Malware Analysis Report

2024-10-19 11:22

Sample ID 240807-xv9bfasdpq
Target text.txt
SHA256 2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5
Tags
steam discovery motw persistence phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5

Threat Level: Likely malicious

The file text.txt was found to be: Likely malicious.

Malicious Activity Summary

steam discovery motw persistence phishing

Downloads MZ/PE file

Loads dropped DLL

Checks computer location settings

Executes dropped EXE

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Adds Run key to start application

Enumerates connected drives

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Drops file in System32 directory

Detected potential entity reuse from brand steam.

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Browser Information Discovery

System Location Discovery: System Language Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Task Scheduler COM API

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Opens file in notepad (likely ransom note)

Modifies data under HKEY_USERS

NTFS ADS

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-07 19:11

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-07 19:11

Reported

2024-08-07 19:26

Platform

win10-20240404-en

Max time kernel

860s

Max time network

856s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\text.txt

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX /rid=20240807191731.336240929765 /ver=fa.1091q" C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Users\Admin\PCAppStore\PcAppStore.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Detected potential entity reuse from brand steam.

phishing steam

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\symbols\exe\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\exe\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\dll\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\system32\symbols\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\system32\dll\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pt-PT.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityAnalyticsModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\Browsers\Compat.browser C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\fa.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-material C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TextCoreModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TimelineModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\v8_context_snapshot.bin C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\hu.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-sound.manifest C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.CoreModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.HotReloadModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\EvonyDebug.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.InputModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SpriteShapeModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star.manifest C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UI.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony.exe C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Resources\unity_builtin_extra C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\System.ServiceModel.Internals.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TextCoreModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TilemapModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityWebRequestAudioModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\v8_context_snapshot.bin C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\he.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\hi.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\symbols\dll\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TerrainPhysicsModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\sharedassets0.assets.resS C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.JSONSerializeModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\settings.map C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\libEGL.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pl.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\sw.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-animation C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.ClothModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.PerformanceReportingModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SharedInternalsModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\sharedassets0.assets C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\et.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pt-BR.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\ta.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\sharedassets0.assets C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SharedInternalsModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.StreamingModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\browscap.ini C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\icudtl.dat C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-loading.manifest C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\symbols\dll\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.ImageConversionModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.VRModule.dll C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityWebRequestTextureModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\am.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\it.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\tr.pak C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File opened for modification C:\Program Files\TopGames\Evony\Game\303514\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File created C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TerrainPhysicsModule.xml C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
File created C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\symbols\exe\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\symbols\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\win32u.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\exe\WindowsPlayer_Master_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\symbols\DLL\kernel32.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\dll\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\user32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\UxTheme.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\GameAssembly.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\mswsock.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\ws2_32.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\UnityPlayer_Win64_il2cpp_x64.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\combase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\ntdll.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\symbols\dll\kernelbase.pdb C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
File opened for modification C:\Windows\rpcrt4.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
File opened for modification C:\Windows\dll\dnsapi.pdb C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133675315428214394" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey \??\c:\windows\system32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "2" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\IconSize = "96" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Pictures" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000050000001800000030f125b7ef471a10a5f102608c9eebac0a000000a0000000b474dbf787420341afbaf1b13dcd75cf64000000a000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000e0859ff2f94f6810ab9108002b27b3d90500000058000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Mode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 14002e80d43aad2469a5304598e1ab02f9417aa80000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\PCAppStore\assets\images\css2?family=Inter:wght@400;500;600;700&family=Open+Sans:wght@400;600;700&family=Roboto:wght@400;500;700&display=swap C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files\TopGames\Evony\Game\303514\evony.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4696 wrote to memory of 2304 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 2304 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4696 wrote to memory of 3360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\text.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1952 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4492 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3024 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3212 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5084 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4668 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5644 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5308 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5452 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5292 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x3a4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1512 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5616 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6268 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6540 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6296 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6588 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6492 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5088 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5208 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5044 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5356 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6132 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5904 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=3128 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5612 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3544 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5504 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7148 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6400 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6424 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5312 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5896 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=5964 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6084 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7336 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7816 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7808 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8060 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=8224 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8368 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8636 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=8372 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8976 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9056 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=9236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9416 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=7588 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=7596 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=3092 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=6516 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=6196 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3872 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9056 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=8520 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=7496 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9980 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9804 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9604 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=10284 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10216 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=10456 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=10768 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=10908 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=10888 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=10988 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=2236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=10016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=10684 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10332 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=10260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=7204 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=3000 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=8520 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=5336 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=6444 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=3828 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=3548 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=6016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=3996 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=1080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=8264 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=8344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=8320 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=10840 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=7476 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=8960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=8840 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=9008 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=8956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=5348 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=5376 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=7412 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=10456 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=7236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=10360 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=7376 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=9892 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=10760 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=6140 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=3676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=11628 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=12080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=6592 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=12216 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=12224 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=4960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

\??\c:\windows\system32\svchost.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService

C:\Windows\system32\dashost.exe

dashost.exe {b534cb8e-9e74-467d-b483b316bef35df8}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=2912 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=4884 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=3004 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=11532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=4944 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=9436 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=10628 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=8428 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=8476 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=3676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=12148 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --mojo-platform-channel-handle=7688 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=8288 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=12020 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=2184 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=9676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --mojo-platform-channel-handle=11424 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --mojo-platform-channel-handle=6960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=8428 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=6416 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --mojo-platform-channel-handle=11920 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --mojo-platform-channel-handle=11820 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --mojo-platform-channel-handle=5700 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --mojo-platform-channel-handle=11464 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --mojo-platform-channel-handle=11436 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --mojo-platform-channel-handle=7624 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --mojo-platform-channel-handle=5192 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --mojo-platform-channel-handle=4012 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --mojo-platform-channel-handle=7260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --mojo-platform-channel-handle=10016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --mojo-platform-channel-handle=6232 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --mojo-platform-channel-handle=9372 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --mojo-platform-channel-handle=11256 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --mojo-platform-channel-handle=9524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --mojo-platform-channel-handle=10956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --mojo-platform-channel-handle=6700 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --mojo-platform-channel-handle=5420 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --mojo-platform-channel-handle=8120 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --mojo-platform-channel-handle=5392 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10632 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10928 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10496 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11172 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Users\Admin\Downloads\Setup.exe

"C:\Users\Admin\Downloads\Setup.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" https://pcapp.store/installing.php?guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX&winver=15063&version=fa.1091q&nocache=20240807191656.74&_fcid=1723058209076521

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --mojo-platform-channel-handle=6576 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --mojo-platform-channel-handle=8188 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --mojo-platform-channel-handle=8688 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp

"C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp" /internal 1723058209076521 /force

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --mojo-platform-channel-handle=9844 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --mojo-platform-channel-handle=4928 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=176 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Users\Admin\PCAppStore\PcAppStore.exe

"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default

C:\Users\Admin\PCAppStore\Watchdog.exe

"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX /rid=20240807191731.336240929765 /ver=fa.1091q

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

.\nwjs\NW_store.exe .\ui\.

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x2a4,0x2a8,0x2ac,0x2a0,0x2b0,0x7ffb5df5a960,0x7ffb5df5a970,0x7ffb5df5a980

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x168,0x16c,0x170,0x114,0x178,0x7ff6cc8f8a60,0x7ff6cc8f8a70,0x7ff6cc8f8a80

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1912 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:2

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=1920 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:3

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2092 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --mojo-platform-channel-handle=9976 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4196 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4308 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=972 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6656 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9240 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8280 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10632 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6168 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8

\??\c:\windows\system32\svchost.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NgcSvc

C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe

"C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe"

\??\c:\windows\system32\svchost.exe

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s NgcCtnrSvc

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4272 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4520 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Program Files\TopGames\Evony\Game\303514\evony.exe

"C:\Program Files\TopGames\Evony\Game\303514\evony.exe"

C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe

"C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe" --attach 6788 2066590273536

C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe

"C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe" "6788" "2066590273536"

C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe

"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=692 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2104 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4504 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5204 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5460 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5844 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5748 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6044 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5888 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2912 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5744 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=888 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
NL 172.217.168.206:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 206.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.179.170:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 3.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 170.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 162.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 loathsomecharacters-miraheze-org.webpkgcache.com udp
NL 216.58.208.97:443 loathsomecharacters-miraheze-org.webpkgcache.com tcp
NL 216.58.208.97:443 loathsomecharacters-miraheze-org.webpkgcache.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 97.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 216.58.214.14:443 play.google.com tcp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
NL 142.251.39.110:443 consent.google.com tcp
NL 142.250.179.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 110.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
NL 142.250.179.142:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
NL 142.250.179.142:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 206.23.217.172.in-addr.arpa udp
NL 216.58.214.14:443 play.google.com udp
US 8.8.8.8:53 m.media-amazon.com udp
GB 2.18.190.140:443 m.media-amazon.com tcp
US 8.8.8.8:53 140.190.18.2.in-addr.arpa udp
GB 2.18.190.140:443 m.media-amazon.com udp
US 8.8.8.8:53 anyde.sk udp
GB 18.239.236.119:443 anyde.sk tcp
GB 18.239.236.119:443 anyde.sk tcp
US 8.8.8.8:53 119.236.239.18.in-addr.arpa udp
US 8.8.8.8:53 anydesk.com udp
GB 18.244.114.114:443 anydesk.com tcp
US 8.8.8.8:53 js.hs-scripts.com udp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 ad-wa.anydesk.com udp
US 104.16.139.209:443 js.hs-scripts.com tcp
DE 167.235.224.171:443 ad-wa.anydesk.com tcp
DE 167.235.224.171:443 ad-wa.anydesk.com tcp
US 8.8.8.8:53 107.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 114.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 209.139.16.104.in-addr.arpa udp
US 8.8.8.8:53 168.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 171.224.235.167.in-addr.arpa udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 8.8.8.8:53 js.hs-banner.com udp
US 8.8.8.8:53 js.usemessages.com udp
US 104.16.76.142:443 js.usemessages.com tcp
US 104.18.22.183:443 js.hs-banner.com tcp
US 104.16.160.168:443 js.hs-analytics.net tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 tracking.g2crowd.com udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.31.176:443 tracking.g2crowd.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 104.18.22.183:443 js.hs-banner.com tcp
GB 2.18.190.81:80 apps.identrust.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 183.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 168.160.16.104.in-addr.arpa udp
US 8.8.8.8:53 142.76.16.104.in-addr.arpa udp
US 8.8.8.8:53 176.31.18.104.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 81.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 api.hubspot.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.16.117.116:443 api.hubspot.com tcp
US 104.18.28.127:443 geolocation.onetrust.com tcp
GB 18.244.114.114:443 anydesk.com tcp
US 8.8.8.8:53 track.hubspot.com udp
US 104.16.117.116:443 track.hubspot.com tcp
US 8.8.8.8:53 www.dwin1.com udp
US 8.8.8.8:53 serve.albacross.com udp
US 8.8.8.8:53 scripts.iconnode.com udp
GB 18.164.68.123:443 serve.albacross.com tcp
US 8.8.8.8:53 app.hubspot.com udp
GB 108.138.233.18:443 www.dwin1.com tcp
GB 52.84.90.55:443 scripts.iconnode.com tcp
US 8.8.8.8:53 new-collect.albacross.com udp
US 8.8.8.8:53 lantern.roeyecdn.com udp
IE 52.208.225.195:443 new-collect.albacross.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 18.245.187.32:443 lantern.roeyecdn.com tcp
US 8.8.8.8:53 static.hsappstatic.net udp
US 8.8.8.8:53 116.117.16.104.in-addr.arpa udp
US 8.8.8.8:53 127.28.18.104.in-addr.arpa udp
US 8.8.8.8:53 123.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 18.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 55.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 178.36.239.216.in-addr.arpa udp
NL 142.250.102.157:443 stats.g.doubleclick.net tcp
US 104.17.174.91:443 static.hsappstatic.net tcp
US 104.17.174.91:443 static.hsappstatic.net tcp
US 104.17.174.91:443 static.hsappstatic.net tcp
US 104.17.174.91:443 static.hsappstatic.net tcp
US 8.8.8.8:53 www.anydesk.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 195.225.208.52.in-addr.arpa udp
US 8.8.8.8:53 32.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 157.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.174.17.104.in-addr.arpa udp
US 8.8.8.8:53 download.anydesk.com udp
AT 31.13.84.4:443 connect.facebook.net tcp
DE 159.69.19.197:443 download.anydesk.com tcp
DE 159.69.19.197:443 download.anydesk.com tcp
US 8.8.8.8:53 12375076.fls.doubleclick.net udp
US 8.8.8.8:53 snap.licdn.com udp
NL 142.251.39.102:443 12375076.fls.doubleclick.net tcp
NL 142.251.39.102:443 12375076.fls.doubleclick.net tcp
GB 2.18.190.141:443 snap.licdn.com tcp
NL 142.251.39.102:443 12375076.fls.doubleclick.net udp
US 8.8.8.8:53 4.84.13.31.in-addr.arpa udp
US 8.8.8.8:53 197.19.69.159.in-addr.arpa udp
AT 31.13.84.4:443 connect.facebook.net udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 exceptions.hubspot.com udp
AT 31.13.84.36:443 www.facebook.com tcp
AT 31.13.84.36:443 www.facebook.com tcp
US 8.8.8.8:53 102.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 141.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 34.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 36.84.13.31.in-addr.arpa udp
US 8.8.8.8:53 metrics-fe-na1.hubspot.com udp
US 8.8.8.8:53 softonic.com udp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
US 8.8.8.8:53 www.softonic.com udp
US 151.101.129.91:443 www.softonic.com tcp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 151.101.1.91:443 images.sftcdn.net udp
US 151.101.1.91:443 images.sftcdn.net udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.227:443 notix.io tcp
GB 13.224.222.64:443 sdk.privacy-center.org udp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 api.privacy-center.org udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 push-sdk.com udp
GB 108.138.233.47:443 api.privacy-center.org tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
DE 157.90.33.72:443 push-sdk.com tcp
NL 142.251.39.99:443 www.google.co.uk tcp
US 8.8.8.8:53 ampcid.google.com udp
NL 142.250.179.174:443 ampcid.google.com tcp
GB 108.138.233.47:443 api.privacy-center.org udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 47.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 99.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 h.clarity.ms udp
US 8.8.8.8:53 c.bing.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 188.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 prs.sftcdn.net udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 54.192.139.162:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 162.139.192.54.in-addr.arpa udp
US 8.8.8.8:53 wct.softonic.com udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
US 104.26.2.63:443 wct.softonic.com tcp
US 8.8.8.8:53 btloader.com udp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
US 104.22.74.216:443 btloader.com tcp
NL 142.251.36.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
NL 142.251.36.2:443 googleads.g.doubleclick.net tcp
IE 63.32.135.176:443 id.crwdcntrl.net tcp
DE 162.19.138.83:443 id5-sync.com tcp
NL 142.250.102.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 54.192.139.162:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 prebid.media.net udp
GB 52.84.90.86:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
GB 18.245.220.173:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 34.120.63.153:443 prebid.media.net tcp
US 104.26.2.63:443 wct.softonic.com tcp
IE 34.252.214.88:443 ad.360yield.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
IE 54.246.9.186:443 ap.lijit.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 ac8693255deb2a7aa840caa63a64299a.safeframe.googlesyndication.com udp
NL 178.250.1.3:443 static.criteo.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
NL 142.251.39.99:443 www.google.co.uk udp
NL 142.250.179.193:443 ac8693255deb2a7aa840caa63a64299a.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 articles-img.sftcdn.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 63.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 2.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 176.135.32.63.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 86.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 173.220.245.18.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 88.214.252.34.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 186.9.246.54.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 58.139.4.46.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 100.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 193.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 lexicon.33across.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.228.201:443 aax-eu.amazon-adsystem.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 104.26.6.141:443 cdn.btmessage.com tcp
DE 157.90.33.72:443 uidsync.net tcp
US 172.64.151.101:443 htlb.casalemedia.com udp
US 34.120.63.153:443 prebid.media.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btmessage.com udp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
DE 51.89.9.254:443 onetag-sys.com tcp
IE 54.72.58.55:443 rtb.gumgum.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
GB 184.26.56.245:443 ads.pubmatic.com tcp
DE 157.90.33.72:443 uidsync.net tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ce.lijit.com udp
US 13.248.245.213:443 eb2.3lift.com tcp
IE 52.215.107.71:443 ce.lijit.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 134.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 201.228.220.67.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 141.6.26.104.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 55.58.72.54.in-addr.arpa udp
US 8.8.8.8:53 130.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 245.56.26.184.in-addr.arpa udp
US 8.8.8.8:53 122.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
NL 142.251.36.1:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 71.107.215.52.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 1.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 129.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 match.adsrvr.org udp
NL 142.251.36.2:443 googleads.g.doubleclick.net udp
US 15.197.193.217:443 match.adsrvr.org tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 15.197.193.217:443 match.adsrvr.org tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
IE 67.220.228.201:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 match.deepintent.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 c1.adform.net udp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
NL 216.58.214.2:443 cm.g.doubleclick.net tcp
IE 34.243.120.79:443 match.prod.bidr.io tcp
NL 35.214.249.23:443 csync.loopme.me tcp
US 54.147.125.191:443 sync.ipredictive.com tcp
IE 52.51.80.79:443 pr-bh.ybp.yahoo.com tcp
US 54.160.252.88:443 sync.srv.stackadapt.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 8.18.47.7:443 match.deepintent.com tcp
US 64.74.236.63:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
DK 37.157.2.230:443 c1.adform.net tcp
NL 216.58.214.2:443 cm.g.doubleclick.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 dis.eu.criteo.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 8.8.8.8:53 usersync.gumgum.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 2.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 79.120.243.34.in-addr.arpa udp
US 8.8.8.8:53 23.249.214.35.in-addr.arpa udp
US 8.8.8.8:53 79.80.51.52.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 161.182.54.209.in-addr.arpa udp
US 8.8.8.8:53 191.125.147.54.in-addr.arpa udp
US 8.8.8.8:53 88.252.160.54.in-addr.arpa udp
US 8.8.8.8:53 63.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 7.47.18.8.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 tg.socdm.com udp
US 8.8.8.8:53 creativecdn.com udp
JP 211.120.53.206:443 tg.socdm.com tcp
US 8.8.8.8:53 acdn.adnxs.com udp
NL 185.184.8.90:443 creativecdn.com tcp
JP 211.120.53.206:443 tg.socdm.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 contextual.media.net udp
NL 216.58.214.2:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 dis.criteo.com udp
US 151.101.129.108:443 acdn.adnxs.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
GB 184.25.192.27:443 contextual.media.net tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 34.98.64.218:443 us-u.openx.net udp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
AT 104.96.128.188:443 secure-assets.rubiconproject.com tcp
NL 198.47.127.205:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 ice.360yield.com udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.250.59.226:443 ice.360yield.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 u.ipw.metadsp.co.uk udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 sync.serverbid.com udp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
GB 143.204.176.88:443 sync.serverbid.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 8.8.8.8:53 image2.pubmatic.com udp
GB 184.25.193.73:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 sonata-notifications.taptapnetworks.com udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
DE 3.127.42.165:443 sonata-notifications.taptapnetworks.com tcp
NL 35.214.249.23:443 csync.loopme.me tcp
US 8.8.8.8:53 19.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 206.53.120.211.in-addr.arpa udp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 27.192.25.184.in-addr.arpa udp
US 8.8.8.8:53 49.158.204.35.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 224.236.55.162.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 188.128.96.104.in-addr.arpa udp
US 8.8.8.8:53 226.59.250.34.in-addr.arpa udp
US 8.8.8.8:53 90.132.214.35.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 88.176.204.143.in-addr.arpa udp
US 8.8.8.8:53 73.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 hbx.media.net udp
DE 51.89.9.254:443 onetag-sys.com udp
GB 184.26.188.27:443 hbx.media.net tcp
US 8.8.8.8:53 medianet-match.dotomi.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
GB 184.26.188.27:443 hbx.media.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
GB 184.26.188.27:443 hbx.media.net tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
GB 184.25.192.27:443 contextual.media.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 bc-sync.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 cs.media.net udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.2.108.175:443 bc-sync.com tcp
US 54.227.210.51:443 api-2-0.spot.im tcp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 52.20.102.225:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ads.avct.cloud udp
NL 63.215.202.137:443 medianet-match.dotomi.com tcp
NL 63.215.202.137:443 medianet-match.dotomi.com tcp
GB 2.18.190.80:443 player.aniview.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 192.132.33.69:443 bttrack.com tcp
IE 63.33.226.2:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
DE 157.90.33.72:443 uidsync.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 casale-match.dotomi.com udp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 pm.w55c.net udp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 165.42.127.3.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 27.188.26.184.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 175.108.2.8.in-addr.arpa udp
US 8.8.8.8:53 51.210.227.54.in-addr.arpa udp
US 8.8.8.8:53 111.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 137.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 225.102.20.52.in-addr.arpa udp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 2.226.33.63.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
NL 63.215.202.169:443 casale-match.dotomi.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
IE 52.213.214.195:443 pm.w55c.net tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 ads.betweendigital.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 74.121.140.211:443 sync.mathtag.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 188.42.191.196:443 ads.betweendigital.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
FR 5.196.111.68:443 ssbsync-global.smartadserver.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
DE 91.228.74.166:443 cms.quantserve.com tcp
US 8.8.8.8:53 simage4.pubmatic.com udp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
NL 198.47.127.20:443 simage4.pubmatic.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
IE 54.194.1.167:443 cs.yellowblue.io tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 172.240.45.78:443 sync.aniview.com udp
US 8.8.8.8:53 pixel.tapad.com udp
US 34.111.113.62:443 pixel.tapad.com tcp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 169.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 195.214.213.52.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 196.191.42.188.in-addr.arpa udp
US 8.8.8.8:53 68.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 233.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 167.1.194.54.in-addr.arpa udp
US 34.111.113.62:443 pixel.tapad.com udp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 pool.admedo.com udp
US 8.8.8.8:53 uipglob.semasio.net udp
BE 35.206.140.87:443 pool.admedo.com tcp
FR 54.38.113.7:443 pixel.onaudience.com tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 8.8.8.8:53 7.113.38.54.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 87.140.206.35.in-addr.arpa udp
BE 35.206.140.87:443 pool.admedo.com udp
US 8.8.8.8:53 cookie.active-agent.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
DE 80.82.210.217:443 cookie.active-agent.com tcp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
NL 63.215.202.172:443 pubmatic-match.dotomi.com tcp
US 8.8.8.8:53 122.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 217.210.82.80.in-addr.arpa udp
US 8.8.8.8:53 172.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 d5p.de17a.com udp
SE 13.53.196.230:443 d5p.de17a.com tcp
US 8.8.8.8:53 dsp-ap.eskimi.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 p.rfihub.com udp
NL 193.0.160.131:443 p.rfihub.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 230.196.53.13.in-addr.arpa udp
US 8.8.8.8:53 48.63.42.188.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 131.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 ad.mrtnsvr.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 8.8.8.8:53 core.iprom.net udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
US 8.8.8.8:53 ad.turn.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 26.178.89.13.in-addr.arpa udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
US 8.8.8.8:53 green.erne.co udp
US 8.8.8.8:53 cm.adgrx.com udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
FR 141.95.171.142:443 green.erne.co tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
US 104.18.25.173:443 a.tribalfusion.com tcp
NL 35.214.249.23:443 csync.loopme.me tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 matching.truffle.bid udp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
DE 162.55.120.196:443 matching.truffle.bid tcp
FR 54.38.113.2:443 pixel-eu.onaudience.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 s.tribalfusion.com udp
US 8.8.8.8:53 142.171.95.141.in-addr.arpa udp
US 8.8.8.8:53 11.155.215.52.in-addr.arpa udp
US 8.8.8.8:53 173.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 2.113.38.54.in-addr.arpa udp
US 8.8.8.8:53 196.120.55.162.in-addr.arpa udp
US 199.232.209.91:443 softonic.com udp
US 104.26.6.141:443 api.btmessage.com tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.8.8.8:53 229174c2cec0fb9f905fe2b0c5670605.safeframe.googlesyndication.com udp
US 130.211.23.194:443 api.btloader.com udp
DE 157.90.33.72:443 uidsync.net tcp
DE 157.90.33.72:443 uidsync.net tcp
NL 139.45.197.227:443 notix.io tcp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
DE 157.90.33.72:443 uidsync.net tcp
DE 157.90.33.72:443 uidsync.net tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
IE 34.243.120.79:443 match.prod.bidr.io tcp
US 54.160.252.88:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
US 8.8.8.8:53 cs.krushmedia.com udp
IE 34.243.120.79:443 match.prod.bidr.io tcp
US 8.8.8.8:53 data.adsrvr.org udp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 3.221.130.118:443 aorta.clickagy.com tcp
GB 108.156.39.10:443 s.ad.smaato.net tcp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
US 3.221.130.118:443 aorta.clickagy.com tcp
US 69.173.146.5:443 pixel-us-east.rubiconproject.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 10.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 5.146.173.69.in-addr.arpa udp
US 8.8.8.8:53 118.130.221.3.in-addr.arpa udp
US 8.8.8.8:53 s0.2mdn.net udp
US 104.18.25.173:443 s.tribalfusion.com udp
NL 142.251.36.6:443 s0.2mdn.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 equativ-match.dotomi.com udp
US 8.8.8.8:53 match.sharethrough.com udp
DE 52.59.252.86:443 match.sharethrough.com tcp
NL 142.251.36.6:443 s0.2mdn.net udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 eu-u.openx.net udp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
NL 142.250.179.202:443 ajax.googleapis.com tcp
US 8.8.8.8:53 86.252.59.52.in-addr.arpa udp
US 8.8.8.8:53 202.179.250.142.in-addr.arpa udp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 id.google.com udp
NL 142.251.36.35:443 id.google.com tcp
US 8.8.8.8:53 35.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.150:443 i.ytimg.com tcp
NL 142.250.179.150:443 i.ytimg.com tcp
NL 142.250.179.150:443 i.ytimg.com tcp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
NL 142.251.39.110:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 216.58.214.14:443 www.youtube.com udp
US 8.8.8.8:53 150.179.250.142.in-addr.arpa udp
NL 142.250.179.150:443 i.ytimg.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
NL 142.250.179.138:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 138.179.250.142.in-addr.arpa udp
NL 216.58.214.14:443 www.youtube.com udp
NL 216.58.214.14:443 www.youtube.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
NL 142.250.179.206:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 206.179.250.142.in-addr.arpa udp
US 107.180.33.249:443 www.simplestickynotes.com tcp
US 107.180.33.249:443 www.simplestickynotes.com tcp
US 107.180.33.249:443 www.simplestickynotes.com tcp
NL 142.251.36.35:443 id.google.com udp
US 8.8.8.8:53 blogging.nitecruzr.net udp
NL 142.250.179.179:443 blogging.nitecruzr.net tcp
NL 142.250.179.179:443 blogging.nitecruzr.net tcp
US 8.8.8.8:53 www.blogger.com udp
US 8.8.8.8:53 blogger.googleusercontent.com udp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
NL 142.251.36.1:443 blogger.googleusercontent.com tcp
US 8.8.8.8:53 resources.blogblog.com udp
US 8.8.8.8:53 4.bp.blogspot.com udp
NL 142.250.179.201:443 resources.blogblog.com tcp
NL 142.250.179.201:443 resources.blogblog.com tcp
NL 142.251.36.2:443 googleads.g.doubleclick.net udp
NL 142.250.179.201:443 resources.blogblog.com tcp
NL 142.251.36.1:443 4.bp.blogspot.com tcp
US 8.8.8.8:53 179.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.179.250.142.in-addr.arpa udp
NL 142.250.179.201:443 resources.blogblog.com udp
NL 142.250.179.201:443 resources.blogblog.com udp
US 8.8.8.8:53 apis.google.com udp
NL 142.250.179.131:80 www.gstatic.com tcp
US 8.8.8.8:53 1.bp.blogspot.com udp
NL 142.251.36.14:443 apis.google.com tcp
US 8.8.8.8:53 3.bp.blogspot.com udp
NL 142.251.36.14:443 apis.google.com udp
US 8.8.8.8:53 ssl.google-analytics.com udp
NL 172.217.168.232:443 ssl.google-analytics.com tcp
NL 142.251.36.1:443 3.bp.blogspot.com udp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 232.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.102.84:443 accounts.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 assets.pinterest.com udp
NL 172.217.168.232:443 ssl.google-analytics.com udp
US 8.8.8.8:53 dsms0mj1bbhn4.cloudfront.net udp
US 8.8.8.8:53 s7.addthis.com udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 18.165.227.94:443 dsms0mj1bbhn4.cloudfront.net tcp
GB 184.26.132.239:443 assets.pinterest.com tcp
GB 184.26.134.46:443 s7.addthis.com tcp
US 8.8.8.8:53 www.bloglovin.com udp
US 8.8.8.8:53 e2c19.gcp.gvt2.com udp
GB 184.26.132.239:443 assets.pinterest.com tcp
CH 34.65.65.90:443 e2c19.gcp.gvt2.com tcp
GB 184.26.134.46:443 s7.addthis.com tcp
US 8.8.8.8:53 cdn.openshareweb.com udp
US 104.26.1.81:443 cdn.openshareweb.com tcp
US 184.73.100.94:443 www.shareaholic.net tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 184.26.132.239:443 assets.pinterest.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 analytics.shareaholic.com udp
US 142.250.68.227:443 beacons.gvt2.com tcp
US 104.26.1.81:443 cdn.openshareweb.com udp
US 8.8.8.8:53 partner.shareaholic.com udp
US 34.194.240.94:443 analytics.shareaholic.com tcp
US 8.8.8.8:53 widgets.pinterest.com udp
US 107.20.147.136:443 partner.shareaholic.com tcp
US 8.8.8.8:53 84.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 94.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 239.132.26.184.in-addr.arpa udp
US 8.8.8.8:53 46.134.26.184.in-addr.arpa udp
US 8.8.8.8:53 90.65.65.34.in-addr.arpa udp
US 8.8.8.8:53 81.1.26.104.in-addr.arpa udp
US 8.8.8.8:53 94.100.73.184.in-addr.arpa udp
US 142.250.68.227:443 beacons.gvt2.com tcp
US 151.101.128.84:443 widgets.pinterest.com tcp
US 34.194.240.94:443 analytics.shareaholic.com tcp
US 8.8.8.8:53 cdn.viglink.com udp
GB 18.164.68.5:443 cdn.viglink.com tcp
US 8.8.8.8:53 comparisons.sovrn.com udp
US 8.8.8.8:53 i.pinimg.com udp
GB 52.84.90.36:443 comparisons.sovrn.com tcp
GB 199.232.56.84:443 i.pinimg.com tcp
GB 199.232.56.84:443 i.pinimg.com tcp
US 172.67.74.169:443 www.bloglovin.com tcp
US 172.67.74.169:443 www.bloglovin.com tcp
US 8.8.8.8:53 log.pinterest.com udp
US 8.8.8.8:53 227.68.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.128.101.151.in-addr.arpa udp
US 8.8.8.8:53 94.240.194.34.in-addr.arpa udp
US 8.8.8.8:53 136.147.20.107.in-addr.arpa udp
US 8.8.8.8:53 5.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 84.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 169.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 36.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 static.blovcdn.com udp
US 104.26.2.141:443 static.blovcdn.com tcp
US 104.26.2.141:443 static.blovcdn.com tcp
US 8.8.8.8:53 api.viglink.com udp
IE 52.209.209.52:443 api.viglink.com tcp
US 8.8.8.8:53 141.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 52.209.209.52.in-addr.arpa udp
US 142.250.68.227:443 beacons.gvt2.com udp
NL 142.250.179.202:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 sub.got-to-be.net udp
DE 23.88.8.125:443 sub.got-to-be.net tcp
DE 23.88.8.125:443 sub.got-to-be.net tcp
US 8.8.8.8:53 125.8.88.23.in-addr.arpa udp
US 8.8.8.8:53 c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa udp
US 8.8.8.8:53 beacons2.gvt2.com udp
NL 172.217.168.206:443 www.youtube.com udp
FI 216.58.209.163:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 163.209.58.216.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 199.232.209.91:443 softonic.com udp
FI 216.58.209.163:443 beacons2.gvt2.com udp
US 8.8.8.8:53 www.softonic.com udp
US 151.101.129.91:443 www.softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 assets.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 151.101.193.91:443 images.sftcdn.net udp
GB 13.224.222.112:443 sdk.privacy-center.org udp
US 151.101.193.91:443 images.sftcdn.net udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 e2c9.gcp.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
NL 142.251.36.14:443 apis.google.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 www.clarity.ms udp
NL 142.251.39.99:443 www.google.co.uk udp
US 8.8.8.8:53 push-sdk.com udp
NL 142.251.36.14:443 apis.google.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
DE 23.88.8.125:443 push-sdk.com tcp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 112.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 154.114.101.34.in-addr.arpa udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.122:443 uidsync.net tcp
US 8.8.8.8:53 notix.io udp
US 8.8.8.8:53 h.clarity.ms udp
NL 139.45.197.253:443 notix.io tcp
US 51.8.64.151:443 h.clarity.ms tcp
DE 157.90.33.122:443 uidsync.net tcp
US 142.250.68.227:443 beacons5.gvt3.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 122.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 en.softonic.com udp
DE 23.88.8.125:443 uidsync.net tcp
US 8.8.8.8:53 githbu.com udp
US 199.115.115.116:443 githbu.com tcp
US 199.115.115.116:443 githbu.com tcp
US 199.115.115.116:443 githbu.com tcp
US 8.8.8.8:53 ww1.githbu.com udp
US 76.223.26.96:80 ww1.githbu.com tcp
US 8.8.8.8:53 d38psrni17bvxu.cloudfront.net udp
US 8.8.8.8:53 116.115.115.199.in-addr.arpa udp
US 8.8.8.8:53 96.26.223.76.in-addr.arpa udp
GB 99.86.249.105:80 d38psrni17bvxu.cloudfront.net tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 8.8.8.8:53 partner.googleadservices.com udp
NL 142.250.179.142:443 syndicatedsearch.goog tcp
NL 142.251.39.98:443 partner.googleadservices.com tcp
US 8.8.8.8:53 e2c75.gcp.gvt2.com udp
QA 34.1.37.11:443 e2c75.gcp.gvt2.com tcp
US 8.8.8.8:53 11.37.1.34.in-addr.arpa udp
US 8.8.8.8:53 98.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 105.249.86.99.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 216.58.208.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 facebook.cm udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 articles-img.sftcdn.net udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 gta-v.en.softonic.com udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 151.101.1.91:443 sc.sftcdn.net udp
US 13.107.21.237:443 bat.bing.com tcp
AT 31.13.84.4:443 connect.facebook.net udp
NL 142.250.179.142:443 syndicatedsearch.goog udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
NL 142.251.39.98:443 partner.googleadservices.com udp
NL 172.217.23.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 1a2cd864716f56aa1c69551346cf985b.safeframe.googlesyndication.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 prebid.media.net udp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
IE 54.76.209.21:443 ap.lijit.com tcp
US 34.120.63.153:443 prebid.media.net udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
IE 52.49.255.83:443 ad.360yield.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 194.23.217.172.in-addr.arpa udp
US 172.64.151.101:443 htlb.casalemedia.com udp
NL 142.250.102.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
AT 31.13.84.36:443 www.facebook.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
NL 172.217.23.219:443 storage.googleapis.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
US 130.211.23.194:443 api.btloader.com udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 142.251.36.1:443 3.bp.blogspot.com udp
US 8.8.8.8:53 s.richaudience.com udp
DE 157.90.0.38:443 s.richaudience.com tcp
US 8.8.8.8:53 21.209.76.54.in-addr.arpa udp
US 8.8.8.8:53 219.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 83.255.49.52.in-addr.arpa udp
US 8.8.8.8:53 dclk-match.dotomi.com udp
US 8.8.8.8:53 pm.w55c.net udp
US 104.18.25.173:443 s.tribalfusion.com udp
NL 216.58.214.2:443 cm.g.doubleclick.net udp
NL 63.215.202.169:443 dclk-match.dotomi.com tcp
IE 54.246.197.170:443 pm.w55c.net tcp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 34.251.228.242:443 ce.lijit.com tcp
DK 37.157.2.230:443 c1.adform.net tcp
US 8.8.8.8:53 38.0.90.157.in-addr.arpa udp
US 8.8.8.8:53 170.197.246.54.in-addr.arpa udp
US 8.8.8.8:53 242.228.251.34.in-addr.arpa udp
US 8.8.8.8:53 inmobi-match.dotomi.com udp
US 8.8.8.8:53 ice.360yield.com udp
IE 52.49.83.113:443 ice.360yield.com tcp
US 8.8.8.8:53 rtd-tm.everesttech.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 54.174.7.78:443 sync.srv.stackadapt.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 swelabgames.com udp
US 8.8.8.8:53 contextual.media.net udp
US 172.67.201.25:443 swelabgames.com tcp
US 8.8.8.8:53 sync.richaudience.com udp
US 172.67.201.25:443 swelabgames.com tcp
GB 184.25.192.27:443 contextual.media.net udp
DE 167.235.114.248:443 sync.richaudience.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 113.83.49.52.in-addr.arpa udp
US 8.8.8.8:53 78.7.174.54.in-addr.arpa udp
US 8.8.8.8:53 ssum.casalemedia.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.2.110.134:443 cs.krushmedia.com tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
US 34.98.64.218:443 eu-u.openx.net udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 track.adform.net udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 ssc-cms.33across.com udp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
DK 37.157.6.243:443 track.adform.net tcp
US 52.20.102.225:443 cs-server-s2s.yellowblue.io tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
US 172.67.201.25:443 swelabgames.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 15.197.193.217:443 data.adsrvr.org tcp
NL 172.217.23.194:443 googleads.g.doubleclick.net udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.media.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 25.201.67.172.in-addr.arpa udp
US 8.8.8.8:53 248.114.235.167.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 243.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 22.105.202.67.in-addr.arpa udp
GB 184.26.188.27:443 cs.media.net tcp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
IE 34.254.110.245:443 cs.yellowblue.io tcp
US 8.8.8.8:53 consent.cookiebot.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.2.108.175:443 bc-sync.com tcp
GB 173.222.211.81:443 consent.cookiebot.com tcp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 consentcdn.cookiebot.com udp
US 52.207.119.224:443 aorta.clickagy.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
AT 23.36.213.194:443 consentcdn.cookiebot.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
IE 34.243.120.79:443 match.prod.bidr.io tcp
US 8.8.8.8:53 245.110.254.34.in-addr.arpa udp
US 8.8.8.8:53 81.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 224.119.207.52.in-addr.arpa udp
US 8.8.8.8:53 194.213.36.23.in-addr.arpa udp
NL 142.251.36.6:443 s0.2mdn.net udp
NL 172.217.23.195:443 p4-awl36ngewvva6-pwdub4fjccmzv5hr-if-v6exp3-v4.metric.gstatic.com tcp
NL 172.217.23.195:443 p4-awl36ngewvva6-pwdub4fjccmzv5hr-if-v6exp3-v4.metric.gstatic.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 195.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 imgsct.cookiebot.com udp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
NL 142.250.179.202:443 content-autofill.googleapis.com udp
AT 23.36.213.194:443 imgsct.cookiebot.com tcp
IE 63.33.226.2:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 35.244.174.68:443 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 192.132.33.68:443 bttrack.com tcp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 104.248.126.225:443 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 s10.histats.com udp
US 104.20.18.71:443 s10.histats.com tcp
US 8.8.8.8:53 s4.histats.com udp
CA 149.56.240.127:443 s4.histats.com tcp
US 8.8.8.8:53 225.126.248.104.in-addr.arpa udp
US 8.8.8.8:53 repcdn.pcapp.store udp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
US 8.8.8.8:53 127.240.56.149.in-addr.arpa udp
US 8.8.8.8:53 8.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 41.126.223.159.in-addr.arpa udp
US 8.8.8.8:53 p4-awl36ngewvva6-pwdub4fjccmzv5hr-444705-i1-v6exp3.v4.metric.gstatic.com udp
US 8.8.8.8:53 p4-awl36ngewvva6-pwdub4fjccmzv5hr-444705-i2-v6exp3.ds.metric.gstatic.com udp
NL 142.250.179.178:443 p4-awl36ngewvva6-pwdub4fjccmzv5hr-444705-i2-v6exp3.ds.metric.gstatic.com tcp
NL 142.250.179.178:443 p4-awl36ngewvva6-pwdub4fjccmzv5hr-444705-i2-v6exp3.ds.metric.gstatic.com tcp
US 8.8.8.8:53 178.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 delivery.pcapp.store udp
GB 89.187.167.39:443 delivery.pcapp.store tcp
US 8.8.8.8:53 repository.pcapp.store udp
GB 84.17.50.9:443 repository.pcapp.store tcp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 61.45.26.184.in-addr.arpa udp
NL 216.58.214.14:443 www.youtube.com udp
NL 142.250.179.142:443 syndicatedsearch.goog udp
NL 142.251.39.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 106.39.251.142.in-addr.arpa udp
US 159.223.126.41:443 pcapp.store tcp
US 172.67.201.25:443 swelabgames.com udp
US 51.8.64.151:443 h.clarity.ms tcp
NL 172.217.23.194:443 googleads.g.doubleclick.net udp
US 159.223.126.41:443 pcapp.store tcp
NL 142.251.36.1:443 3.bp.blogspot.com udp
US 142.250.68.227:443 beacons5.gvt3.com udp
NL 172.217.168.206:443 www.youtube.com udp
NL 142.251.36.14:443 apis.google.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 store.steampowered.com udp
GB 184.25.193.136:443 store.steampowered.com tcp
GB 184.25.193.136:443 store.steampowered.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 136.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 shared.akamai.steamstatic.com udp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
GB 2.18.190.133:443 shared.akamai.steamstatic.com tcp
GB 2.18.190.141:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 e2c8.gcp.gvt2.com udp
SG 34.87.124.238:443 e2c8.gcp.gvt2.com tcp
SG 34.87.124.238:443 e2c8.gcp.gvt2.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 238.124.87.34.in-addr.arpa udp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 d74queuslupub.cloudfront.net udp
US 159.223.126.41:443 pcapp.store tcp
GB 18.244.114.121:443 d74queuslupub.cloudfront.net tcp
US 8.8.8.8:53 121.114.244.18.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 pc.evony.com udp
US 8.8.8.8:53 181.178.204.143.in-addr.arpa udp
US 8.8.8.8:53 113.216.138.108.in-addr.arpa udp
US 34.110.194.123:443 pc.evony.com tcp
US 34.110.194.123:443 pc.evony.com tcp
US 34.110.194.123:443 pc.evony.com udp
US 8.8.8.8:53 emcl.evony.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
CA 76.9.213.43:443 emcl.evony.com tcp
CA 76.9.213.43:443 emcl.evony.com tcp
FR 199.232.168.157:443 static.ads-twitter.com tcp
CA 38.45.227.13:443 em.evony.com tcp
US 8.8.8.8:53 123.194.110.34.in-addr.arpa udp
US 8.8.8.8:53 157.168.232.199.in-addr.arpa udp
US 8.8.8.8:53 43.213.9.76.in-addr.arpa udp
US 8.8.8.8:53 13.227.45.38.in-addr.arpa udp
CA 149.56.240.127:443 s4.histats.com tcp
CA 38.45.227.13:443 em.evony.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 analytics.twitter.com udp
US 104.244.42.3:443 analytics.twitter.com tcp
PL 93.184.221.165:443 t.co tcp
US 8.8.8.8:53 165.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 3.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 159.223.126.41:80 pcapp.store tcp
US 8.8.8.8:53 repository.pcapp.store udp
US 8.8.8.8:53 repository.pcapp.store udp
GB 84.17.50.8:443 repository.pcapp.store tcp
GB 84.17.50.8:443 repository.pcapp.store tcp
GB 84.17.50.8:443 repository.pcapp.store tcp
GB 84.17.50.8:443 repository.pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 pc1.evony.com udp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 8.8.8.8:53 repcdn.pcapp.store udp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
GB 84.17.50.8:443 repcdn.pcapp.store tcp
CA 76.9.213.153:443 pc1.evony.com tcp
CA 76.9.213.153:443 pc1.evony.com tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 159.223.126.41:443 pcapp.store tcp
GB 89.187.167.39:443 repcdn.pcapp.store tcp
GB 89.187.167.39:443 repcdn.pcapp.store tcp
GB 89.187.167.39:443 repcdn.pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 repository.pcapp.store udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 153.213.9.76.in-addr.arpa udp
GB 84.17.50.9:443 repository.pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:53 evcs-ocsp.ws.symantec.com udp
DE 152.199.19.74:80 evcs-ocsp.ws.symantec.com tcp
US 8.8.8.8:53 74.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 ev.pcapp.store udp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 77.211.182.147.in-addr.arpa udp
NL 142.251.39.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 emcl.evony.com udp
US 8.8.8.8:53 em.evony.com udp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 38.45.227.13:80 em.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 38.45.227.13:80 em.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 8.8.8.8:53 emggcdn1.ucimg.co udp
US 34.110.215.133:80 emggcdn1.ucimg.co tcp
US 8.8.8.8:53 44.213.9.76.in-addr.arpa udp
US 8.8.8.8:53 133.215.110.34.in-addr.arpa udp
N/A 127.0.0.1:54340 tcp
N/A 127.0.0.1:54341 tcp
N/A 127.0.0.1:54339 tcp
N/A 127.0.0.1:54365 tcp
N/A 127.0.0.1:54367 tcp
N/A 127.0.0.1:54369 tcp
N/A 127.0.0.1:54381 tcp
N/A 127.0.0.1:54383 tcp
N/A 127.0.0.1:54385 tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
N/A 127.0.0.1:54430 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54434 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54438 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54455 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54461 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54487 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
N/A 127.0.0.1:54700 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54704 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54729 tcp
N/A 127.0.0.1:54748 tcp
N/A 127.0.0.1:54751 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:54755 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 64.176.203.93:443 pcapp.store tcp
US 8.8.8.8:53 93.203.176.64.in-addr.arpa udp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55095 tcp
N/A 127.0.0.1:55103 tcp
N/A 127.0.0.1:55111 tcp
N/A 127.0.0.1:55113 tcp
N/A 127.0.0.1:55115 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 38.45.227.13:80 em.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 34.110.215.133:80 emggcdn1.ucimg.co tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 8.8.8.8:53 config.uca.cloud.unity3d.com udp
US 8.8.8.8:53 adslog.evony.com udp
CA 76.9.213.43:443 emcl.evony.com tcp
CA 76.9.213.43:443 emcl.evony.com tcp
US 8.8.8.8:53 em1.evony.com udp
CA 38.45.227.14:443 adslog.evony.com tcp
US 8.8.8.8:53 14.227.45.38.in-addr.arpa udp
US 34.111.113.40:443 config.uca.cloud.unity3d.com tcp
N/A 127.0.0.1:55131 tcp
N/A 127.0.0.1:55134 tcp
N/A 127.0.0.1:55136 tcp
N/A 127.0.0.1:55144 tcp
US 8.8.8.8:53 40.113.111.34.in-addr.arpa udp
CA 76.9.213.9:443 em1.evony.com tcp
N/A 127.0.0.1:55173 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55186 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55190 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55194 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55198 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55202 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55206 tcp
N/A 127.0.0.1:55219 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55223 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 8.8.8.8:443 dns.google udp
NL 142.250.179.196:443 www.google.com udp
N/A 127.0.0.1:55227 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55233 tcp
N/A 127.0.0.1:55235 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
CA 76.9.213.44:80 emcl.evony.com tcp
N/A 127.0.0.1:55600 tcp
CA 76.9.213.44:80 emcl.evony.com tcp
US 8.8.8.8:443 dns.google udp
NL 216.58.208.106:443 content-autofill.googleapis.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
NL 172.217.168.206:443 clients2.google.com udp
NL 172.217.168.206:443 clients2.google.com tcp
US 8.8.8.8:443 dns.google udp
NL 142.250.179.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 tinyurl.com udp
US 104.18.111.161:443 tinyurl.com tcp
US 104.18.111.161:443 tinyurl.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 161.111.18.104.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 185.199.109.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.179.138:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
NL 142.250.179.138:443 content-autofill.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
GB 18.244.114.121:443 d74queuslupub.cloudfront.net tcp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 142.250.179.196:443 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.4.4:443 dns.google udp
NL 142.251.39.106:443 content-autofill.googleapis.com udp

Files

\??\pipe\crashpad_4696_SZVBDALXGDWWOPTX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 48d2860dd3168b6f06a4f27c6791bcaa
SHA1 f5f803efed91cd45a36c3d6acdffaaf0e863bf8c
SHA256 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77
SHA512 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9f7b64e47f508976ae2e248467145569
SHA1 5a6dd92306b344d807c10cc6f97c7650583d9cd4
SHA256 dff5a7aea6e1f713708fc17496c6634076961f84f59f3f2245b297162cdeaf60
SHA512 48319156c17a75403f01153aef1ffececdd3d2f586d261a574022096974f57fcb08e286b13703afdb0acc5e47fed26a1c559bd6a799f03bff8d3332627d052ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9baa083081b11fdbc9b007b7292d37ea
SHA1 a286c895085ae92689aac368bfb2f140fb17d25f
SHA256 082c17efa5fc9637f9d71cea5ae3c5f7cbfed57b38d0d8f2fc2e3a047665af53
SHA512 8b85e66f1c5f04e1b2228ae012ddfb8c8005552d4ac266499cde238252afe778e11bbe415a2601a6bee6c9b5045fe339cf654daf6dd202f1c365411730fb9bf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7238ce3e0c7660de5dbd864f8a74e497
SHA1 a94895e4b12164b8381d68a71dbb47cdb9c01fc5
SHA256 798b728fd95ba43bbc7730834c15a61ef189a2e0ddd6751a222bfd27b47a2d84
SHA512 c38d4fee96fb6788f11fcb2aaeb6f888168810e012a04e5bd0438245ff03cebe74eb4f7e28b552a17b6bc85561ca5a27e942b412aaa547172213429b3898833c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 3ed6ff7e5640fc59c3c387f755c34408
SHA1 8c1d818d3c1126a3fd321dda8b05d87eb599f521
SHA256 ad252b7c3159fb49afd63a6564d52985b8f822a65dd2d734804461af7fff7e33
SHA512 84c61c095dcf18784863d1d8b509aabb3716e5ed1b9f65118d4865b382369b3aa06706a47847a924a512ab1103b2a666af3f067267a46d369627c4d5a48f5ff3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b80bdf2a218576371aabb4456ef687dd
SHA1 343d207c8cd87be133cff71e5770bdcdd436ad8d
SHA256 ba2e736fd318cdd5db38fee80e6a3476b42a1a373b28e9565877a4ce1ed454b9
SHA512 b71581fa7fa6e5109ee930b7afd0471daf7e493904ff440f28fb1ce1e8ff444894a3e57af3e3ce6d58b1dd8f1da9d4c42192640ce2e5cd6a425f850e879c3e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ba12870e914ea868a769427006cbabf5
SHA1 55d80d29bc4675ade3f9dcdaaf3af7f86a79d2a8
SHA256 48a8f4116bfb8cfde44e4b401a76c4a8e258f17e6a39c7f08f3d83c8f52ecbac
SHA512 aa3b12976fd4970572630ff99c29ae1a888ad529047e19b77f760cb8238773dbd69c8e824488d2947020d3f5ebba88b7572a58c8de8304e674c020c5defbac26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6c555bda6bb63fb49ba7ef77fb5d77d6
SHA1 7d6685797ed49b29fdcbe3904761e027162c82f1
SHA256 172359c8b23a664cd908e32b71ca9be0020c773225857a9f20b8bf24e9390ca5
SHA512 43e02420aa141ebb7ebd32af4ba540b7441fe1e94c0d4d3038b040edc2e2265ea1b77eb5c648ca37594198d0552ab339ff1d5614255ae6416464f88d8692ec61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db26e82a4cbefa8c3ed3c9185e9568f1
SHA1 e7e089f6ea70e4b651a1dc6c396ac8dcdae25771
SHA256 52e3cb643179d0e976759f65af21d12fa3760b5bf400aedcb889a1f3abcae01a
SHA512 5e3d33eef42a2429703c37b9dfb36b8e674af18f03de25a146b09748b6e174e524412be8b4e281c093d1c6664a10232691ebb6e75c5cafe63b33f0d8f5940a8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c6c81c9c6edd0b93ecf10b59c85e39f6
SHA1 f4191b44042082475434950bfc4f3bb136c2c4bf
SHA256 ff21659a9778491ea5851bd992631be317911b4027e0c3e3a70a7744f8b27e82
SHA512 d469f3810f9e9ecd82ade74953b4e4d65058b88691426c157e5d60fdd924337ec2c519cca8627098c3d10a6d17b93a528d6aef8b2447d99bb42c9d2c0a1bf558

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

MD5 3b5d96d4084bc7ded718b9f7d431beae
SHA1 314bd11bc0c2e92fbb0580c964f5635c5c014a0c
SHA256 32660fea9c586332517aacebaa0a553dcb9e433b97c5020c391e6e79f2990e53
SHA512 ee5101f293e49660c76f89d954496965c6fcff7ef08a56d60b055bc23b9e4cd38c5a06154a57c8424bca4004d38d90cd12e3d11cc5728ed6c9e0a7279f6a2a15

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

MD5 b60788ef6a57a82b271f51cbbdc3a40c
SHA1 aad4dafd31d09966b03fd8b8c5ff9dc3605049b3
SHA256 862be43044be77dea8d97e264c2e2199e81b577f52a0a43db62162fc093eeffa
SHA512 4eb8773ec71b827fca78df8b53d8dc522f780eedcd033b2471497ea64cfe1951f0c8715ddf649aa1f3d6d8cd2b2e6562554b08b0e9267d6c7681766ac4ee1d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23974c1339074a8ff00e7e01f4f11076
SHA1 bd39fb7ac2dc94f5f9b59beab5fa04575c0408cb
SHA256 3e69d7851aab747dc22089515416cb794572871200fe626e76a543b13edffef5
SHA512 f0ce4cca24a61ef7cff99b8f7bc4a6ba33f06282867a42dee84cdc274d1e8e0d70244db83675cae72c96db8a9829ae68e4a5b421394107e1a262ae43ce87a365

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6a72afb4afe1a58c741eab761c288d1
SHA1 fc159ba359246433a5628ad19f49acb62df2b57a
SHA256 8a7178c0f2ecfd4da174e59236d2cf8b8cfc250f070d2a280118925c18d4fd11
SHA512 ea50fa706ab5c2959095e62e0f2a03e2abce867b7f5cbf0475cb16b2faa49ce28b7ae9254f34f3d0346f4be3cd4e81033337dc91524316233537e9506e6adf04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 65fe3441521fcb5c23158988056a40ae
SHA1 23f5d62b4bde430e0b7b0a53d5746882b11bce7e
SHA256 f3f1b874b73d09188f91a664cff66fd5def6ad4625ef89cb252a8179e5c05d52
SHA512 0c18e8ef60a3001906b73f2a8bb0dbd87a06147020db07b5d02559aba8b0372b7f4ba6c364fa4c001fb3356ba2a04cb5fd7619ba2d65248af08356744e19ce3f

C:\Users\Admin\Downloads\Unconfirmed 880647.crdownload

MD5 c8246dc58903007ccf749a8ad70f5587
SHA1 0b8b0ec823c7ca36bf821b75e2b92d16868da05e
SHA256 347e7d26f98de9ac2e998739d695028fa761c3f035dbe5890731e30e53a955b3
SHA512 02f5ee6fa5365498ea537f931bab82e3d95178cb8ca42a108030649283290520c27490557a2b642649533b935503ad240acedab005bcbf3dd7691f5671caf975

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 a7acfe182e00ca971eb4925c3b2c903b
SHA1 e1f995bdb320486657e3c4799ac858791844f11e
SHA256 43527234ffb34d84f54f9ade4ec61c995df882fe011a8e32e311e86957dc1539
SHA512 ac232cc63a3d1c56ecf3953f7654eb3efa946c3a1cf586f0312a904ba9aeec9cef5a7111d3586af933e15c2b4596b03bb9fbaab9d944445e71258d7a77dae06d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe590640.TMP

MD5 309a042462d4124cf89b90c25b300a69
SHA1 8fa6e3c528ba6e0a6b7ffbf40e476697cf9b72a2
SHA256 73d290e5e659f83236384bc32517d4004693f7c6f607ab845d11fa03d42e433d
SHA512 d56dd38880ac0aba3e981e45896bc883c280ed86691dd31217fbdf7602e54f2fbcb525dfbc5713ad5cee4343fe34f25887ae82f6d185554a7e8a31a5e97247c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b245f33b9e49bdcc4f15c9826f8d918
SHA1 be855e3033b97745e2ef53b883ab431908323a02
SHA256 6d97ceedc42c252ec96045740eb907293ef61d3c4e3f8e9818730f7da3ad88ee
SHA512 31d46da801140628da34ea3baf03417ce1f10775651f2c2d4499c56cc182aa2d7e8e1459d86749431b3a83c88203f6aa1d1b3bc4cdbb74901447fafaf10cb9f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2c359236904498438f2bd99440ac4b3
SHA1 e2ba8f40e459ab5ebbb3219d86ffb263d6d17de8
SHA256 0c1783c66f7b608f0d348b8b34771936411981632f71e0528262e46cb834646d
SHA512 0737941644403f6e3b5c89eeb77991a416e6efe5f56b8f064e55f450bd7ed62880958726af0073d334c54e5a07c505dfe6e3441d3611cab814357debff20d55b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 92902d5f493778cd35ab1da3eb496ee7
SHA1 07cb15c0dd28e39a48ca817527f144605a53eeba
SHA256 c8055e94029d83e462244db75406806d20af18922af7b480ce46cf6f289c411e
SHA512 d531ce8bd0599e7cca11ce356f7aab543ac7ab161f2e37beee9a72eb4b5883b4da8431e2c1064a0a4117206139ce4ae29650d49c5df09ba9b7129cd0b63b90db

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 45bf425933989da1ef32af478c94bf74
SHA1 87fec13e2eb5e03dbcb50c69fd1c52f5faa6e22c
SHA256 cc9abc81695ef348d858e4af0d40ebbd2e2308ea3c45fdf6fca72052f8730fdc
SHA512 ac4ce19870cf82be9076e9a197b0811ef67de6d1288cec468ecfb29b99e4a37fd76a8ded89351065b98a598f43215d983d62d1efe2717fa7a44120a093d28fa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 17debcf86395edcff8d54ef4b01f7c1f
SHA1 1fed401e943fd32c511070ec86f0a1c9286f60ef
SHA256 e23a8d95177b6ed635600f5d56c1ec2ebb50285e4bed5e9f381dcd17580b9ab0
SHA512 1463c319b4c49e93f9c0558b4ed8ff5d1ea0802b591c7898c6124dc54b29131ba1e24323b12e22a8b6c5a9b0867464a2e084fccea078f1b82f1cfeb64918c519

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt

MD5 ebf4a0c3863e0e901f4b201f38cba33e
SHA1 69395a0f5c5493b3b41f36fe0c3172101b221e44
SHA256 b2a9a9eb2c12ee38e5a3f43e0a72e98afdc481cb9e19d23fdf133d1a8c8394e1
SHA512 913e2b24c00e7b34e30e27bb4ea68b69e8260d4bd9de6a467d1d78b61e62472cd04b1c435254ef30684df4afb5e1359d5e0ef52a860b12c864139417112560fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe59381d.TMP

MD5 9af5d097040d052f1d1ae8cff21f6576
SHA1 6c9700cbb1c0bae2137abd77803b124c046b1dda
SHA256 d61a10f226c3db4cd7966344e9753cf953b8cc226f060ef7eb335c33eed06d71
SHA512 e311b90d1fb5cd0bb319206677281b571522449cc47a297fd8975d50ac4995e281ba31c8d16373b0a88c48c5eb8b3cb788afe1477641070e3d8dd26805bc132d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 880afc85fc1789ac35e112ef6e49ba4e
SHA1 e86d996c5fc1b88f329dee362c35eba708b4b861
SHA256 ffed7728f14af419c5b6b640a8e6c73983bbf03b55700438e60ba2b7bd33700f
SHA512 48e8e8c1935356bd4b04dea97652ad417cbab99110d9fce0de6455e8f88daaf51aec18879957cb570d71fc6ee5133052fa50590f12b676f96ee81cc1b08d5010

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73d0c4ac8863f103bcd2b7272aca8691
SHA1 97efe0ba640331b46dc7058304a288365ab5c7f8
SHA256 9639105ddd9f67b11f8f8c2f2f841b34ce096f26ee3a692543485adbc78eae89
SHA512 76e48f7029fd538e28f797e620f6b7a14d8e58c22e6b87a645dde6ddb93b4ec42bd55fc030f8299e34a02ce055638bf532f5dc64d1397c08f9da26fe41bee89e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b2

MD5 6931123c52bee278b00ee54ae99f0ead
SHA1 6907e9544cd8b24f602d0a623cfe32fe9426f81f
SHA256 c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935
SHA512 40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 382421e80ea4b2811075bef5d86306cf
SHA1 da7c583c559055c133f14178b6a44b62ee0d3aca
SHA256 edfccaf56b63b7e6ff8403f48fb7de70e97de3133e869fd1e543c053c9af0c2c
SHA512 58819a156032d5ee487ece42aae88a64f3763cc547d7580cf940c0dae93c0d9a1f3e3c6166b932490940fd867e2d84ce7c9a764ff4b197bf7dfd1a6c8a72639f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 925ce8196fec89e7fd6a990269b0ab3f
SHA1 cbecce3b292d98f072874a215a2424db0e269128
SHA256 61df867d04a2e1b8dad261d8c2615d7dc16f09826d26f9b58416b67767dcb1c2
SHA512 a9ed1648f68c2d6003599f6363bf490061609ccf3f72dc869155e68477a800ab08d1395662a8283b8faa2f06d87ddee5eae40102e3eaac860b8fdc8eb4d514b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5983bd.TMP

MD5 593d5244697f1bb6dcb8f5718d92cc0d
SHA1 c210868eb20069f8c0ff9ed1dcb4f1212aed3cd7
SHA256 a817f68b9d53e6a862f7dd58593947c50aa4151e06cf0fcde8fda3cca46f9037
SHA512 5cdf99855203cb752433c1fdb9e33c8f0916c56eac2ba69af401da101cc74028e8c7f45a3ca60becb3012683bbe49d109e9e897423147588e72ff6669a40e6d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9eb16573f3193e06bfdb050409e9db32
SHA1 a3208bcc859a2c0bb3a1c3e9d844fee1def7a189
SHA256 adfdc9ad52092a87f2cda77b4cc01df09116fbaa353e8bbce6443e0049153a9a
SHA512 7401f1f75c01ccebc565302bd6406ed5649371b56b809a6178d521fc9a6d034167746e3715457c7b51cb0e4329ded856e873eec59756d99836e15ba7ec553100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7ad3b4505232ebdb92d645840179eec9
SHA1 157a3742e8ddf31bce5a3a5a983bc812867f9efc
SHA256 9f891068f29c7f78fd5f10564bfac5170e1e92a09eaf187c7c6338f2fece5d7a
SHA512 e2cb3cae8c4ebd7efdb309cbff644331b7433acb1dcd0ac5afe4ca2dbff83d7ba94ec4a2146b8de7ac68e0781d6189170193f0a73ec6e9e8ae677931361af21e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000085

MD5 100753506cdeb53eefc2bb6fdd1b064f
SHA1 770bf9d634015f7784c4728d5fb80e1457f000f0
SHA256 5f282f19054f8373f07439b6afd16c594619e8eca8372669999d8a51f9c6991d
SHA512 a1b8d70bdbd3028a852aa492c8246c35cc8dab30aefd5063bffbbb8eff2987c126c17c262eaa8e125916508ae51f826870791318e544de88a8e419049ee05271

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

MD5 75aa9a75c82884b541bdbc8db8b1afb1
SHA1 c413318f75dbad509d437b49660e5d1db15d5655
SHA256 90cafcbabb767d77cd60441d67f4e17fa4791dea0efc0bc02fcd89e0a05eff33
SHA512 319f9a6c3f9c6c076819f1f8a2b88aacd925a6e876f770d50515d6c21a03defed5fef375f55fb8b7071e1997c7eeb97637b8f7eb09a27a43f47215524f5d8583

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087

MD5 97260f7f1f5a90971f92c87bbc6c69fe
SHA1 1e987dd3d6deb7789651d0096abb7fed98776cf9
SHA256 cf63be4f942ae482454d5a2a40c73e2b33f87f93d840729932dc2f2b213daf4e
SHA512 1ca1b0b8c10cda0077ec3daf3a02be164c2515caa575650db55f5ae5d4b24414415c298fd1c11837de60daebf088795c53de280dbd4675b0e083ef0c469b96c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

MD5 42e84ebcf5470237abd1f9e322b751fe
SHA1 a828a45804554507d9e8521c36109e8bc3d5eca2
SHA256 a9fc7baee3689f0331e46617f60d6e7c3ed631209b7211e7dd09cf20d22a64c1
SHA512 36606d42aee5689819dedf221af3c6c0da06aeb9997b9ce84b42db42ab80a0926352219f1e47f2287dcc850fcc96e4eefd5e487e09e1f1228102eced11271e25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

MD5 85c86eb412bdb8fb10996812f2b68f15
SHA1 73d90d1af6850fd4296e631ea46e951f0fd0c373
SHA256 c6aaf6014daf84b092194d158f7c31ee6d7c3b0b0b5e3cdbd3b269c5ecef1690
SHA512 d9ac885a13eaa3a5c39d08b4f3de7af591e59f6dcc5acc4f184d8fe347afbbbadf8e59fd7e8b3cb8dff2fba5b7569d1a06d40d7fb194ecd7c0587a155c5ee8ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bd

MD5 0800f316866f3b20e5443bf0b6c133a2
SHA1 0c26d720ec1078b683068d5586b3a204ec118bba
SHA256 8bf6fdda34cb70a0e5abb753af6440a64d37ed2fee81ab1d9c478f7d77aff84e
SHA512 84d9961ef0b3890094c0809750708d57ab23a9e21f76fbddae37fe04443b44c693dd087e51ed06e5ea2900f1fa7f2bda76f8991d3f8396dacfaf923438e48d75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1c7286226dab837bbf9822c7ad167a9d
SHA1 71b8a17a6a61604a1498d267775a1045009c6732
SHA256 6282d9918660a2e5564bfb72a3b098327f49ee86050aa4f2a1f8204dfd63b8ac
SHA512 c75d558db00dfc6b7acfdc1689cf2becc916e4a805fbc74c2c9c9801e1851772c2cb104beb628cb77d60cd04d6c2452990a7c68cc682edb2de973639353742ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be

MD5 ea05a9615ee91a2098e3d2ec4255a861
SHA1 6daede33eb2e0cd831c1606947ffc3f312e1dfe9
SHA256 b85bec1a1425290641c5a32031770216e83d127c5cf840e69fd01a250279bc9c
SHA512 e11a9cbae5c2d4d91dc65ab7a16d36bfea29f156466e6e2b380d1793cdeb4a2b0fd7666102bfba5a0e2344cdc2efbde3ae0ec1ed134aca269467395843a15426

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64a8f906aa3b0b10_0

MD5 55c8b84bf35801f3cb7a052f44eadc09
SHA1 376cf299c6710017e8f3816c03e3312e5e814f13
SHA256 eb3b9b548b9ed5be9f61643b7c120c435d05754a93121ee46aeed4ce655e8554
SHA512 0e546e415a225389619389c53c471a039ddc1c3b6f8d777395f71e122a87751b9e31e82a523bb501e01e1c59845e812c0499b6ad8e73024474682bf395eab29c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7b508899820079f3_0

MD5 851edcf39f15f227767891d58b1633bf
SHA1 ec733d5d56ecfd8ecca806e347d9f71aca66fa10
SHA256 7ffb81a3b0a5e25cdfaf80b4021bc590766e8aefb5c31e006a606d8fbbb23a8c
SHA512 dd2ac19a963d375315c4dd35f7415da5b401d1ee8f1f13e9cc9ee2cf1703feb2c14ecc697351e9401776b729a8c3abd42d7b723364517a6c48f0e36bfb02b5c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f204ff05930d8ee467fca57b1d90b0f4
SHA1 3033645c2b8a0029f23693211517d410b14711dc
SHA256 53f6dce8027e61b883f7291196656c8e8f58b7527dacc6e40d8af873e95bd287
SHA512 0c3566735dac199d446dd775b93c093e3a0558f5c3aa499bcc26a296d13889a487f9845810e2cc110f978e72bc49111fb3d87a471dd0f08c5c9c440dfa0bd333

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 314025075985d92cd9a743d482dafad0
SHA1 709a1050e7a81b54b48e4b43e44140ee8295759b
SHA256 f8ee013eb443b8c1d03179b33d6b550441f2e9772849853ba26755c34c3fad25
SHA512 ea69d1bab3267ef52f7fe7cc75528fe357eb8fe50fc87ef56e4627483288e897d00b4824948749e6b39f7ee064884883903ca634eee0d8d461dada8718847244

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b6f48def1ad0dc727f479ce8ffec8a6b
SHA1 488a3d7c23f20d7c90d9cd3010d31836d67b4028
SHA256 88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec
SHA512 ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe59bc03.TMP

MD5 a86a84f9522e0aec5aaff5697c2195b8
SHA1 a08d8025ef1ee8cbe22c625ba2909d41e0121444
SHA256 3c1e368e1366b2517f326e317b8ecb9ec2eea4de2ad0ed42aec30d93702d8702
SHA512 c66552ba16bedf80c1bd4ab404dedbfee7b5a4c878c172e5e6678f02b41395356c3afed7daec80d748b205e04ccef02abdc657b5e8762d2f49e1d7950082037a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0bead89522922251dee7b34193723ed1
SHA1 f5c59f6aa1048050b45b3115172e386b68771eef
SHA256 4907679b73cef2294e391a899f58d6050b0d5c34b9b68c0086bd94e724233b6e
SHA512 962aa889a508f4c52f6e9c39f289d88a8781b3214e996b2a8987e345b11f781e11a92d38c255d6696a0540464c97052afc42010d8bbc4d91201c3699aefa96e0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 f0d884b6293779cf60942d6b50eba88b
SHA1 01027b80e055ac4440f4954c9dadb7f1e1984120
SHA256 e518121c84a79956c3b0091d395a192d242205d6f020db9387581a12500d5f64
SHA512 570db2ac4c2fd294791af07eb2acb1e533daf15ca2f2d56dc588adbf2c7efa3c3c0a39e0c37a3dba9917997c3e106ad832cd2d52f5d18531310bd3d7c3073053

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f46e8a3c2efc3d7f28aa8ed396ddacf5
SHA1 c84e3516e36b0060ec19a8d52e64cbc36a5e0a7d
SHA256 d40ba92a2272ca6d93c5853360de4a548ed931647667b4b1d3184fe6f4e05676
SHA512 537b59b637121f1c38a2ce3e354034bcb7aadef18ad223cb1d37b90f7d6be8e20b1d016c7cf2f1a86659168412503a8a7ab9136b4767e414645421ed7c786822

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 4a3c942f24bed7fb0e5bfdb1397b5c63
SHA1 65b071ae2c34170f18a48d84965c6c79ac6944eb
SHA256 96d6770a07267a7f6abdb9eb9786c52d3f29ec37998a61c7f811ced010f1f0e2
SHA512 b283b29fc0778cffc369f2c354e0c5dbf8bd380f57fcfa6d06223651715604b3e251b7e128642e6188b7bb57fbe06c67633454f7612a2fd833f938d19dad3078

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0b9f1aec-290b-48d0-8fb3-4832ce196771\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2c21645d8ce4a0f9961f350874914a7e
SHA1 1490bc433ba939ff6f739683c3744e69cd419e9c
SHA256 a434e2db024f9449a09231028819ff31ea0c65afc89558a9705710809c896b65
SHA512 caa45916182dc78670e6fe214807ecbbf40b8fcee0d00e11e430e63457be7b08a6f9b57e1b5cf3cf383706e4f4e7910a60ffba8df8fc97380095fb66ef40221a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b93d64a4c11633299d95d0ee8feeecf
SHA1 90e32a8b3f4b02b329de3a5605115cd2dd2d3e0d
SHA256 5a1f22f97eeb0f1a2ae5a6ccd08515dffbbc3ee4a6463d8744b0034eac5fdc23
SHA512 bd237e23fc492975cfbca05e0a9bc6f8a3526828a145b2e2b712f075cd1458ffc66018e7e430199a2ea76d3f6f41628f0c86254088b461f2324e84b695ee9cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 76dfafce8991bc76d05bb9647e94c007
SHA1 2a7ac5c190d8fba3b819ddc87029b696be0bd927
SHA256 cee9ce29237c411e47453eb3b793ee170fa01c432739d7f15e20d3e63ec3570f
SHA512 3d6ae899bbb05fb8f34617e04bbfddace34cf32b87a08a0d4c03a008383df9d1763bd75a00c73b99f9288d979e88af12e9c1b90ed232427bbe07cd8675f3b18a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 85066d4ac0fa7cf98ac5e6ac19881f4a
SHA1 0c656eb59b2f39602c0993240fbc848521f96086
SHA256 178f5691f2b63a06515405e03502029278141ebe1a6e9361407a383e0124c44a
SHA512 f05abd39b40fc54ec148c5f41a07d80b0d301c92cb2c72e442f369631230827130c442c56774b0a641b8edc03bc779c522fe84b40fc78112799aaaea4a6239f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cc

MD5 fd1f79856510e1cddd8141f1d82aff4f
SHA1 659aa5c13b63adfb1480856cf8da6acd4fa624f4
SHA256 d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4
SHA512 7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cd

MD5 9749d9ec019343047185cdbc554c6db4
SHA1 089a2ea98bede002cfd2371d1647ffe155ec23fa
SHA256 96383f6cf4abb61960cd6b68deaa7648b268962484f9a0dca9c7d54a62b9f97c
SHA512 d9d3f3156f0478d08c114c6189304450edadef8f9f0a1c7e36b89566be1084a51bfb9c6d17ef65829acd29c61ce140a1644093b67cc838dff76d638e70fff075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0

MD5 81e8f8281ea972cee3cd3ee2ff4ed42b
SHA1 6877e2f5e3c97294610f5d92c53982b3f6db008a
SHA256 8a6aea6739ad1bc5c58aa123796b46a9334f2880fc3c3948cd00abc6ed2e5e9c
SHA512 615a131732c448342706cc049874cac0ec523271d6c8dfa600a3ba8626ec52c92fbd5ba8ba1ebd2ee51497dc6ef96d433a8d6eda45611cc7b00fe365dbe3b49d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 38f920226981475aee4202268f35a166
SHA1 db7e151c84a8cf2cddbdad9cd77334b9b0ba29c6
SHA256 765874297e840d20b40b8387125cf8ade458565ad56b9bbea5bd18604ed25f02
SHA512 e316147c47544ffc3ae2fed9ab05d4b7c37ee223c972b48731565e375c6681d4ca2febe7d4cb01d8aa48f79889af507f3edc81613f53248b76be1aff1e91dca9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 178e3d6964bcbec9e8b12817b4d0022a
SHA1 4345bda396af0ccb84126f7a9a93fcda3b30560f
SHA256 f2fb3fb91f86d8e55d3722f922c808bc6a047fdc28275ee9c71dc4cf8592faa3
SHA512 c68ec46468e373030fce546dbb64fa169bbdde9a92bd24c3cd5da7d60be8460d8b638c8263da128002a7c74a30cc296bb16e1128bb1477df0b182ab8a24486a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 29bd93063305178670798e58ab97ed22
SHA1 3480a5ddc478d170ae119aee314fe2cb13121f83
SHA256 3c787b5d0a9cc564d728091de6fc26389b0c7f456c2314326110e83972d227e3
SHA512 2db3d4fdeba7ae4858c9a91e3d6fe538b3e8e562e5ac9f2029f3ce392681953833f2237c14ddfe812bee038781b5113c6042476c407a67c60a95637437770b56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 99328b444da048ce1aea10d2752fb58d
SHA1 27959cb1219e66970bb539bec993226e5f66e747
SHA256 faf75cd48b17dd9e5eacdd7ffa04f988b410cd478a7abc3297278c51fdc0278c
SHA512 c036166dd320b80877d5aceeafcb72479e757f30e61a59ba6060a4bf0bb8935e5c2d6d65c422a76baa37c78e3385f39f24d25f47aa8cc839eefb40642cb6a2de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f2dd9cc6b9b7df761e6195c80d3a18c3
SHA1 d8eed8f0ac0ef9c35aa5f13f15f3c43195fbdc06
SHA256 92543e9e5ee1983d1fa4217dfce5b8425658567ff7a51d60bba3e42079d57b7c
SHA512 46c76e9a875a0fcfa080c1481bf79e627ff0513936d90c7ab3735757cdf4af5c16d6df1fab7c4dff845ed5f09e623e9382ca6f177e3985a0e70f30738f505c5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aac3217928fd84e44af37bfab6cc4ae6
SHA1 c3ba7079a3fbca116f1121540c749c1e930b332b
SHA256 7925acf5c8cceb75ac27fac6cea0cedf2b24631339c6131c2a37fbaae68158a5
SHA512 0008eeeda7b60f29983527a0f65d0df4de48a9c339e7a01b927dabfd4b1039df023eaf4222e1844974930fdaa41764177f8a5439ed467bd6256af0d97f380b5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7dc7f271e4a4c1286929d658738fe908
SHA1 db0d40e041f54e2fe15ceadf4a989218b12018d2
SHA256 ca7ec4af8e41d29cd296cb3e018041c915a836bbc48b97a8faf4ac745881617b
SHA512 269a28f27aa226fe4d478ed38d19e367bd012bdc5734f54bc6195be65781a0372ba170856868e7f86d3005a27598e34386fe061b6c74b2ff4940ef237447811f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 670c769d9837fc5871c794c70f732aba
SHA1 295d5b99b609cf532c4f3ddae24a5be2c3a995d1
SHA256 a3c0dbaf5b2e1a47123e5d6a488d90451e1d09b4c9425d35db43bcf1895c6ccf
SHA512 8064b25e44c9e752efed3ca3a5e616f97d9c226af8e7be8723b36dfd3082d466c5c46a5aad8fed65059aa527248c4f4dbd303c399c9298324aa03a30de486297

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old

MD5 2c16d97b54dc445527e8bb66aaf783a5
SHA1 63f24301643f46b8a51417e3600d2a6f4d1f079a
SHA256 2141ec1780231ae3b701005c2a7be9efad6b99ff228af0a55d003124805886f0
SHA512 0bf7150b18b0bbb490e4e72673a40c103f026c16ee13a06f277049da95c0152a250ac6afe3bceb533ad9a7b35af1962ab8152ed2dff0df3b5c81a604802c3a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old~RFe5b3ef9.TMP

MD5 4ee0f10dddd83fa8a0153cfb08e138c4
SHA1 87f0a11a7c16271cca9a5ae5298c36bf57e68dc0
SHA256 0f9cca94c79c16b1e18e6f9dd9e98994e0bc9607fdede1c259dfb28f1c28f600
SHA512 a3921e6cdd33ece1baae3b64416b0960187f2797514302eb5c88a7e1a1641b0f0719a0fe0cbe722bccf561f292ab9324760d7a9602879e6158f98fb3ca644334

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 dc15b7f7287ea2bdbf26a8ee6a8d1876
SHA1 ffac3b6426224719253f661503b23b9086c56e5d
SHA256 5beca64ae74823ae62648ff4fcb48e4e7b565f26ab45f01304a29eea762aca21
SHA512 8072021d9ed85845fa05c478bca254ad1f4ebd19a8d0cb51e16760a020518cfe2105b50cfadf743ba59d9b2f567b5f2b7b655b629ca6f10bc32a342689d89f14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 1cbd05e6a4a645dabbec0782f69ae823
SHA1 8779ac8cf1fefa2b36c5da73c460afafd86eb031
SHA256 8a7c571ecd245bac32780c87ff5d477d395428b4dbe95b2dad1af1dd34ad407a
SHA512 163ff8495eb353dbbe53efe5e94ed1bc26aa480d09402a214de88bc2651d23564bd5cf5f68165cf0b92ffe5082c98de310041dcf15ac1ddd1f11eb50e3a07559

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 75def646752cc397bed7c7e5a18e431e
SHA1 b7b14c57f9fcc5582392107fc944c56ece5d1f33
SHA256 8e28abe8b9321e1ca4a0fcf9a2a46be0ad4bd0b11fb48825d7af49b5a6e6cb1d
SHA512 3cf8d1c4628a0ba709d3f29f87dc9625e2e6a3fb3deea31f2793bb4800f38c551a67e293d348da05221d166f4f4571f1a93be23340090e6166d92e986a44cd73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7292ff2a3d59d6e2d62962f1b4ecca0d
SHA1 59d1b6189660ec987741c73040b3da4f0f41d6f8
SHA256 0126bb875c85c7f4cd89a4bbe7649192d10c000b420fc3990fd2c3f8ff5ef04c
SHA512 dafc273a64ee3a6d99cbdf09f6255b26dcda088f4a7fc01fb6402454b645d134ab8bc75ca5ac005a1ea347997f3377f2eac4fdc5436a9543eeb1a37ab4034545

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dfb6b8f1d76e6b0043e2f89efdcf8d3c
SHA1 683b91ab96c6a9bca62729d2b2bf04a77058f3e1
SHA256 4cc708018dfeea707ca04ae8619f22219bf14daa218a2c0af767a323b4cd6e25
SHA512 b7280d2b8dd5add348b936cbb95932db4223e0b0d21c6c6fb01425549c40c355dfa2cfd085f981b91090cb746e31310423ae4736b49447825f7124081c3147a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000092

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093

MD5 bc8196eb279d19a8cb0f141504d36c9f
SHA1 410b6176935d56db1964c4bca679203081fa8706
SHA256 af8e1ad1a7809c3f87ed13db0ff14087bcfa06ac99c6a2c2cb332f078d3943a4
SHA512 4d84b795c2a2152f00ca15e929b439ba59215104ff150d2ab6f180798d49f68794c3fa8333be5323068a79218780c681eb8ba8ea16c68cc59cda89039a155123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000091

MD5 033df0da389953cc333280511a9914c7
SHA1 447a8c4f6ebd38aabfb224df79f7f4f79defef3d
SHA256 1eff650da5767d442a420476aeb8863d81f03c15cd8eb947993ac86a9dab21ef
SHA512 07a5b31558f51ff061e37f5664c30e05a4ddeed0a641b31b19bf858b044aeff5354b85825e1664a9ca7cc44f9404651d7e1b53efdfba5fa31de70f73fd9b395d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

MD5 c50089df12b4826cf6371f5b4cd3e5de
SHA1 109bb7ccf03b43ccc649cc22decea957230495a3
SHA256 c4ad6585a791f6e230ed30a01d22ae7da7a07c68fb686bee3d499736330cb6d9
SHA512 f8ad8834f08a736e21a8afc3e5183c75b0d5a56c8659140a955bd4f5c31440c379ee4720baee18433ed3681e6ecc6fb64f3f1807b313257427dad2dd6e509e71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008c

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000094

MD5 ae6d89704428e61b3d857a2988490cf1
SHA1 99fdb51b0432dad7b842b11e58094b06e8d5fc64
SHA256 86dbb0ebeab017e8fff87ea7e431c90d06c399b1a7467d426d1b7c51966ba05f
SHA512 703e8474732ed5434d46cb437a816e18f9d99c11666c7fbc9e53bd704cda03135a2ebdfb25b66bfd0af8d911af31242ef25b0c9c95155f795bb9471d78b3cab0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098

MD5 cc4338db837b0e3f30630842a320a796
SHA1 764cbccff0d132436f387596a8eb5ea71954bd0c
SHA256 e035df2cc7bb7ac4c4993f32eef9279020a55dd83c4efb92f5dbeb04c159e7fb
SHA512 2f55d1d6d5da4905b76ec30c5af2ea070fca2825f3acca38a244754e29c7da67d8b14a64912fd8bc2c173a6e0daf1303bfc60dba92d41cf86ea084b098fc982c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097

MD5 d218adc0202ddcd3f482874d435e810a
SHA1 3106abdbd1dafdc3e931c8eaabb8e4adc014a2af
SHA256 3d329af73f0c900256a0759ded80a51a999518635c9ac95249020e36c9b1fb21
SHA512 5fc4c580748f9fd8c8c793e8778d8160805019aaf6f738593226dc03e69222e93a6f803f0cb3ace04d69dd3c5486f1d1392e9cbe17ef38fede27f6473f65e82b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096

MD5 6192a48f7b0fde2f0e3fc541cf79a7e8
SHA1 df9b7089a57ae0efc3af4a1d4ddf5042a592ac71
SHA256 1fc596be87999f1ac69677effcaadb0a492a871e017db76661732c85ccab4b8e
SHA512 f681d15f07f2645d5dfc697f2ce93da71b0d5ae3447d87767fb9bb70d89275f6d715922f332b122b77c9b49f8787f81540e72bb94fb4a1997017a2948d2ff6f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095

MD5 e4227acdad64e7d9f8e8b8471af13a9a
SHA1 e163f89ab25012abc19cd31ef9a7c72b2745156b
SHA256 60b9c5e02d68e60bf23038db2e11769c5e50a3195eee4831d08452457b651371
SHA512 6ea6a1bb87f197674c6404e8c33d89cd89f6c22fa2dd5af972c36c5343d0ad1fb227e76082663435ce1d0733bbe262cba9ec2e7e36388fd83078f6b3bdc40054

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099

MD5 8be102e2c9ff27f0c1ad9d93138522f0
SHA1 2e9233646304b9cb72f73b09d1e89fdef1d7369c
SHA256 dd46a083bd9e98443f97cf9129cf8d4d782deac0c28e1f7b4a65df000f9e164f
SHA512 e3a570317c4c770a9feff907a7386e5db454ca356ef974a8a141241c4bd24a989fdefca76bc01934768e3ab05ccced4da01a34f3c81d1b41c224b200cfd058a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c

MD5 831ab1ba056cc5e8b696c2b24538a9e2
SHA1 6d653d4650980c36c8a306347a835a309d70f99e
SHA256 9c68f78a022508c165b7e1e77136c3716a6a16f13c6eabea504b97d2ef87c856
SHA512 3de8a9df404fd5df45a55da7c3877cc1ad20ea57ac9c19052e3a24e9d44edce25647a87c3ebeb6e5291ce483f26fe8d8fd88ec8cb9d1f124855b84f77fd18061

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7

MD5 e45f95635508c9b063c4e562836dfb4c
SHA1 6ed7c9b0ce19ddd5322255faf090d285a7da2fad
SHA256 9d8660164c1677ef3bfabfe0bbe12d6abb1b7c285ec2a390c16a8d50abcc6bca
SHA512 532db66cdacfc95b0f8afb6bec048bed2fc2decd79d5b819edb17c99dbf38eda7af0ecd5108bf7f332432b6289bd24fb032fa3badf6072dab7193df647f2c783

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b4

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ccb951e04f5023b3ee9a2ad8f871c605
SHA1 62389e0202fd23b693e46818fe262bee81901f0d
SHA256 ada1845b262ba785f74de8387bee5c46fb94d24eab92e3ae49bcae72d0806ab3
SHA512 c9a9f8b35eeece2d2413d53d7a5f3cfba31314209b4b33c76ba8f929017ce3e128c79e3ebb2e3993a148472e72d9b953aac1eac9e1bb62659325267a89ca9ef1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 89aee6bb7ef783e294920bb698472e36
SHA1 49cdfd61aeba06e9ae28c2cf0713b6f84da622c0
SHA256 dd741f6d880ff731be0983accd0af99654e69d59fb599113ca654d2eaee1db47
SHA512 84decef4269bc155f15033e33dfc9b2c1c391fb129d142886ea0629699817f8f8570a494f4d7e9170fa4ebb8a91c4994c43fee7a954414106a33135d387fd642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 451a74733dac415d359e0d18f390eb61
SHA1 af6b0012f2d4a4b5be7c103d0cf7835d623a8ec2
SHA256 2e5aa50b2cbe1a9fcf56cf5711a6a6a9c62642d6059fdc5733dbec3dd2ceb1b9
SHA512 db2729fe0e194746cdb84430aa84b008bc5e25d100339067135a888d9756a30ee409bbd807b2c950fc4be009bac6bcab7bfac72bf9bb6fd9e6ebc0f879f5fac6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 868ea865f4f6b025a439de4d4f575e44
SHA1 368cdd9a3606fc26879ededcf7760b32f125206c
SHA256 b519ca14e28d0dba64b5bb2f694c3655a549d3b249f4d9dbc39c22ab9700be93
SHA512 e14cb1a063ac740eac85351254aeeb3d93274f9b3dfa2dee309c8c49be8ce864f66e3a27fe6e11e103b192ff879a865b66b2594a0a7a73733e2df76dc74c8a6b

C:\Users\Admin\Downloads\Setup.exe

MD5 b1d1fa855ca77fa2c48d1e2d0d04074d
SHA1 0202fe3434f10b68e6feb990b95f16aeffdad80b
SHA256 e5b0db3f80169c0f784b3a25e2df8e4dfea7871852c49582dfd6496221928282
SHA512 d75d9cd018edb250a5aa135dde9d257c78d5bee5a7cb8894c5a78f0d3a1671d3b8cd3c8f7cd6fbafc11ad538da3013bbb351093893eba23e1edf834141a84184

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e35125393a01f07434941e206c3a219f
SHA1 c1eab8446f7cb040787d0fe57b30e91f64310733
SHA256 f9f1075f61a7a33dfc9a4782d941f5c296346fe0be6ae8ff1bcfb91d9ef29113
SHA512 4edcb4eea766f99cd9073b1cd5ee173441e6488dc3c47bf34d8458bb813436f83253b617055fa6ad9b22401b9c1c041cdf869aad236a34d9636ab4221d5717f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\000003.log

MD5 719ca8ca769972771241c033594c7ea9
SHA1 c8299d1f04f36766ee495f444272d0f8330cb93b
SHA256 da504917273686ee5a2dd433ff66b58463a592833f16d01c6c784049db4fe6d7
SHA512 e484a3b790e863bfab8ee206784db88b06b775aaafe04af84c80213f6976c5681347f475a8f455ddc89977daad1fa7f90ef8808e8beed87aca3a84950a9d7f89

C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\inetc.dll

MD5 a35cdc9cf1d17216c0ab8c5282488ead
SHA1 ed8e8091a924343ad8791d85e2733c14839f0d36
SHA256 a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df
SHA512 0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e370b8552496409809b7c4ca4d6c5c6
SHA1 9aa62f01e5d67f30927675426f1a48da386dd4c3
SHA256 04e62d6ab3e7dfc8459cda7bbbb1915e573ac12de068a4369ed4dca32e92e0a5
SHA512 482dec7658fa057a3ccf02e044bbc2207418ad51e2dee60ff7069b1cb7eea644191fb43aaca7f1b3a61082821cd16227489644562cb2ee78dacf5e1d39aaec9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 136b65ec7b4a3f46670b42e4c52c3cfd
SHA1 0e0ba325fa4856f8672b26561deb220623e56b14
SHA256 c03ca555037b5d8682c6852bcfb8bfd75afbcb186956cca417325514724ba3b7
SHA512 ab44e24761fb213c6d05891f63e1c26baffcdb12a16f3241ca2ec844a245d4f6281a98fe7d02148c23c406dd1889edd61b165dbe911edf2f2639a114a1a367da

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 933a735de15524f04111b7d0325bb696
SHA1 785bb683215dbc83803e0a7d262df5e2e4378c75
SHA256 9f68e19f83bdb54c0fd47d88b49dbf4730b7244172b073744db977848ef82cc0
SHA512 fd0213633abb650096cfaf8bd49556bc728fcd943fd6d423f91baf849219f1603f21abf82e2d35caa44a09c206b7fdd55b5dcb037bee9db1386d864081b35fe3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 551fa951437363002c24ef1221528040
SHA1 eaa2f08c01cb048d5670bb8c786427d137d99226
SHA256 8f332e53360eef5fa68422b8e97085890c6c3bcd52c567e0e4d70aab7ba31b65
SHA512 47adb09e0cc2d879646159eb09f442bcacd545d174f0da7ae9cc8dbb0719449e37c12d67d9fed1c0009bc0960bb1a19289605ff8235e33843e2bab131bce73e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b5f221180b621c72a0772b2201b49c6
SHA1 53755f32ab1fe7b42e73535d55efc10a862734e1
SHA256 2611cfbee1dfe22afc2eae7009bcbd4057144ef7373bdc36c193cef40cb3270e
SHA512 b45955c9cf42c79fc2682158c020b0f7e6838a9edb5adfe5c7598f49e77f2398e0a1f6cbcfbe6e4bd3f4e949fea2607ead066a1858303b4b3253d377702dc1b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 268b28507198b66f51a5deb94ed56494
SHA1 c94abb1da2b80f0279f2a0973b4166edcee903fe
SHA256 a00daadeafb5b8595805d1dc812307c8f002cfad741991f6cd8bb1146932ced7
SHA512 1f09352afd47ae262505cd369b5548a10a0f8198e710e8e87b93db7142d2bce85085b985e8c853a6d2982d9ada73ab5c08b6501ddfa5dec9e1a48b6c96e40f8e

C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\System.dll

MD5 cff85c549d536f651d4fb8387f1976f2
SHA1 d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
SHA256 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
SHA512 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\nsJSON.dll

MD5 f4d89d9a2a3e2f164aea3e93864905c9
SHA1 4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a
SHA256 64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb
SHA512 dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2

C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\nsDialogs.dll

MD5 6c3f8c94d0727894d706940a8a980543
SHA1 0d1bcad901be377f38d579aafc0c41c0ef8dcefd
SHA256 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
SHA512 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c49ec19b35b12620f82fbc64f4506c37
SHA1 8da9d734d1030875c3f4335cca5ecb834806610e
SHA256 fda557312e1b9bfdb2d2d3f458b4bb1f64be3a9c40f72a51012f53f9abfde9b7
SHA512 2c1a2a38d77f03a5ab7f928427a45c6a74fd92ed6dc6f9172e9e99efd9716814afcdee6ef0efca8635d92ec1c8c51e1f461519f4e81b179d8cc7ec46633f2698

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c283ccec8710edad37ce7b2f1ec6d3f
SHA1 8d7ee7e97932d5a9525c5edc66616b7ecde2c13c
SHA256 b55466d9400739562f5cdbe35544c7d05bb016f61b3328ba66268730cc3e0d2b
SHA512 a5364348785a143a6261a39bf5e6d7818586b77b835d8d3b99746a452e030ee787561bb9d7fbec77f2e2010ec96a8eba1c309eaefe3ed2b4deac5d63849f0d61

C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info

MD5 82d7ab0ff6c34db264fd6778818f42b1
SHA1 eb508bd01721ba67f7daad55ba8e7acdb0a096eb
SHA256 e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db
SHA512 176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\1fc01653-af70-4586-8a17-f0c7e830f648.tmp

MD5 728fe78292f104659fea5fc90570cc75
SHA1 11b623f76f31ec773b79cdb74869acb08c4052cb
SHA256 d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20
SHA512 91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad\reports\7638616d-554d-4a32-b1e2-505ba0bb4bbb.dmp

MD5 b83bed030d788e0dfe310225eaf4f424
SHA1 ad276a4de572c40642370198a8eed9db68e3f423
SHA256 c9c44ce0fecd407b632380257040a6b7a89f33c189d6cacf4d7e71a672bfb8ae
SHA512 2ee5e4f4ef512186a9acf1eb5037abd8eab70e9f513528820843ace6a544c7881ee7f4dec0363de63f6c93152005896d271e68c2a5a9e748d86d2b33aa015364

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d9231074be804d856814420eea789dcf
SHA1 380aa4cb9223c4c51540b873f6d301baa6328445
SHA256 e472bc1bc476eeee6b5c2f2a60b684c3cc2613001a229cd255960fbc7056bd94
SHA512 fc9b622a042fbb6bcc63a3a892b42edbeb4c41e104efed05efc45e15aee25fd434daeb3fdc57332d8fd1a0e854a723fcd4707f7ce0e801ceca89cc181a3dd608

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5

MD5 03e9f614a008075733c76883156b568b
SHA1 5f9cb1b06928487c4b836e9dedc688e8a9650b0b
SHA256 b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416
SHA512 7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 4b97f8e34b596fcde5af2e86bcf5de02
SHA1 57c7a13833505f8a334b98b8c247bee8f45cd81d
SHA256 b64ad8a1162bde14e685eadaf2c49195d898bb731e8038f293aa0a819f1c7c53
SHA512 572167aa1ad3cc554bbf74f648a481772f37300e0d7dd97487e7b46e015a25e5881e7272358f7fbab08afd78bace5629d9cd3ef9e7f828769b19cd5ccef9e9d6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_00001a

MD5 115c2d84727b41da5e9b4394887a8c40
SHA1 44f495a7f32620e51acca2e78f7e0615cb305781
SHA256 ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
SHA512 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000008

MD5 cca340197220e96581d6aca8f94927e0
SHA1 f31cbc430ed7661698a5b0e2ef63c2e0716193ea
SHA256 26f2cce66aedc8daee96aa03a5f980ccffdbc216d2e7e5bad81d3a5b5d8e5c5f
SHA512 8091dd259e2fa23877d0341bedb3afb9a25f94669309e2c913bf2b9a4e769c35759bfdb6b0e4ac8591231f95e1187e86b15e60db6220f9e7d8a11a370325b0c0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000011

MD5 15edbb4d85cf503917a877d894fa0a18
SHA1 45b9165e1a659c3aabecaaf3ef8672f10541ee17
SHA256 6b99a2c0c946d59d80a1d56f795c61059cec833c904aaf6397eebd21d8129d8a
SHA512 4dc82a722cedbb945177fde76aa5f5990f81aa6cc09988949340ffc1c7ece507508b6b5f239c22388c39716cbe4bdb48d88b2fde257b8f40cdfed695a060326f

C:\Users\Admin\Downloads\b8efb803-b3a8-41c5-a3bf-aad747e6a900.tmp

MD5 dba533edfe91246318f3baa8e2efa47a
SHA1 63e0789a8169ee6f1f58e0562feb41aad9d24591
SHA256 5a31e3fe32f6c77525512f701a4b321432050b99d2772b6556efb361fa28c71e
SHA512 26639c83fbc575c0438857117c97f21bb58b0066789878b405cf2ab1eb1da410ab9e595cc84cc41a4d95fd0cafb2874e7696cdb69f7c8ee565e982715babe7df

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State

MD5 28b9d05b6ff94d471e09b7cb3b0ca285
SHA1 12ed2f4f0865e9703a785c55c79e2bf5c60b5380
SHA256 1e7d66d43b638c370bafecf96cb736900b519eafd185141da09b9fe7a4acd045
SHA512 c72d6edbe04c4872af019f733ab41f1b393cd995a08cf50029ca38042e0b08c89d5c72aa21635fb5c31dffcc2a04a5d0354f436b86694b6bb450256e3004551b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State~RFe5c76ed.TMP

MD5 7f7c79018ed2b89f85b5f2a949b513a2
SHA1 848611084b43f0bf743561d1fca333caaf7a24be
SHA256 fc321334a49832446ccb33673849c1a77ec94c268fb48bf7863b6c14dd1a2cd6
SHA512 85f97eb7ae1ffef92c1a9782189ce014b0f602a7b1f4722806b1f741f6057be0f4f37f2fde5ecf55d53f1489461b579b76d2d21e40bc1a4148d5104f3d2ac4dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78f1e6ff106af326f6d3fa477cad2564
SHA1 e00ab89ecce1bdc12a26add0e8011f3e3600dbf7
SHA256 1888008f6565f19c6106647ec67ad90f7c7ae381d430df0c9171b823c781efc5
SHA512 98dcf93c21b146bf831bd7af365a7c2e5e50856887eb04bbf313aefff771b7e78a2fdb8f6fcfcbeed6a0ca0f8dbcfab0a0fda0637511828c6ffcb54c6d1457ea

C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

MD5 ce86358a6a27f775fdf8c1a7c88d3864
SHA1 a40c94bf83a2333236e4d156a9fff04f42996c8d
SHA256 b552adbf38ab388ca41489fa63e3a110807abf38a73bfd42516d2bbf70393c27
SHA512 ae45e7bb2e9545889caabbefb0268b0d0f9259c2db4fd4201f109c6983bbadf6b88c2f8ebab45e6e3d22e27aba55dabe3fb5940bccacc09edbb1efb672fd4ec5

C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

MD5 7d46514e9f51c73f778e20a1482e5fab
SHA1 3ad3cdd97d36fabd22bd508540eed3769de2e54c
SHA256 d373dd91594c6cec4ad0f4ed76914e0f72b3b90b337a068739cb580de11ed3a0
SHA512 debc8b9de57c25554c2a72b179f9bf7c9ef751a4f50b26c2e1833478cd26cb5ffbc778ead0d850239889e95540f298afbda7ff4db834ce3f7188d36fce986b51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 551d8e64297566c0aeeced46278a11e7
SHA1 95eaa951a149c3f5b6613e6c89be86852b23ad81
SHA256 3a44f26c952db2178459fb881c0a768bb7d07022184fc783fdce2afa4070081c
SHA512 eb49aa101844726a7a6ab4d1bf97def0fe8a8702803f12da5b1cff6fb26651c774944f881778bcb5e02277e25310940bcbda65356c9cc9a4fcca3d0851d77982

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3c1d3659d87654e3934e8624cb11ccd4
SHA1 1724180689889cd1c26deb3af9ea48bf19a5182a
SHA256 e1b46ec65a6bb0cfb20e231516eb5268ab022d7d009c44546672e19ca06c9e1b
SHA512 1d99a65b0307c6d902792d3b65d1a47e07d9f41a48463426d7ef147cc2f5a5ef916f64cc466cb0bb2d7b508329f7102b7dfe94b9f445c74651e1557797128887

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7f1e309ab78fa130de52c728d33c553c
SHA1 6932ab4e4417cafb5721d3e18b06272287c2b4a0
SHA256 93f35aa3fd83108477d0268973f67ee89f7535bbb8dce47f0b50c2ea3e77f8c8
SHA512 5d678dd3b4e344bc2854df6b896c03635bf074a81058000c8c703833def3c90139b113ca77e88d798ff7d694a256237a6e779a7bd5d7e38dfe542ff800bab633

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 43172c32daf9eb54272d9b1cb9fa7468
SHA1 9acf547c96872902768aad5eca9c631478422ef6
SHA256 71c7526c18d8dc730699c52a19c1ed56e8586bea095b926c124e79b791901851
SHA512 d807db559d88052971167f5242ff1f4ca15b513d99b80fff28e558bff8b50275b6b38cddac473537e8d66c62bc74759b4bf91faf3c16178ef494c18c988446ca

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe5c9fc2.TMP

MD5 081be617b84a30842b1804b26d876304
SHA1 24e7ffe12bfcda86ede008f49fbf1e67eff5eef8
SHA256 9af7f6c12077eb17766a4181de44533ddb832b71ad78a5db7d9e77e9dd1c0a5c
SHA512 b23eb5ceba13e84957a09246cc4f795e24b989543491e973193a86d1fe0253e62304fa5d8fd5f7b1d96b99bf5e8d009f7d74fce5d456a014ed6dab0e4daa65e3

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 805cbeee077bf486ede572fc91a67e2e
SHA1 cf24f951953239f00cd82520534a855fd1e0af6b
SHA256 c3eb04fa56a481b53f349fddcc9600ce3ca7cfe916ed01b9d465743ad0c993e2
SHA512 743188e06bf96dd6b59125765c887029c9dd6d4827150fd102212e0e0554a94ad1df22fd33fa06ff01680795c69ac014421788e49507277e9bd76c6c2c7a5480

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5cab1c.TMP

MD5 f22ce9acba6d3d65ad9f52f6466c80c8
SHA1 2857052352bb53d8e16b47f7d6b628e283c836b8
SHA256 9e92ab5810435f8859e2f9a394d949778a5a3412a91f2dd2c26bcbce2f5f45e4
SHA512 780fc9b8eca3c7a5386c00de9f34c56372360d8860a3a91870e1b86642705206e655f2e2978dbb5a083ce5536020f802dc128fe65ef141d409e85efa2c6aa824

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 fa27d65e0773ca2a762da6838f294a5d
SHA1 2dbcb6bd42857709543b3f4efe5663af148c0e2a
SHA256 d2a7525472260eca1d48b80ad38bc218edfa3c397aa866d1268892867eaf01f7
SHA512 b8a42b3d3c8858b0dc7b480f4fddad506e2cdf5defe4678cf1580a2d5c4c418593bbb2e8dcd88fc9035b462e8a8d1b0fbad7058a3a78875c83fcfbc899801c1f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe5caca3.TMP

MD5 55d3879c79f0068ce1b192366ab4e581
SHA1 82779293e4e3b540e7046d28db16ee9d70dba3a6
SHA256 83d69e9f47c0ff06e125c2bb8533a82b9bacfcce26b849b5bfa92be3590aeed7
SHA512 c8b411c374035e9ee15dbd0cd348e53fa05d01c88f25cda17500fa379caafcb1e2a3fb854c01c2d01fa61cf3faa2368a45f1e10fbceac70b5924c6b5f63b63a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 c64929d71f8769929406b672778db163
SHA1 9dcbf05f8029ec6263ec43b6958a54626adb62d1
SHA256 b8d3e55babd999d4d2ada4cdae8d09b2b34321266395960c07ec811d08b91a0a
SHA512 9ce6eaea812713c9dc9de55875f5899b21b34e2fd09666590f0a4b3a4c6b3dcce382c5c1e73e01f4066c4b99024cda816ddb324701deabf2756c76e6f5977332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 80afb5591a9bd33e0bdf71e33f980e16
SHA1 a04652080e01764c10389b3b3b367c2d4b58575e
SHA256 17ea21e25b11177c0a74901189147a1578b5b3fcd4ed67e450201b68497224dc
SHA512 b4fa29c7f619cd7ce02ba0caacaadd22c127553ec105822b2b9cdf5fb737bbec9737501572566f5882395fbb93eb70ffd8da7fd8d32d51772a90b6d6172c5856

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2ade56665ca5e9a476e5e5b8354132f4
SHA1 6512080cc00027db7ab6490d06ae4c18eba7535b
SHA256 38a793784262f204813493347d10380464f046adcf0e50247c942374dad1c493
SHA512 56676510c7a7323842b18295eb7a1283f1b28922f636ea72013b98bb420f6f367e8bff075fa7eb5f37c6e36caa0321ba2fc3f7176b4fb3739b74a4ff4b0add9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11eacb6f59cdbd887f54aee9c483cb57
SHA1 d64994bbcbd9ef9621773542d7f2d1f3c715da1a
SHA256 1fba9531599f4bac5fff4fc32608581577247a8811ebdd95abdce4c7d7effe54
SHA512 06de45a88c4a9da74748e0cafe1ed50212b83bf9ef62870fa53f680dcbceec310d1acc99d873854a849160ef8c1d946c0b6478094ab6ca3c2dd1123ee5e3e01b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be72aca000417d52e453fe11f3139b30
SHA1 422ef8021eb76eed7d148f91ea474370dc02d829
SHA256 8bf44f9dcc801e3a7d9c741601a83d4aa98611a1903acc4debf229742568ffd4
SHA512 284592b2487a9c316b4ff622009bd70cbcd40432bb46945c7f170e3d6375c5b698d25e8f9e1b89987de263cce2b58428b2af5fe9cbd0a727d7d2b814d167cce5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 026681ffef7c6d525b0fbbedac616f7f
SHA1 83c7f394533e1d2562a2ccf722d71aee7b76a40f
SHA256 85663641b3da1c251176116db9f09d0e9385878c4fb39fccee2ebc1d05a906d5
SHA512 48ec5a2ed900ece3b2cbe8ee80f568886c801c40aefc0f8d022bda58653f65a58c82dcfe88cd7115b691f94186b5107e0600987dba0002c33da6cf485e2f3429

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 f7a4108e5ff405dca203de2806d89cd8
SHA1 f4ea8e96274b1a3e7b6729f80576dc9ea3f1bc4d
SHA256 a595f7fe323bbede9e0d693c9a04a05065a1e877f2814e5f9ec4c42428fdb2c3
SHA512 a10972539d126a5bcccde4087ab643bfb76cc08dca23f14fb65bcdc78e7e1b00c3c7e34b18defbe04637307dc49ddcb769935b0457a0688958635ea2f2a8ad7b

C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

MD5 ec6f836b9a1ec0167b3956a2e22982aa
SHA1 e0859bd4cfe85c74fe892e537c4a23ec841065ce
SHA256 6fe3b7a7833099a9c4da1c0657172a32d3508a502109b78030a5de7e454ad21b
SHA512 74498d3c34c640b09c003f8fd8b14ef4c70ca017a8e39c21b2ebfc88e0db93ab09a42a842e3290fcdb486968e892de240b1c01d71fa5ec37845856b53d631bb8

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 ff1d85f0177225f1ee4978434f38792b
SHA1 088a8865e0a0defc449a074183826407aebfed12
SHA256 87a7d18fe7b7e3cb37ffbc9b09bd47353f28a2afbdfc6b45ea12839d5f1aadc9
SHA512 9e5d24016ba66ec31d3903a11bedb3e9a91be40735ec35123888575189382e1aa17d948379536a0b047132628b50d51dd854a8a6122ecf956a62506a6f04c8cc

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 4c89e8a517b95c2b9e91125b624df7ce
SHA1 ad3163114e1948cd0d5cb18c099c56a20241827e
SHA256 226fc78832bc2f61ff0bdc00eb170e68e3f3aafa06661b86e9ccb2f473adaedc
SHA512 345ebb0b3518934b9d835be600ba2a0925ea7d6cc208f60b1bbdb8ab866d715e40bb828e95afb9d4d103aa22a1eef74dcfded91a1cc6e276c4ceaf0d64d4f547

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 339f0f01fba94eb38b78ef3b1b80ad18
SHA1 6aceb178141e9acca289065e54b4d975685adddf
SHA256 2c7ba312801ab41dd1c83096c67fe15cf6ce4330026fde5fb2e47f28a523f8b7
SHA512 382254940293e65f219111de899d967fcffbea7f314ae38ee9052c031e1d6821a608a30c9113abe7a57c1626914fb56cbf5e9fb9ae8f868ce5ab0fdfc4c73cab

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 c10be2dd834ac6fd7435767eff12a7ba
SHA1 db45b0861bbb2ce401955b1aae05117bf38751b3
SHA256 7b93c6d2575b9e6760d87b7b93a83f5ea8896821c0e30dceacc915fe45b165f6
SHA512 df45f143b924eef3381820cee279dcdb56827b8df403a0ed6d30b585651b02c4f90fb9bacf210ce1d09a43fdb3251ac5fb389895a860ed1193c404f379d287b8

C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\DefaultWsdlHelpGenerator.aspx

MD5 f7be9f1841ff92f9d4040aed832e0c79
SHA1 b3e4b508aab3cf201c06892713b43ddb0c43b7ae
SHA256 751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
SHA512 380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\Browsers\Compat.browser

MD5 0d831c1264b5b32a39fa347de368fe48
SHA1 187dff516f9448e63ea5078190b3347922c4b3eb
SHA256 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741
SHA512 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State~RFe5d644a.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 a06b10c3198926942cd0f09c0784d20b
SHA1 feb988736dac6fcf4bec632aaa78686eb5ac1eef
SHA256 d6d9d2d8c7f19fac0db334b1e2a4ae71ef7341cb78027767b54e11542572995e
SHA512 8decb5c78b08b11b03178941fe5276907a598d9cfa8f031ce34c3611760582c21d56b54a7fa19b0d9971ae8fe4d675c4d3e1c6888f03e1fe9ab6964dc2e74ec8

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 2e342927f09de9f1420321bc482f4ae1
SHA1 ba12e1fc2811ba2324360ef257e49c9b7243d7b4
SHA256 f18369954d3fd08233f18f54be54b3590c30f8122e9c21d08f60663f25b160d1
SHA512 b376b1523c7f1b2d106370de7e7b234fbad6d67a4ce300652fb1674ae11f7b89496176e71eda2cc770d7946c63488021d0039a6c5c2a037370e60c5460185bf1

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 210900c22270c8b02a30498aa5e66d73
SHA1 c1b00ad4cd27acbfd4dbe4bdb70e13d82844a6a5
SHA256 a549d1973236fcd2482aa2d2aedc069dc5e66b4e98fc4f88cfe5477b84eef7c0
SHA512 4c8533cf0d635e3985f7e130b10094420f0be2837ab1ba09a557ccc4feb446b174f1ef2af34e78162ede5b0c1e6db29084dfd427310f3c01af03842a75bff24a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 09641452c8534371ba07c6e20180b908
SHA1 7a67d6eee52bf65b62e6b67c2e70f77aa3bfaf30
SHA256 5385ee8a3487c65fdc7ea6a463b0cad40d30432336e3e3bdec396cdd9eacd347
SHA512 0fedbb795a1d5db832310d3563ab534543229603614d7cbd5912d3607cd09da53e0b1193db72af4fa0cf3d72c44922ba1e19b6c1eec4b6bdaabf9f1cae7ba696

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 be56cc15c7023d789812697ba583db1c
SHA1 24302201d209423bfa5615725f6745126eb6b359
SHA256 cfc747a8fbb99e5a38c4902765ffd9d4cfc36eefae2dded326b256d79ee4a2de
SHA512 6e2d545bbdf461a1cbf37d4f738307749afbf2bf1b046e66e02a2c060a57ee751f64908bf9aeee8e2c718303e524c82c368cde43de9ed8fd55d5bfa217b97e3a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d23d5dd65899a742a3f01dbd4966a1fd
SHA1 7d112cfb52923d3fb373d863721e0046b4e22522
SHA256 402afb9742612a1924ac163c6e5d30937c0b32a70bfcb10f6c82159195b5f333
SHA512 f7670bee8cb2edc1b5359e9bcf7e27ff19e79160cbb41e234f0507e2d169af36f6c00a1050224568fddd6ff83ed2db02fd8a2fc02a8d32565df1de52f3874e0e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 023ccaa3c44c5125dfbb47fa769290a9
SHA1 b909d3869a9b84b058abe399dc349ccf6478a148
SHA256 77d93d2ac80ed3b071eb93c6cad400fa2b75681e65c9fd67b414c345c5209f1a
SHA512 23cea5821c2e28539dfa534b3233e2335c2782887a1a3236181dc6ee8aac9891be671dca8ec76e7a8dbfbdbfb02d89fa31a61fb4c0a5eeed6392e68f4484078d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 0de15fd6d7fc68aa50720deb9e3a9f20
SHA1 b05dba60c56e33183f4871a4f84b236b12179a74
SHA256 2504772a737cbfb68d70089440e1b21dd6670ad04b3bb04155372024c077fe59
SHA512 21a458bacc7d53a4ddcc93259cfe4cdb5ea3677eb807dc2e16dfb7d50aced232fa2bdc218a789c9f60fff8b3275f24514f04fb51e8ef117f27b4ea64a48a5994

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 abc41d26b2d8e1471c721ddb1bbd322e
SHA1 f630b255e5e78a05c70f1c817e6e5ad0ef7f130a
SHA256 5153ce243de46407b721b10e7cde06a870efc47229c0ab6f021833e1380e37c1
SHA512 96198eb3d5556916bc2a8c9802c0cf3b216fb66f061cb129d58ec0cce9fde6e1ed37aad81b23c537aac376083e7e057e9b54a8c5981ff76faddde8f42f577c7e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 5f48366b5581ecd3579745783e6c35c5
SHA1 cf3d23f7f855e5f5ed1731fa86c75b49677dc854
SHA256 f039b7c0d0035afcb7aaa652d0676f65a9bd4a7af10e2d5de1fa1b0a9db49cc5
SHA512 2077a6aa59c17e2e7a6ee34699c40ab7f927603ddae898bd5cc0cc8598e51bf0702ee7334a4dc7de6041329fd6b3fdfb3001874019e73bd0dab6577b4636c1e6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 1ab42bb312c8c1b6adddcb2c34176a5c
SHA1 960cc9eca66a23d7c45faded55bd5584845d3c54
SHA256 ca7dba8c9f58ae814f2516ed333ca721d76bb1bea879b7c8bcb2560a85c894f5
SHA512 804ea7f4ee930501d72c7201f50e0bf8a2c955d5b2ed44d480cc2700e16cf1545168d659d8509d3727e52177adcf94c98f876ecdeaa0daa4a9904f954d6a32d7

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d6cfab397ae903c68d30d61d2a4e50a8
SHA1 e8c61538dd7d147bab72bf751b20d885075cb7d1
SHA256 663e904c77a80db729e578b7adb2e8cc7ebfe68d07a76ca82ac9ae8f0ba4d016
SHA512 3c23d8a8b64344e3d697cbce92b9c04e2f09ec353d178be32d90cd88282321824f55c8f05ff2f695f189a8e0abf609fde23c4a3f1ce07811fc1fe9440ce47383

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 11123a39cb54d92158f07b13a3c1d7f6
SHA1 5fe5139407fa98f4159d41807d3ccb8790077305
SHA256 fcc68a0b7610884ca437b2fca7aa49790ce84fb571f76815dc91c5cdca0a3ed1
SHA512 d3c5ac4ae1ed7f43f2b2a5adfcc251219a7d043c8ac92f2ff6b797d7fbab5d290977006cdba5017f88953cac04f32c9cd613c9be1f9048f708205915f9762b0b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 fcd71147e0db9ca68ecb5cb57d765377
SHA1 58ce392e800cb221ee8ef3e20075b806cd621fc2
SHA256 304b18008337ae1cfe8584bf07bd333b3aacecb9d61dd7711b1f2cf2f08a9e81
SHA512 6852785d7e504e5b02448685c11a3e437a869ba19cd0056f198489e3694efed2fd8a737cf71a2995abbda13b8d5ec6d0111c1de9b3f06671471351d802d5bbeb

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 3c4d78798e3572821460183dd4e533ac
SHA1 31c904ea6c679ccc2c6260fa13b77a874f5ccbd9
SHA256 acbe22c8127fe5a16037b7c87aad3223092c10b7b12c3222abf629342d2df293
SHA512 1fc808631bbf02e55b129e43ae89fc616b4135f171c462b49dd86e1e8e1de33acd7394c7175475d625f13b798586b9aaed6e442af36790e0ecf671393b492904

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 92a825ba1a894d382a3e85ef36422d5e
SHA1 7c1136a0ad0d6c20ea32cefc0a17b7a0ff6739be
SHA256 f3d3fe1912c35e3e5c7259a248cefdc6d746251405462c72800d8cfea22f1065
SHA512 5002dc2cb882e95c9a03baf1c2697ae427c2d6432a12e0b1032f00d2ab8cfd577b6e0d3ea01b099417314de55dbb8999e499588dd4c57210132b472dcd648a3d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 1562c6f2f7f0c7b241182e83ead4d558
SHA1 1d845ef3aef26e86e27037448522130dc8698e73
SHA256 431772f2367560566c3eeea931827d0f8761128cb443974f78cdcd444c247497
SHA512 d0c2895a08f9270185db8b8558cf10ab4b70ba3cb7ad1e0cbb7071297ce6e6040b692fc3705c3dce918ac6611764e005e42b06f0fddb5fceebcdf37942e6594e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 eef9a9d631e8a5fe1502a528aa5bec93
SHA1 3314b6702664a02151003ee9a909c6b38c68f5b6
SHA256 0db5ca897d456134dcbcac638653a807c2506614772e835a41a891fe269a9744
SHA512 f78e8308e421a8bfa57e62ab4b3d1be9065136b8953e71de1296eb970e7a5231623a1fd510997eb8632f74f37dc52330fa38d99adbd439dadbdca38fbe5256bf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 a4a184a93bc7e92ed304859209f7685e
SHA1 70abd8bfa4d450f7f6e57d1b741c74a23a92b438
SHA256 007f8e22639b91cacaa832a497e7d7436ae7f45e1794665a565a1f91aa83c0ab
SHA512 ca2899f1d14b84a3c9c5fa2ed416733a495ef3f9961072c40ae910676ba6f702f35f2f5dc441589f21ef909d54d4250923d9968e324750f1c6325fdd97f0b29d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 76c898b609e4d4fda6266ff8395b90f2
SHA1 a6598a7bb0ba374815fb28e812bd119eb98e02b8
SHA256 d1a688aaff3d973c717d422bea3d6015d9ad8bd735afe9131c17057f71fb0b46
SHA512 a1df29dcbc533d4387696dfb3a6b5f44dc148049fbf9c396c1a98fd5529eef9ffe5b337e8b78791dae2551abe45a2185f43c7642df6e7a27eb724963c8ac2858

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d24a226c929165b8d4ac4a8f42db63ad
SHA1 6bc5285ec209919996333bc804df11e998be0d54
SHA256 ac3a36f36b3d1beb2d3ef0fe40416896211c932f615b6e83400ceeabfbdc7cf1
SHA512 21effaefccb4d3842cc3eea6b1fe1de639f03d848c821d4761766b705890cdaca85947ebae066125a597169c5a5d8cc561ae370a11d5f47847cee7b4457accb6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 58cd375f4b51502ffacc238ee1d1ecfd
SHA1 ccd40268fb02b0783fbbbe85349442f767075e69
SHA256 61327b6679ec3d33706ae66107cf1788703d9293f878f7f27e01e80f1c8d1f24
SHA512 0242e265364ad0cddb83c5c38386a7e4060d2fce65dd64fdd10d648c302f533d99364dc6a1e0d3161e9aabf126a56bbb5ea093bfcb775ae918b803e3b88657ae

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 f8325f4182b1756a3f37a9888a6d3fff
SHA1 5cb919aa5cc96f308f46192a57b12897476c721c
SHA256 90a3ebe79f0b41da8b8a15e71f4d1d6f9157c5d3ec8a1304834b0b9e5c0cd88b
SHA512 736f20e4fed24ebe2f86de3b03171f8c565b5707a8d6497616cbfa95b20d47e6bdcafa2b89a94cd29737f4c883beb6164620675968f14a24cf886365133cb37e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\250078b5-013a-4ac3-abad-a1c5a2c1af3d.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 277bc300c78f30f659549c91542f648b
SHA1 3c1adaef625337087b05321276f000a9534aa87e
SHA256 ce83912fc07aec521cf4e833ae9102e981929a94ed592eb4ea3eccb2d9b0b650
SHA512 18a7c3e057e91fdd6addfd71f0a7e533cf0952563a9186f2b0f63e1fefab15f383397725a79f8e4a1bb6e1bb5da877792933806109178c9b7d948ab6f805e38c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 efd03df790733c0698a269673ddfe91e
SHA1 3bd6e9354b32658f041e383a8ce11b2f38199070
SHA256 ce32eaed2b0213a20a65c8827d97cad9be3fd5b60871eff063b524b821c30926
SHA512 02cd07bf720a1635c4d2a9e6e552be2a71754d1aa5221946564fcd430db8c9017341066bb08cb5db535aa391fc3a1569f8b7da7bb247fc4a94aff11200b0cd90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dfbc8a0d85fee5582a54284ee2f91c9c
SHA1 b2e987709a8fa4e89a21bc100c0ebe3904df9c9a
SHA256 6f0e3ae48ec554458b173cdd0c82cdc15f303a289567db0b8ac15117b6d47994
SHA512 cb5f4b1dc1fba8b49fe772da5c72ffccf858274b079a458a62a2797bf39bc7d9c5ce29eefd752dd985d6ca569a99e74ad39f8cc32cf52f5a7717710be46fd91f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c31d84448b6f67c6a8933b75c2e60b4
SHA1 63352dd7e85883b96d0cce308e036bbe617e6a26
SHA256 284dca7fdce48aa404c97df23bfd2b5d25b5fd0a5641aaa4190de7521b12af40
SHA512 8a2093e0b372f2010025f6e7d6f23dcbb4edec8d22c4b2eda3fbdb95736e308c508b7726cf0036b706aac38beeb2f042426842c13c401dff61ec2a45c1936407

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 bc6cebb419030a60893e339b618adaa4
SHA1 74de8e9ddfe743bc6fe97b69ca0d8afdee385a49
SHA256 37ccccaa346f8bf71a1400c3b7452c8fab1002cbbcfe797983bbac24d9fbe2c1
SHA512 ef02353aec1a1b827d4286954a73f7faba1b839b270b7e62da1917785a16c52f9a92af1f7e8c8f785bbb40a0ea53d1f207ffd540cff77d471e64c0e25f6119dd

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 a648efee899f76366bdae894be72b251
SHA1 c3af4773c8cdcc42c88349e0cd37f4aa46037e82
SHA256 e1337243eb1899b9bba63e4cff2388e7292b819ba51ccf917f34c425458a1b5e
SHA512 5f1f69cc7cf0e91eb020d378560db4e6d2edd30e275e268410d6c9132467aaf0d3ce86857ed3b5357af0f941066e8e95fb8370bf6913d6d41bc166e66680f6fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c013f5b1b487c468b6ba8a11ceacb545
SHA1 593504824b7253a759915347987cf37b874ed1f6
SHA256 48346096b7c994a865aac51dfa2db812032312bd3aab971846a8c518b81d1c55
SHA512 45bbf5bc13f2899c97e1c565c9ff4f7e2469e863b83db339bdb21f52f5c2016bc8ef606f9d93a0388b624a796d1e8cc0da069bf66bf6e17a8d04777c53d2aeb9

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 c1cf17ead6fcfa0e8337f1c85d9180b4
SHA1 4ae28cdf07919f4d12abb958e105140622abc819
SHA256 f9ab6f146d6ab33d6f06ecdda00c6454de77bc5e87db26c0b88ae06e891331bb
SHA512 c79a2ab25865016dad9a408d9e65c19f5a085311babc795b6f61b80a7cc089e1678404e1cd19cb92e460277de8d54b1f1daa2048dd6e78cb499228854129128f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a39ac94510f4643617d86f5b9415f192
SHA1 133b2a9fdaa6c84d4a2ed43ca3a74fab496b9ac1
SHA256 de166326ab20c8643e1d5348d2f410b1cdf1d2fc460bf361bef57ed7f3c21acc
SHA512 5a2c33f46de9929ed424c839cba53236ff103004ad83599f3bf50e9f1f7b9753e32e8de6294573da16ecd2af2fff6d566c81a9dcb82d107e7b81dc56e1e52352

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8d9b1463ddef4da49b66b3feefee66de
SHA1 58c2304581fcc7568bf73ee312b1abae03d8e2dc
SHA256 d464dc6c56047ba7bf7698b52fc55003f2055ead0f7a46993ceac1b9b2039973
SHA512 d499e39bf159b017b15c9b17ba91f54e1636768d0810dcc48d9a33e33b17aad60494f079319c9f8176160840f0018a465399ae44119102e40550089ff8eac8e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b668828a077449fe7a4de283a721c4cc
SHA1 50a48d39be882b2800b59ef5b014641595ab30d8
SHA256 5f0041b50df06d551e14dd561e68aa706582e4a2cdc9dc391fde81437b0d114f
SHA512 63b4de917e8ef9a193f443f2984af3ef2c9ac861e4b5ec362350f328937232d729301dc5a43a92e79a438e8c66e0ff03b7294b839914f5d94c84d740e63770a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0bb096f04da5ec103f0da5a94b21266b
SHA1 a4613e338547a14237d3c53a5e5b7e3c5b19d7e9
SHA256 7a93f56e80f0cba96884f3dd93d61b181dc931cb4338385b6e2faf00dad298fc
SHA512 8e6542f3b7dc66d1e2275e282a21c1bdbc9397468883e9ef9ff0f88b0e1b64de0b06714d982727cb47d6f62bb0bdc9322ce065baa33bb6e5d3ad04eeb6ec9c29

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 3bacc68fe67d25d179112756420ada68
SHA1 7a11c36157d0ed1578c1bba868864ee2c6dd96dc
SHA256 4fcd9fec7448e43a6690463d49039a8e20d0db9e4f931b72f1685cedc03b929c
SHA512 3e06f56f0bbee2420987d78ce1a67b6f3cb7c7749ccf8a9eb5b5fcbd8d102fcaf3d0e9ef704ffe21a263a03c860c5f80a31b720a9f4bf890e600c13b6592cd4f

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WFQ509M6\p[1].gif

MD5 d89746888da2d9510b64a9f031eaecd5
SHA1 d5fceb6532643d0d84ffe09c40c481ecdf59e15a
SHA256 ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
SHA512 d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c

C:\Users\Admin\Downloads\MEMZ.exe

MD5 1d5ad9c8d3fee874d0feb8bfac220a11
SHA1 ca6d3f7e6c784155f664a9179ca64e4034df9595
SHA256 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff
SHA512 c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 edf43e017dd3237ad1413e32b561a3a9
SHA1 909797a1e79bae362ae96e53c46cf4fa19e6b063
SHA256 c1fd2baec61517ccfc426c8a0c1b0b2dd8c40f786b246d308a89968d7816ee08
SHA512 90a12de246428bc128368c0946a98f3d43955a06abb9f6c6b6ed8b76c2afe74f596797a104f63345cfe042a3ef9e57a2a4739dd10b0b948abc899a77b5b9af5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a8f32ff08012069be9eb7005c694d5fa
SHA1 5fd391929fd36ff2a115eb7bf12dcaf3663cef31
SHA256 1d0b8fdee41eb0da72f5109454edbbd9e376636afd5f249fc6ec63400dd67e49
SHA512 8a0b30c7ec4b6d7e481686cae3c16d4babfeb747b2aff1830f6de22711fc77d22c19fc04e97edbd1e039485e072b67ca638a8946a48e69b23aa534b3fcc10d43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8c0deeecca92c25beb89189cf0f5be9c
SHA1 172bdb57d032fd97266c54e8b8c762457dffb5b9
SHA256 42b9423ae446e8fe2a2dea71fa938376d28290748330bb08f2fccdcc8d620a04
SHA512 4e65df18a72e1fcc17d83d7ce18f403ebf3d4885eec815940767f9f9a5c4da11d73f456b75aa264a6184c12ffcccf94cf894e9e6625c9225987a67bf7b0dd815

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 c76e81f15e975473f0c4a92cdf462366
SHA1 654e04726f2bd407ee2c23edc030f74aedba24dd
SHA256 f80af479aabe95f41c61add9259ffe40d6bf4087b1c62eee14465ca3abf8a142
SHA512 f30ed9bfdfbe0dc5e9d4c6e0727490bcd973df983bfb96836eb494432b2a9681416390c4a8292dc014ec2b03d0aa15162ef40c3801ea7d0a3e8cb4702b486b3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ca7a3d219e5a325be49a16f810f86247
SHA1 8038a649c05f12342e8f5d6ae4413f759c58cfae
SHA256 f8bf1264ef3943dfa91e144fc51a06693e540ac8f34b1e1ed0b6e21f0071d6d6
SHA512 2ebd9c4f48c959bc43d91264443a1e48c2241290a8e4c748d2f9712b6c1bf06350aa280ee1c5090846f6a7240a7783ae8fd407448dc5017c6e3d1500080c6cd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1a703f2e438695f364d16de917eeeb44
SHA1 39476c281304740d4cb8e2074a072b1a87780ef0
SHA256 1404f82d4cb53e1eadec54bbf56fdb72725f2354a7ef1150d815c9c648302d34
SHA512 7935378496632b46db6732fc70cb11d6e7a2048b90604bf0c317fdee8434a42a0990d31aa59fcb88bb5cf06e63c4dc6f184963f3715d5a2a119b5e7ed14d1f9d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 2e0e47e7030baaa7a929f433a9d2767d
SHA1 47d527466aca7abfeb5070a098cc88c23ebfa608
SHA256 c4d84e256daff97324309731c0ad72ee33ab7e46a9bc7597c561e93f825749da
SHA512 af8ee38dccd680e4c69807ca4e12232b6df4dd40d96beaa497ae87eba65bf59a254bcdeaac573d68657d4ede9ea47321d7e9e7db62c064d2e305e80212a66d78

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 136797d08a8608dc552377bf93edd945
SHA1 e79008b95a3ec81f257c427083d1da3c7b3ce7cc
SHA256 c6d7b8fad769d04fc5ec9713191c34f3aa98257919b8be2a97373723076ae506
SHA512 e58a7cda7057959dccec7aa450d718397f9e08f05f1c060893273737545b48b868039fe4cea89a5b7bab05fc0782fb65c29ec99bcbad35e25cce387068ba6ae5

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 590da9805e942e328ee4863420060da3
SHA1 583a1e3dd5fb38598df27bd950d8620214afa75d
SHA256 4e5d246e4884af5872823d1d9e7fab6cd415808ffce9abe1bdf2283258e2f327
SHA512 41094a5849cad0fdc9ea990721bc67183a65aa4688fd5678458bc187b2922c2a67a18d21c783f66f98f5532fb8b797d73553dde7458eab348c488239da466f19

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 760caf429412f9b48528382f84c44c47
SHA1 383f245a4e4fece5984ce73c9796510b6f905912
SHA256 a00d826fb9d700befa71615eb1c727417991fbb81fc2bc34732d92aec5212a2e
SHA512 8d6aedd8adf99c89c0e83a94d59c042ae64fe844e7b5b9d8f277b659ab30c080f9df8d8b36e318bd57233ee77a470b60d31eb2262cdcd296360fa17fb8aa6eea

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 746a8e3801c86afb47fbf6ee11d2a8ba
SHA1 e1cdafbcb091ef4e28714a2caf01999f87242079
SHA256 99c549f56b1a97744e93781c09d2eac58cd27924bd2b53c10451800ace43a80d
SHA512 e9335796edd82d410a9dad9139435967c2f078ab9c688ef8a654d2b88aea429a8ff4d4c81025514f485ab083983d684430f14e9613ff7734c9da83df360a715a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 9809c5c61d7cb568a3533f6ec67dcee9
SHA1 7f19847d450d1ac47b02b2045837718153eb3ac3
SHA256 fd0bfdd94956babb6f361ce5b1164e6abd56f5ab7e2ff5d22a92412bf1842b29
SHA512 020ac9149fc6b5b5b6bfaaba9bc4cc49549732e5884f3c8efe58a62b2ee62739fb8e1bee3995f0853773af8e43a0cb18819e78b272f321dd3ff915bbbb70b8eb

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 432c5110c9d375ebb9380bafb9fb4021
SHA1 ad41fc08669bb70108bf93d548b79af86139f79c
SHA256 e6c87df41ccfc90e87df4b2592c1da55c52931cf2c8de6bc18165503a13d94ce
SHA512 2669515d84a66ee7c060a8a3f777892403980bae2173368a0b0563dc825ac3c9e3fb66dcaefaa7285f89162bdb7194945606d2f2bb528e0000744846e6334c03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2b869f05ece0e9c4a21dba2a039f62d9
SHA1 997c38566a1c10302539d31da2ed4132fab29760
SHA256 e327b9b0c8717d1ff0b3fef4967d6793c143d371e0721cdda00a2697dbc07fb1
SHA512 178c7b3734a075a35b6c4bbf8f407d6e887c3510e51f5fb40ab69dbd81925e0131a2fb78d75eca5e9bb4f676931bdad8b782288fd872f49391225ebfd9127f00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a40615c13a26476ad8874fa622275f0d
SHA1 fb7ba3975082a8c9a2245ad80b38725682dc1f21
SHA256 cec0aa23de63c6bb7dc610310e37dd45f15d49b51799a8749ff01e5114b655a6
SHA512 a558434ba380dd5e22591f5d8cacee7dfa45cd9c3df8be1cfb3b0b8c266da4f17feeedff1d09b641036bb203b7b397e8839dda67b5705b5ac405c0a5c03171d7

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e58a8b917d402de479c55be37d697e63
SHA1 cd0c637207528a8b8b8f9d4b1146754436fae28d
SHA256 e6cc7d44f215fe60fd054a07db99ba31876149d2313fe2a746f02885e6f4359f
SHA512 e0ca39a8d5607ee6f3f0fc998669d8c2b5dd93da6d9b2cda20bcb4b51bc36f79d5d6c7b6bfcfceec564abee4b86ee98f83a13eb11ffd783b29d15e22ef72de45

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 44c3b3e524cdba14be3835b358d0f162
SHA1 03b884330fdf76f41923dda63d605055219e9b8e
SHA256 5d5c7630ec59d4e10ddbae5f5883574e43ff2b2954b934b623d23694f7cecb10
SHA512 aee9a6b6ec08c5d719662f1a534b3ed32cacc1b99b11d07a04c1de81ee3ac4723f998820c67bc1047ebdac011e6dbd21456363170a4d1da526b61dd6c047a555

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 ddcf153ca00ace4c13187630565160cb
SHA1 641e99f6ad4765d5b3a8772d088bd2fbd48033d2
SHA256 520238927e5a36204aa5e7ded0ca5a03109f547e0a86bbc9ac6b1afc582ae9ee
SHA512 eab3b805c6157cddf0215efbebae6b7b3172a2bb85ca230ff8442b6c1c253efff4baeaf533ac00ab6c9935d43bd50183a24e108b289a35d98fdc002ce41b7bce

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 1be42f5a6f5cd829a927f0c511315afe
SHA1 6cbd79db26a0fcfafe00c3ef11e9ed332a50ad40
SHA256 9e82ac257b96bb97d75aca9dd75acbb0549ea7721eeb195c007367f8e518381e
SHA512 d35bc06c4b2b4e2bfb0528f6df5de4bf3c2c87c7ff762e20f7b56326528c41c4bb7f4dbb15ebcec09f637cf7c04ca0010e25e435f335e8b1e1c642bde93b448d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 ba669ee2cdce0fb1cfdfce3fbe3de3fd
SHA1 a66d54f92fb5699128d46fe304cb4c72c0ca00c4
SHA256 276e2707a6e478160c566e3ac2ec416c68941f236dde7f7357cc48625c54eae0
SHA512 f51ca3fe597ff013a34d896059e7016a0aef65dd92f42939d7f2fba0437d0d8965cfa6ebd63264324e3a8ac2da6a3c97dd9e80f3c4757f59dde5deb039341992

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 e72fb58fde5f6e84ef87617896ebeb4a
SHA1 06d9f73f03af646a6e83ff6597cd04d2790b462c
SHA256 8529f016b103bc7cf9261a439ec4de8886e2a5b4f36dbda22dfb77ed40200dfd
SHA512 3134288c4b292778337b5a70a6a50e85789df46394e13c8de40ff27e4aa779e9fbc1f1f572d546dcf31a36194fe723e11dae2a6800c9c744291efa6551ee408b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e575db6a00cdefb03ee23a0ab7705373
SHA1 53bdd8bb9d2d56d0609fae9a8839929879c6f8b3
SHA256 f9e3d0db46082610b9cea165f5c6a233a9e5660db278f9a9beb551818da80126
SHA512 d58904dfa561d08e32972f7b4db124ff587251fe2ebb4bea276cf8c0a46e696ef5ac510865c81e23d3e37f4b625e18262e97e9f44274e88fdd82c0d1a8941d69

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 6cb625606e1957c613d87d85e0b46914
SHA1 ff17e032ead5058517390eb54e3edc1c3d7e29b2
SHA256 7ab1b3bb0cc5d3b9d5f41c0008c61c6e08b00e90b956dfb05de26d2fc32dc83c
SHA512 50859796fb6f274edfcbe9ba0178b1351e4adb4f6ce986fd257800b73d41027b798831ff1405e1abfc147ef9c276a7b03197a46d001157138a24554d872f3d95

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 3c314f812a7c8b97530393159a1186be
SHA1 f549ce5631801c0faea6169d59c0517096424f16
SHA256 75dac86fc58449b06b2e7a5b2b6a673c9a3adcfd0b8cf805c6e25861a1486eae
SHA512 15f8b28faa459b8a5e5c11a395051d17d1500554b593d7e9b620b563e12a7dbb2c282d6e912de765b8a50e1c936327ea3386c486b83a00f1c209b76d430a0385

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 5384f90aec3ed5959e85b09ccbb253a7
SHA1 8937f43c92b4d08c280a38e00a17b97c4f1b9be1
SHA256 c2d3df86783e657f5f2e5621f4797bfca4b9bd95a04b6677f96935b974bfd554
SHA512 02d9080b28cf2d8c159f48f14c62f42c328788703d029b17a25dfb4e551063c1d1397cc2fd40cc013ab6080ed37f9895d28ccbd3b9479bbc4ec9ad8902ef008d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 da55fa6d0020c75efa829fe19712565e
SHA1 70b2928da1595efb8c87105219cd8ed297d4b4fc
SHA256 d5ea8603138f293b878534ce3926f17f6b1e9bde5d72fb6335ecfc6d32527749
SHA512 64ca79163965ebf822cb2f25166264d861e363c61ae755dedfa109aebea747843c26b0d2949f2a17277392bda07f3e25b088b2474289fa939f20facb6f229d75

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d8d2afffa8a760fb1f1339e76d9faf67
SHA1 e303ed598ef7f1339cd6ed333dc42eaab70c167d
SHA256 9068857c513650333e4c833fc60ada6b6e0c5fcf567f1c63ef6c8dd76139a602
SHA512 14218353c7bbc6a91194771e9d93ddfe1ac9f93b486674dad7a5bd7ba1ae753cc80dea1f28b7570b53a6c74b6906d36c413df94a0c600701cbbb91614ddbc6a8

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d443b85dbd95aa41b815df8cbf29cdc2
SHA1 7490b6ca9605dbe8fcfdf741f59ef73edbbdec4a
SHA256 6d7b1d5f1b5602d63f351370498cd299a52b53f8e2240d76b8ff887e4d0d9cb7
SHA512 48768bb9ce0a1271e1513227c4f83f13615f0040c2d0e02d7b4105d22cfa79784d000458679e34f082f27e9084c15573ca6a2b8038257d8fcf4b6747e6a2d169

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 62e5f197694de06e70a7dc048523f7cc
SHA1 3413d334bcf65b26e2a84250c68d1a280b658ff4
SHA256 ed1f32aedea8fc57eb8663f1322b698aca42dc466036ddc1ccd696336511b350
SHA512 591aa1c4e97bb7268493b6a20f9d539faf1ba9ef9680cc511eac07c733002a2d1271d8c70d412242ca6a56337c20bbd46c9875f2245e582a0de845188cadce86

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 f6954d8fe28ac434d1929c4b945cb6cc
SHA1 5d9fcfe5819fac9f0dbc96bada56ee115bbe4734
SHA256 7444b22c6b728065d26dad8d7a24fcee639806a33c193a774d6ec9f6f89a7597
SHA512 1f4904a2d54b40d949754249053481703a6752e6ad7a9406976ae7e9d908a406d4abea76e47cfabdd49a26acd41fa77d83ea2c3c293c605f402fa9be839b8bbf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 b59d59676d88831fcfbadffcc62da052
SHA1 af2af9c3d5af81051be29e12aee18030fbbaf1af
SHA256 30c1ede3f93a61de3ec1a754a00621350a4fec198232e6cdff3d6d3f2e9306c1
SHA512 cc7a6ca93cbb8bccd3f9c9e9a06ce55f77c72f3ab721b61228703ed233c65235976a7626c5e4631a10899884a412ce0782a4ed054154862a550d35f2d8a5cc37

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 1196324afcc39936c3aba0072abc0685
SHA1 9c07f66dd4ff557609522f1e9f9ebe52c3cf4d3c
SHA256 78e77e7cfc5a056ea6f8fa21bfea4f93b00dd8d46a64c3ed45051210de725bc3
SHA512 38fb99578827d01fa8221610357ae07d92366f9fdd7dfe26ff5f022571fe84207c87f53c42622ac63843164c47d52574749e3ce3414a4a7015121a50036dc608

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 16ded02d46ac9f406415556dd4fb9d80
SHA1 b716c4098d2de1ea80d4123f7c1cab6731a6d1f8
SHA256 e9459e34512611e2aac4b1e9807a8bb5e449d5d4adb9e0b841196fd5c13ad19d
SHA512 3299a5ada693d4e2c07017cd9ed542e4d9d27bd383ea4b4624d4cc9824cd3318823556f3afdc39f5530888363e33021c24bbf2443da0b87cf837069ed34e6240