705ff04a01ae5a9df6f2bcff3b427d8370b6d
SHA512 5f85fe06b37d0adff44de01001d68c16ffb116b057d53460b4fd8b741fc7e736fb8da4d56d64c029272656effdaaad9e4de701ccca6c3b88d9a07fa94a5d6419

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

MD5 f22a763723b3cabf4b67627699acdd5e
SHA1 c0685cb4416dbc09a32d9b3f3d785807eb53dee5
SHA256 b20b4d8808147486cce406dcad4a27153e6a9d6b0a6fc7aadae5db662ae893ab
SHA512 70ec6e06b446e4a0372ffcb4be9e8586764f51756cb156e367728c2528a395ce8cf0fefd04fb0f9cf8d26d6ec9766299771200320a06fbab4340a55fef5ee0e0