Analysis Overview
Threat Level: Likely malicious
The file http://anydesk.com was found to be: Likely malicious.
Malicious Activity Summary
Modifies Windows Firewall
Downloads MZ/PE file
Manipulates Digital Signatures
Possible privilege escalation attempt
Stops running service(s)
Creates new service(s)
Modifies file permissions
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Reads user/profile data of web browsers
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Adds Run key to start application
Checks installed software on the system
Drops file in System32 directory
Enumerates processes with tasklist
Drops file in Program Files directory
Launches sc.exe
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
Checks processor information in registry
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: LoadsDriver
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Enumerates system info in registry
NTFS ADS
Runs net.exe
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-09 08:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-09 08:58
Reported
2024-08-09 09:37
Platform
win11-20240802-en
Max time kernel
2298s
Max time network
2299s
Command Line
Signatures
Creates new service(s)
Downloads MZ/PE file
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2008\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.28\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.1.1\FuncName = "DecodeAttrSequence" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2001\FuncName = "WVTAsn1SpcMinimalCriteriaInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.30\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.30\FuncName = "WVTAsn1SpcSigInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.4\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2010\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2008\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.10\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2222\FuncName = "WVTAsn1CatMemberInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2008\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.28\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.4.4\FuncName = "WVTAsn1SealingTimestampAttributeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.28\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2000\FuncName = "WVTAsn1SpcSpAgencyInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubDefCertInit" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllFormatObject\1.3.6.1.5.5.7.3.4\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.25\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2221\FuncName = "WVTAsn1CatNameValueDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLVERIFYINDIRECTDATA\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Stops running service(s)
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000\Software\Microsoft\Windows\CurrentVersion\Run\electron.app.BlueStacks Services = "C:\\Users\\Admin\\AppData\\Local\\Programs\\bluestacks-services\\BlueStacksServices.exe --hidden" | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\AnyDeskPrintDriver-manifest.ini | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D0.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D2.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\AnyDeskPrintDriverRenderFilter-PipelineConfig.xml | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\AnyDeskPrintDriver.gpd | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\anydeskprintdriver.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D2.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CF.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriverRenderFilter.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\AnyDeskPrintDriver.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriverRenderFilter-PipelineConfig.xml | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CE.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriver-manifest.ini | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CF.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D1.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriver.gpd | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CD.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e} | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D0.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\winmgmts:{impersonationLevel=Impersonate}!\root\cimv2 | C:\Users\Admin\AppData\Local\Temp\Temp1_leomoon-dot-com_leomoon-cpu-v_win.zip\LeoMoon CPU-V.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55D1.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CE.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\anydeskprintdriver.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File opened for modification | C:\Windows\system32\storage.json | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriver.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\anydeskprintdriver.inf_amd64_07b22d0a6997cb3a\AnyDeskPrintDriverRenderFilter.dll | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\system32\storage.json | C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\SET55CD.tmp | C:\Windows\system32\DrvInst.exe | N/A |
Enumerates processes with tasklist
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\www\images\noNetwork.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\ldplayer9box\libssl-1_1-x64.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxHostChannel.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\dasync.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\app.ico | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\el.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\en-GB.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\Qt6QmlModels.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Qt6QuickControls2.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\cs.pak | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\language\chs.qm | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\bearer\qgenericbearer.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstAnimate.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\bldRTLdrCheckImports.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\BstkC.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\libOpenglRender.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\imageformats\qsvg.dll | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\MyGames\Card_Elliptical_gradient.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libtransform_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\vcruntime140_1.dll | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\msvcp140_2.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\msvcp140_atomic_wait.dll | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\QtQuick\Layouts\qquicklayoutsplugin.dll | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\HD-DiskFormatCheck.exe | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\cef\locales\bg.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\FocusBox.png | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\MIM Logo.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtQuick\Shapes\qmldir | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\translations\qtwebengine_locales\ro.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\libblend_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxTestOGL.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\video_filter\liberase_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\Qt6WebEngineQuick.dll | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\cef\locales\en-GB.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\cef\locales\hu.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\Marketplace_on.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\Qt5Positioning.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\ldplayer9box\SUPLoggerCtl.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\QtWebEngine\qmldir | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\checkBox\checked_disable.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\CloudMode\Icon_instantly.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\www\localization\index.js | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\imageformats\qwbmp.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\codec\libflac_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\position\qtposition_winrt.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\image\MyGames\pc_refresh_default.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\TypeIndicator\PremiumGame_on.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\HD-ComRegistrar.exe | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\more.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\SideBar\left_arrow_hover.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-memory-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\d3dcompiler_47.dll | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\tr.pak | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files\BlueStacks_nxt\translations\qtwebengine_locales\zh-TW.pak | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\cef\locales\pt-BR.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\image\close_main.svg | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\aws\aws-c-s3.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\plugins\audio_filter\libtospdif_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\misc\libfingerprinter_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File created | C:\Program Files (x86)\BlueStacks X\plugins\misc\libstats_plugin.dll | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| File opened for modification | C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| File created | C:\Program Files\ldplayer9box\USBInstall.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BlueStacks X\cef\locales\da.pak | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\LOGS\DPX\setuperr.log | C:\Windows\SysWOW64\expand.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\A2BBB4ED-766D-434A-87BE-F33FF71B7B5A\dismhost.exe | N/A |
| File opened for modification | C:\Windows\LOGS\DPX\setupact.log | C:\Windows\SysWOW64\expand.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\AnyDesk.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_vn_10077_CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE_ld.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\SYSTEM32\netsh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WScript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS086EA039\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\BlueStacksServicesSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\expand.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\driverconfig.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\LDPlayer9_vn_10077_CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\BlueStacksInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 | N/A | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133676675591104461" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "200" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | N/A | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" | N/A | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | N/A | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | N/A | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-2F1A-4D6C-81FC-E3FA843F49AE}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4521-44CC-DF95-186E4D057C83} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-F1F8-4590-941A-CDB66075C5BF}\NumMethods\ = "44" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-71B2-4817-9A64-4ED12C17388E}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-319C-4E7E-8150-C5837BD265F6}\ = "IGuestMouseEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3188-4C8C-8756-1395E8CB691C}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F6D4-4AB6-9CBF-558EB8959A6A}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\ProgId | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-47C7-4A3F-AAE1-1B516817DB41}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-2F1A-4D6C-81FC-E3FA843F49AE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AC97-4C16-B3E2-81BD8A57CC27}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-70A2-487E-895E-D3FC9679F7B3}\NumMethods\ = "15" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8CE7-469F-A4C2-6476F581FF72}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9536-4EF8-820E-3B0E17E5BBC8}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7071-4894-93D6-DCBEC010FA91}\NumMethods\ = "58" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-61D9-4940-A084-E6BB29AF3D83}\ = "IUSBControllerChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C927-11E7-B788-33C248E71FC7}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7F29-4AAE-A627-5A282C83092C}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8A02-45F3-A07D-A67AA72756AA}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.Session.1 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ldmnq.ldbk\DefaultIcon | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E8A-11E9-825C-AB7B2CABCE23}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-402E-022E-6180-C3944DE3F9C8}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-44DE-1653-B717-2EBF0CA9B664}\ = "IGuestFile" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C71F-4A36-8E5F-A77D01D76090}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AA82-4720-BC84-BD097B2B13B8} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-47C7-4A3F-AAE1-1B516817DB41}\NumMethods\ = "11" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7F1-4A5A-A4EF-A11DD9C2A458}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-486E-472F-481B-969746AF2480}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-00B1-4E9D-0000-11FA00F9D583}\NumMethods\ = "13" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-EBF9-4D5C-7AEA-877BFC4256BA} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D612-47D3-89D4-DB3992533948}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-647D-45AC-8FE9-F49B3183BA37}\ = "IGuestSessionEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7DB-4616-AAC6-CFB94D89BA78}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-735F-4FDE-8A54-427D49409B5F} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-70A2-487E-895E-D3FC9679F7B3}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-EABD-4FA6-960A-F1756C99EA1C}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6E0B-492A-A8D0-968472A94DC7}\NumMethods\ = "15" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9536-4EF8-820E-3B0E17E5BBC8}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D8ED-44CF-85AC-C83A26C95A4D} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F1F8-4590-941A-CDB66075C5BF}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9849-4F47-813E-24A75DC85615}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0FF7-46B7-A138-3C6E5AC946B4}\ = "IGuestDnDTarget" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8F30-401B-A8CD-FE31DBE839C0}\NumMethods\ = "12" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C196-4D26-B8DB-4C8C389F1F82}\NumMethods\ = "22" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-5F86-4D65-AD1B-87CA284FB1C8}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8079-447A-A33E-47A69C7980DB}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-AA82-4720-BC84-BD097B2B13B8}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-B7F1-4A5A-A4EF-A11DD9C2A458} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2F1A-4D6C-81FC-E3FA843F49AE}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-486F-40DB-9150-DEEE3FD24189}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4A75-437E-B0BB-7E7C90D0DF2A}\NumMethods\ = "88" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-3E87-11E9-8AF2-576E84223953}\NumMethods\ = "36" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-3FF2-4F2E-8F09-07382EE25088}\ = "IMachineRegisteredEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4521-44CC-DF95-186E4D057C83}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4A75-437E-B0BB-7E7C90D0DF2A} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4974-A19C-4DC6-CC98C2269626} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-08A7-4C8F-910D-47AABD67253A}\ = "IRecordingChangedEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4521-44CC-DF95-186E4D057C83}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6E15-4F71-A6A5-94E707FAFBCC}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-394D-44D3-9EDB-AF2C4472C40A}\ = "ICloudNetworkEnvironmentInfo" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4521-44CC-DF95-186E4D057C83}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-057D-4391-B928-F14B06B710C5}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_vn_10077_CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE_ld.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\leomoon-dot-com_leomoon-cpu-v_win.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\AnyDesk.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Runs net.exe
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\AnyDesk.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\AnyDesk\AnyDesk.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe | N/A |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_leomoon-dot-com_leomoon-cpu-v_win.zip\LeoMoon CPU-V.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://anydesk.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9fa2acc40,0x7ff9fa2acc4c,0x7ff9fa2acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1956,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1948 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1748,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1988 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2352 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3000,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3004,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3024 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4348,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4536,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4648 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3152,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3332,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4632 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004CC
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4956,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5064 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5240,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5716,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5724 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5732,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5860 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=6108,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6076,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6040 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6044,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5772 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3488,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5824 /prefetch:8
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe"
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --local-service
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --local-control
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --backend
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5208,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6532 /prefetch:8
C:\Users\Admin\Downloads\AnyDesk.exe
"C:\Users\Admin\Downloads\AnyDesk.exe" --install "C:\Program Files (x86)\AnyDesk" --start-with-win --create-shortcuts --create-taskbar-icon --create-desktop-icon --install-driver:mirror --install-driver:printer --update-main --svc-conf "C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf" --sys-conf "C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf"
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --control
C:\Windows\SysWOW64\expand.exe
expand -F:* "C:\Users\Admin\AppData\Roaming\AnyDesk\printer_driver\v4.cab" "C:\Users\Admin\AppData\Roaming\AnyDesk\printer_driver"
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" printui.dll, PrintUIEntry /if /b "AnyDesk Printer" /f "C:\Users\Admin\AppData\Roaming\AnyDesk\printer_driver\AnyDeskPrintDriver.inf" /r "AD_Port" /m "AnyDesk v4 Printer Driver"
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --new-install
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\anydeskprintdriver.inf" "9" "49a18f3d7" "0000000000000150" "WinSta0\Default" "0000000000000160" "208" "c:\users\admin\appdata\roaming\anydesk\printer_driver"
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 20 Global\{BDAF9C34-DA20-43CD-B9CD-714F79D4B81A} Global\{FC3B7713-F3CF-408F-AF37-E39A128BB203} C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\anydeskprintdriver.inf C:\Windows\System32\DriverStore\Temp\{66701646-b81b-3345-aff2-9eccba4b498e}\AnyDeskPrintDriver.cat
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --backend
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9fa2acc40,0x7ff9fa2acc4c,0x7ff9fa2acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3740,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=2392,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5400,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6120,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5872,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7024 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7132,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5876,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7164,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5456,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6468 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7092,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7180,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6504,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7492,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7048,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6764,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6112 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6536,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5200,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7544 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7424,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7436,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7508 /prefetch:8
C:\Users\Admin\Downloads\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
"C:\Users\Admin\Downloads\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe"
C:\Users\Admin\AppData\Local\Temp\7zS086EA039\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zS086EA039\BlueStacksInstaller.exe"
C:\Users\Admin\AppData\Local\Temp\7zS086EA039\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS086EA039\HD-CheckCpu.exe" --cmd checkHypervEnabled
C:\Users\Admin\AppData\Local\Temp\7zS086EA039\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zS086EA039\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BSX-Setup-5.21.505.1008_nxt.exe" -s
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Program Files (x86)\BlueStacks X\green.vbs"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c green.bat
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="BlueStacksWeb"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="Cloud Game"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="BlueStacksWeb" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe"
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="Cloud Game" dir=in action=allow program="C:\Program Files (x86)\BlueStacks X\Cloud Game.exe"
C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe
"C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -versionMachineID=b2332b3f-c3cd-41f5-870f-45225a9970cf -machineID=bb990707-fedb-4d99-b1bc-054e01276c05 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bsx -bsxVersion=10.41.503.1001 -country=GB -skipBinaryShortcuts -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\Bootstrapper.exe" -versionMachineID=b2332b3f-c3cd-41f5-870f-45225a9970cf -machineID=bb990707-fedb-4d99-b1bc-054e01276c05 -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName=Pie64 -imageToLaunch=Pie64 -isSSE4Available=1 -appToLaunch=bsx -bsxVersion=10.41.503.1001 -country=GB -skipBinaryShortcuts -isWalletFeatureEnabled
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\BlueStacksInstaller.exe" -versionMachineID="b2332b3f-c3cd-41f5-870f-45225a9970cf" -machineID="bb990707-fedb-4d99-b1bc-054e01276c05" -pddir="C:\ProgramData\BlueStacks_nxt" -defaultImageName="Pie64" -imageToLaunch="Pie64" -appToLaunch="bsx" -bsxVersion="10.41.503.1001" -country="GB" -skipBinaryShortcuts -isWalletFeatureEnabled -parentpath="C:\Users\Admin\AppData\Local\BlueStacksSetup\BlueStacks10Installer_10.41.503.1001_native_461915b8ff524752313d2449b454659b_MzsxNSwwOzUsMTsxNSw0OzE1LA==.exe" -md5=461915b8ff524752313d2449b454659b -app64=
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\" -aoa
C:\ProgramData\BlueStacksServicesSetup.exe
"C:\ProgramData\BlueStacksServicesSetup.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq BlueStacksServices.exe" | find "BlueStacksServices.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq BlueStacksServices.exe"
C:\Windows\SysWOW64\find.exe
find "BlueStacksServices.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 1 2
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 4 2
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 4 1
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --hidden --initialLaunch
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe" 2 1
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\\HD-GLCheck.exe" 2
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1568 --field-trial-handle=1708,i,16065034741535463325,12814940240496432548,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cscript.exe
cscript.exe
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --mojo-platform-channel-handle=1956 --field-trial-handle=1708,i,16065034741535463325,12814940240496432548,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\\HD-GLCheck.exe" 1
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKCU\SOFTWARE\BlueStacksServices
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regPutValue.wsf A
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --app-user-model-id=com.bluestacks.services --app-path="C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\app.asar" --enable-sandbox --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2608 --field-trial-handle=1708,i,16065034741535463325,12814940240496432548,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A "HKCU\SOFTWARE\BlueStacks X"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cscript.exe
cscript.exe //Nologo C:\Users\Admin\AppData\Local\Programs\bluestacks-services\resources\regedit\vbs\regList.wsf A HKLM\SOFTWARE\BlueStacks_nxt
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" x "C:\ProgramData\Pie64_5.21.505.1008.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe" --cmd checkSSE3
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"
C:\Windows\system32\sc.exe
sc.exe delete BlueStacksDrv_nxt
C:\Windows\SYSTEM32\reg.exe
"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\ymiqbhm0.z2s\RegHKLM.txt"
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\ymiqbhm0.z2s\*"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cloud.bluestacks.com/bs3/help_articles?article=valid_cert_update&oem=nxt&locale=en-US&guid=bb990707-fedb-4d99-b1bc-054e01276c05&image_name=Pie64
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2568 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4052 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2728 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,5713668612939590413,9649753001748086765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6740,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7532 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7420,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6932,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7412 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7728,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7456 /prefetch:8
C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe
"C:\Users\Admin\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-data-dir="C:\Users\Admin\AppData\Roaming\bluestacks-services" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2380 --field-trial-handle=1708,i,16065034741535463325,12814940240496432548,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7348,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6088 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe
"C:\Users\Admin\Downloads\nox_setup_v7.0.6.0_full_intl.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Nox\CheckGLVersion.exe
"C:\Users\Admin\AppData\Local\Nox\CheckGLVersion.exe "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://support.bignox.com/en/tsxn/GPU
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3555298587997059175,1574067668194202000,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=6924,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7924,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7788 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7948,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7936 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8112,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7408 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8188,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7736 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=7832,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7524 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8208,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7060 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8260,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8248 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8376,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8400,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8528 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8668,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8656 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7952,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8876 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8216,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8884 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=9164,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=9316,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=9432,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=9620,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9440,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=9568,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9756 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9544,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=9076,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=9268,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=9684,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=9520,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10212 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=10060,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10340 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=10504,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10516 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9452,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9736 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\Downloads\LDPlayer9_vn_10077_CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE_ld.exe
"C:\Users\Admin\Downloads\LDPlayer9_vn_10077_CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE_ld.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=9120,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7928 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=10456,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=10440,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10464 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=10152,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10084 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9068,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10092 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=10380,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=10768,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10792 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=10936,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=10752,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=11080,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=11100,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11092 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=11108,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8884 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=11132,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11376 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=11152,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11172,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11628 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=11192,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11764 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=11200,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=11768,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=10916,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=6736,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=7848,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=10468,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8576 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=11712,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=11636,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=10880,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=10040,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11728 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=9496,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8628 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=9456,i,3936209937114740559,12920986562028066200,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10408 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=10077 -language=vn -path="F:\LDPlayer\LDPlayer9\" -googleid=CjwKCAjw_Na1BhAlEiwAM-dm7MWfnwgkhK4qEMWPpiZsI0ol8UblVmi-_ev1zXRfIK59Iibsdg2AXxoCP00QAvD_BwE
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=918374
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\A2BBB4ED-766D-434A-87BE-F33FF71B7B5A\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\A2BBB4ED-766D-434A-87BE-F33FF71B7B5A\dismhost.exe {2F57212B-EF03-4D50-A915-1312309EB760}
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/vn.ldplayer
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://vi.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6660 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7896 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8924 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\Temp1_leomoon-dot-com_leomoon-cpu-v_win.zip\LeoMoon CPU-V.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_leomoon-dot-com_leomoon-cpu-v_win.zip\LeoMoon CPU-V.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1860,17106675936464945718,7064346400370260679,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8876 /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe
"C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe"
C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --mojo-platform-channel-handle=3712 /prefetch:1
C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe
BlueStacksWeb.exe --type=renderer --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,InstalledApp,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --lang=en --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=3832 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://now.gg/play/garena-international-i/1398/free-fire?source=launcher&utm_medium=bluestacksx&launcher_guid=b4233740-23e2-411d-9218-11dc40147598&user_id=&utm_source=now.gg-partner&utm_campaign=BlueStacksXSysBrowser
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5136 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,12079691596436440415,15336811220082036764,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe
"C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Bootstrapper.exe" -s -defaultImageName Pie64 -imageToLaunch Pie64 -skipBinaryShortcuts -appToLaunch=bsx
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BlueStacksInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BlueStacksInstaller.exe" -s -defaultImageName="Pie64" -imageToLaunch="Pie64" -skipBinaryShortcuts -appToLaunch="bsx" -parentpath="C:\Users\Admin\AppData\Local\BlueStacks X\BlueStacks-Installer_5.21.505.1008_amd64_native.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\CommonInstallUtils.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtRedistx64.zip" -o"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-ForceGPU.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-ForceGPU.exe" 1 "C:\Program Files\BlueStacks_nxt"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 1 2
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 4 2
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 2 2
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 1 1
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 4 1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe" 2 1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe" --cmd checkSSE4
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\PF.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\\HD-GLCheck.exe" 2
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\\HD-GLCheck.exe" 3
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-GLCheck.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\\HD-GLCheck.exe" 1
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtRedistx64.zip" -o"C:\Program Files\BlueStacks_nxt" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\PD.zip" -o"C:\ProgramData\BlueStacks_nxt" -aoa
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" x "C:\Users\Admin\AppData\Local\BlueStacks X\Pie64_5.21.505.1008.exe" -o"C:\ProgramData\BlueStacks_nxt\Engine\Pie64" -aoa
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacks Service"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacks Service" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\HD-Player.exe" enable=yes
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall delete rule name="BlueStacksAppplayerWeb"
C:\Windows\SYSTEM32\netsh.exe
"netsh.exe" advfirewall firewall add rule name="BlueStacksAppplayerWeb" dir=in action=allow program="C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe" enable=yes
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-CheckCpu.exe" --cmd checkSSE3
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /c "sc.exe delete BlueStacksDrv_nxt"
C:\Windows\system32\sc.exe
sc.exe delete BlueStacksDrv_nxt
C:\Windows\SYSTEM32\reg.exe
"reg.exe" EXPORT HKLM\Software\BlueStacks_nxt "C:\Users\Admin\AppData\Local\Temp\kkgjmq0v.ryh\RegHKLM.txt"
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe
"C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\7zr.exe" a "C:\Users\Admin\AppData\Local\Temp\Installer.zip" -m0=LZMA:a=1 "C:\Users\Admin\AppData\Local\Temp\kkgjmq0v.ryh\*"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cloud.bluestacks.com/bs3/help_articles?article=bsx_engine_install_instruction&launcher_version=10.41.503.1001
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0x100,0x12c,0x7ff9e1923cb8,0x7ff9e1923cc8,0x7ff9e1923cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2008 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1992,715810295327658232,560440930164301351,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq HD-Player.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq HD-Player.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist /FI "IMAGENAME eq BlueStacks X.exe""
C:\Windows\system32\tasklist.exe
tasklist /FI "IMAGENAME eq BlueStacks X.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | anydesk.com | udp |
| GB | 18.244.114.28:80 | www.anydesk.com | tcp |
| GB | 18.244.114.28:80 | www.anydesk.com | tcp |
| GB | 18.244.114.28:443 | www.anydesk.com | tcp |
| US | 8.8.8.8:53 | ad-wa.anydesk.com | udp |
| US | 104.16.138.209:443 | js.hs-scripts.com | tcp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| US | 104.16.79.142:443 | js.usemessages.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.18.30.176:443 | tracking.g2crowd.com | tcp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.138.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.224.235.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.79.16.104.in-addr.arpa | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.16.118.116:443 | app.hubspot.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.28.127:443 | geolocation.onetrust.com | tcp |
| US | 104.18.22.183:443 | js.hs-banner.com | tcp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 104.18.22.183:443 | js.hs-banner.com | tcp |
| GB | 108.138.233.123:443 | www.dwin1.com | tcp |
| GB | 52.84.90.8:443 | scripts.iconnode.com | tcp |
| GB | 18.164.68.15:443 | serve.albacross.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| GB | 18.245.187.29:443 | lantern.roeyecdn.com | tcp |
| US | 104.16.118.116:443 | app.hubspot.com | tcp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | tcp |
| IE | 34.246.166.36:443 | lantern.roeye.com | tcp |
| GB | 18.244.114.28:443 | www.anydesk.com | tcp |
| US | 104.17.173.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.173.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.173.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.173.91:443 | static.hsappstatic.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.16.117.116:443 | app.hubspot.com | tcp |
| US | 8.8.8.8:53 | 91.173.17.104.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.16.118.116:443 | app.hubspot.com | tcp |
| GB | 173.222.211.56:443 | snap.licdn.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| IE | 52.211.97.150:443 | new-collect.albacross.com | tcp |
| IT | 157.240.231.1:443 | connect.facebook.net | tcp |
| DE | 159.69.19.197:443 | download.anydesk.com | tcp |
| DE | 159.69.19.197:443 | download.anydesk.com | tcp |
| IT | 157.240.231.1:443 | connect.facebook.net | udp |
| NL | 172.217.168.198:443 | 12375076.fls.doubleclick.net | tcp |
| NL | 172.217.168.198:443 | 12375076.fls.doubleclick.net | tcp |
| NL | 172.217.168.198:443 | 12375076.fls.doubleclick.net | tcp |
| NL | 172.217.168.198:443 | 12375076.fls.doubleclick.net | udp |
| IT | 157.240.231.35:443 | www.facebook.com | tcp |
| IT | 157.240.231.35:443 | www.facebook.com | tcp |
| US | 104.18.24.189:443 | 7940397.fs1.hubspotusercontent-na1.net | tcp |
| DE | 195.181.174.174:443 | boot.net.anydesk.com | tcp |
| GB | 195.181.165.139:443 | relay-2cf7befd.net.anydesk.com | tcp |
| GB | 18.245.187.82:80 | api.playanext.com | tcp |
| VN | 14.191.137.86:24502 | tcp | |
| VN | 14.191.137.86:7070 | tcp | |
| VN | 14.191.137.86:7070 | tcp | |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 195.181.165.139:443 | relay-2cf7befd.net.anydesk.com | tcp |
| GB | 195.181.165.154:443 | relay-98c428ee.net.anydesk.com | tcp |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| GB | 18.245.187.59:80 | api.playanext.com | tcp |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| N/A | 239.255.102.18:50001 | udp | |
| N/A | 239.255.102.18:50002 | udp | |
| N/A | 239.255.102.18:50003 | udp | |
| VN | 14.191.137.86:15952 | tcp | |
| VN | 14.191.137.86:7070 | tcp | |
| VN | 14.191.137.86:7070 | tcp | |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 216.239.34.180:443 | colab.research.google.com | tcp |
| US | 216.239.34.180:443 | colab.research.google.com | tcp |
| US | 216.239.34.180:443 | colab.research.google.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| NL | 142.251.36.14:443 | www.youtube.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| NL | 142.251.36.14:443 | www.youtube.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.39.97:443 | t6tg726r1x-496ff2e9c6d22116-0-colab.googleusercontent.com | tcp |
| NL | 142.251.39.97:443 | t6tg726r1x-496ff2e9c6d22116-0-colab.googleusercontent.com | tcp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| NL | 142.251.39.97:443 | t6tg726r1x-496ff2e9c6d22116-0-colab.googleusercontent.com | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.174:443 | accounts.youtube.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | tcp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| NL | 142.251.36.54:443 | i.ytimg.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.138:443 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | udp |
| NL | 142.251.36.54:443 | i.ytimg.com | udp |
| NL | 216.58.208.98:443 | googleads.g.doubleclick.net | tcp |
| NL | 216.58.208.98:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 184.28.176.9:443 | www.bing.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| JP | 34.84.111.50:443 | e2c3.gcp.gvt2.com | tcp |
| JP | 34.84.111.50:443 | e2c3.gcp.gvt2.com | tcp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.250.179.174:443 | accounts.youtube.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.174:443 | accounts.youtube.com | tcp |
| NL | 142.250.27.94:443 | accounts.google.com.vn | tcp |
| NL | 142.250.27.94:443 | accounts.google.com.vn | tcp |
| NL | 142.251.36.54:443 | i.ytimg.com | udp |
| NL | 216.58.208.98:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 142.250.179.174:443 | accounts.youtube.com | udp |
| NL | 142.250.179.138:443 | content-autofill.googleapis.com | udp |
| NL | 172.217.168.234:443 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | tcp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | udp |
| GB | 108.138.233.47:443 | www.bluestacks.com | tcp |
| GB | 108.138.233.47:443 | www.bluestacks.com | tcp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| NL | 172.217.23.195:443 | google.com.vn | tcp |
| NL | 172.217.168.195:443 | beacons3.gvt2.com | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | 195.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| GB | 92.123.142.67:443 | cdn.now.gg | udp |
| US | 8.8.8.8:53 | cdn-icon.bluestacks.com | udp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | udp |
| GB | 18.244.114.17:443 | cmp.inmobi.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.202:443 | content-autofill.googleapis.com | tcp |
| GB | 18.244.114.17:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 17.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| DE | 52.57.223.191:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 191.223.57.52.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | tcp |
| US | 34.120.235.88:443 | webapi-cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| NL | 216.58.208.98:443 | googleads.g.doubleclick.net | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | udp |
| N/A | 127.0.0.1:54094 | tcp | |
| NL | 172.217.23.195:443 | google.com.vn | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| N/A | 127.0.0.1:54101 | tcp | |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| N/A | 127.0.0.1:49968 | tcp | |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 8.8.8.8:53 | wallet.now.gg | udp |
| US | 34.96.124.47:443 | wallet.now.gg | tcp |
| NL | 142.251.36.10:443 | fcmregistrations.googleapis.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| NL | 216.58.214.27:443 | storage.googleapis.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 104.16.51.111:443 | support.bluestacks.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 23.200.147.41:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 111.51.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 104.18.72.113:443 | ekr.zdassets.com | tcp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 104.16.53.111:443 | bluestacks.zendesk.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 13.227.146.32:443 | widget.kommunicate.io | tcp |
| US | 199.232.192.134:443 | bluestacks-zendesk-com.disqus.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 104.18.70.113:443 | ekr.zdassets.com | tcp |
| US | 8.8.8.8:53 | disqus.com | udp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| PL | 18.244.102.46:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | 134.192.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.70.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.146.227.13.in-addr.arpa | udp |
| US | 104.16.53.111:443 | bluestacks.zendesk.com | tcp |
| PL | 18.244.146.26:443 | cdn.kommunicate.io | tcp |
| US | 13.227.146.32:443 | widget.kommunicate.io | tcp |
| US | 8.8.8.8:53 | 26.146.244.18.in-addr.arpa | udp |
| US | 35.168.191.136:443 | api.kommunicate.io | tcp |
| US | 34.234.148.15:443 | chat.kommunicate.io | tcp |
| US | 8.8.8.8:53 | 15.148.234.34.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 104.18.6.128:443 | vn.bignox.com | tcp |
| US | 104.18.6.128:443 | vn.bignox.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | res02.noxgroup.com | udp |
| US | 8.8.8.8:53 | res11.bignox.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| PL | 18.244.102.61:443 | res11.bignox.com | tcp |
| PL | 18.244.102.61:443 | res11.bignox.com | tcp |
| PL | 18.244.102.61:443 | res11.bignox.com | tcp |
| US | 8.8.8.8:53 | bi.noxgroup.com | udp |
| US | 104.18.6.128:443 | vn.bignox.com | udp |
| US | 8.8.8.8:53 | res06.noxgroup.com | udp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| NL | 142.250.179.202:443 | fcmregistrations.googleapis.com | tcp |
| US | 8.8.8.8:53 | res06.bignox.com | udp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| US | 8.8.8.8:53 | 128.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.102.244.18.in-addr.arpa | udp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.128:443 | res06.bignox.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 146.7.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.21.210.103.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 104.18.6.128:443 | res06.bignox.com | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.120.234.20.in-addr.arpa | udp |
| CN | 47.94.233.176:443 | api-new.bignox.com | tcp |
| CN | 47.94.233.176:443 | api-new.bignox.com | tcp |
| US | 8.8.8.8:53 | support.bignox.com | udp |
| US | 8.8.8.8:53 | support.bignox.com | udp |
| US | 104.18.6.128:443 | www.bignox.com | tcp |
| US | 104.18.6.128:443 | www.bignox.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.7.128:443 | www.bignox.com | tcp |
| US | 104.18.7.128:443 | www.bignox.com | tcp |
| US | 104.18.7.128:443 | www.bignox.com | tcp |
| US | 104.18.6.128:443 | www.bignox.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| GB | 104.86.110.97:443 | tcp | |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| IE | 20.50.73.9:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 23.200.147.152:443 | ow1.res.office365.com | tcp |
| US | 8.8.8.8:53 | b-ring-fallback.msedge.net | udp |
| US | 13.107.9.254:443 | b-ring-fallback.msedge.net | tcp |
| US | 13.107.253.64:443 | fp-afd.azureedge.net | tcp |
| US | 8.8.8.8:53 | 254.9.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| GB | 184.28.176.49:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | udp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| GB | 163.181.57.232:443 | vi.ldplayer.net | tcp |
| GB | 163.181.57.232:443 | vi.ldplayer.net | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 232.57.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.70.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.154.181.163.in-addr.arpa | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.251.36.14:443 | apis.google.com | tcp |
| NL | 142.250.179.138:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| US | 8.8.8.8:53 | apivn.ldplayer.net | udp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| SG | 47.236.4.49:443 | usersdk.ldmnq.com | tcp |
| NL | 142.251.36.14:443 | apis.google.com | udp |
| NL | 142.251.36.54:443 | play-lh.googleusercontent.com | tcp |
| HK | 8.218.183.19:443 | apivn.ldplayer.net | tcp |
| HK | 8.218.183.19:443 | apivn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | hm.baidu.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| HK | 8.218.183.19:443 | apivn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| CN | 14.215.183.79:443 | hm.baidu.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.183.218.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| GB | 163.181.154.180:443 | res.ldplayer.net | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| NL | 142.251.36.34:443 | www.googletagservices.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| PL | 18.244.149.66:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 13.227.146.87:443 | tagan.adlightning.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb.adxpremium.services | udp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 147.75.81.235:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| DK | 37.157.2.228:443 | adx.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| PL | 18.244.149.66:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| PL | 18.66.233.117:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| DK | 37.157.6.243:443 | cm.adform.net | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| PL | 18.244.146.21:443 | tags.crwdcntrl.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 2.17.68.19:443 | secure.cdn.fastclick.net | tcp |
| GB | 2.17.68.19:443 | secure.cdn.fastclick.net | tcp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| FR | 91.134.110.132:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.149.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.81.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.140.106.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.233.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.68.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.146.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.40.149.34.in-addr.arpa | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | 132.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 89.207.16.210:443 | proc.ad.cpe.dotomi.com | tcp |
| IE | 63.32.135.176:443 | bcp.crwdcntrl.net | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| IE | 67.220.224.150:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| DK | 37.157.3.20:443 | c1.adform.net | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| NL | 89.149.192.76:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 3.229.202.201:443 | pxl.iqm.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 150.224.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.192.149.89.in-addr.arpa | udp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| GB | 104.82.143.163:443 | secure-assets.rubiconproject.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.193:443 | 1f0d59f6f1f21b88749767cc990e7697.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 147.128.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.143.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 52.51.137.36:443 | ice.360yield.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| IE | 34.249.11.239:443 | rtb.gumgum.com | tcp |
| IE | 52.214.238.157:443 | ce.lijit.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| DK | 77.243.51.122:443 | se.semasio.net | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 13.227.146.87:443 | tagan.adlightning.com | tcp |
| US | 13.227.146.87:443 | tagan.adlightning.com | tcp |
| IE | 52.49.5.142:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| IE | 79.125.68.228:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 52.214.238.157:443 | ce.lijit.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 52.86.39.66:443 | sync.ipredictive.com | tcp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 104.18.6.198:443 | capi.connatix.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| NL | 147.75.81.235:443 | prebid.a-mo.net | tcp |
| NL | 142.251.36.6:443 | s0.2mdn.net | tcp |
| PL | 18.66.233.34:443 | live.primis.tech | tcp |
| NL | 142.251.36.6:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 228.68.125.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.39.86.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.233.66.18.in-addr.arpa | udp |
| GB | 92.123.140.17:443 | code.createjs.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | equativ-match.dotomi.com | udp |
| IE | 52.49.5.142:443 | match.prod.bidr.io | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| NL | 63.215.202.137:443 | equativ-match.dotomi.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 104.21.48.215:443 | adxbid.info | tcp |
| NL | 147.75.80.51:443 | sync.a-mo.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| US | 52.73.59.20:443 | sync.srv.stackadapt.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 63.215.202.172:443 | openx2-match.dotomi.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 34.98.64.218:443 | setupad-d.openx.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DK | 37.157.6.243:443 | cm.adform.net | tcp |
| FR | 91.134.110.132:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ws.rqtrk.eu | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| IE | 34.255.230.198:443 | ap.lijit.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| DE | 57.129.18.113:443 | ws.rqtrk.eu | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| GB | 84.17.50.8:443 | vid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.80.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.59.73.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | 198.230.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.50.17.84.in-addr.arpa | udp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| GB | 89.187.167.38:443 | vpaid.vidoomy.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| ES | 212.36.83.245:443 | a.vidoomy.com | tcp |
| ES | 212.36.83.245:443 | a.vidoomy.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| IE | 34.252.81.219:443 | sync.crwdcntrl.net | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 219.81.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| CN | 14.215.182.140:443 | hm.baidu.com | tcp |
| GB | 185.64.190.81:443 | simage4.pubmatic.com | tcp |
| DE | 3.127.42.165:443 | sonata-notifications.taptapnetworks.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| DE | 80.82.210.217:443 | cookie.active-agent.com | tcp |
| SE | 13.50.192.155:443 | d5p.de17a.com | tcp |
| DK | 77.243.51.122:443 | se.semasio.net | tcp |
| CA | 148.113.153.93:443 | pixel.onaudience.com | tcp |
| NL | 63.215.202.169:443 | pubmatic-match.dotomi.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | 93.153.113.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| DE | 3.120.214.218:443 | ps.eyeota.net | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| IE | 34.249.11.239:443 | rtb.gumgum.com | tcp |
| US | 13.227.146.48:443 | s.ad.smaato.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| DE | 52.59.252.86:443 | match.sharethrough.com | tcp |
| NL | 89.149.192.76:443 | ssbsync.smartadserver.com | tcp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| NL | 63.215.202.137:443 | amazon-tam-match.dotomi.com | tcp |
| IE | 67.220.224.150:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| IE | 67.220.224.150:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| IE | 52.49.5.142:443 | match.prod.bidr.io | tcp |
| US | 52.46.128.147:443 | s.amazon-adsystem.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| JP | 124.146.153.151:443 | tg.socdm.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 52.73.59.20:443 | sync.srv.stackadapt.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | udp |
| JP | 124.146.153.151:443 | tg.socdm.com | tcp |
| US | 34.98.64.218:443 | setupad-d.openx.net | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | rtb.adentifi.com | udp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 52.0.218.89:443 | rtb.adentifi.com | tcp |
| US | 50.31.142.255:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.241.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.153.146.124.in-addr.arpa | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 52.73.59.20:443 | sync.srv.stackadapt.com | tcp |
| US | 52.73.59.20:443 | sync.srv.stackadapt.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| FR | 141.95.171.139:443 | green.erne.co | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 52.86.39.66:443 | sync.ipredictive.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| FR | 54.38.113.5:443 | pixel-eu.onaudience.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| DE | 3.120.214.218:443 | ps.eyeota.net | tcp |
| US | 104.18.36.155:443 | dsum.casalemedia.com | udp |
| US | 169.197.150.8:443 | match.deepintent.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.150.197.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| NL | 193.3.178.3:443 | sync.e-planning.net | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| US | 3.213.93.141:443 | cookies.nextmillmedia.com | tcp |
| NL | 193.3.178.2:443 | s.e-planning.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| US | 44.193.56.5:443 | i.liadm.com | tcp |
| NL | 193.3.178.4:443 | u-ams03.e-planning.net | tcp |
| US | 198.206.157.249:443 | imglaunch-us.e-planning.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 193.3.178.3:443 | sync.e-planning.net | tcp |
| US | 34.160.19.107:443 | dmp.brand-display.com | tcp |
| PL | 18.244.146.21:443 | tags.crwdcntrl.net | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 8.8.8.8:53 | 107.19.160.34.in-addr.arpa | udp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| PL | 18.244.146.21:443 | tags.crwdcntrl.net | tcp |
| NL | 35.214.162.128:443 | csync.loopme.me | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 142.251.36.6:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 173.24.18.104.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| NL | 142.251.36.14:443 | apis.google.com | udp |
| NL | 172.217.23.206:443 | google.com | tcp |
| NL | 142.251.36.14:443 | apis.google.com | tcp |
| NL | 172.217.23.206:443 | google.com | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| CN | 111.45.3.198:443 | hm.baidu.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 97.136.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 89.149.192.241:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 54.158.203.221:443 | sync.srv.stackadapt.com | tcp |
| US | 54.158.203.221:443 | sync.srv.stackadapt.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 104.18.36.155:443 | dsum.casalemedia.com | udp |
| NL | 193.3.178.4:443 | u-ams03.e-planning.net | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | 221.203.158.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| US | 104.18.24.173:443 | s.tribalfusion.com | udp |
| US | 34.95.81.168:443 | euexchangesync.digitaleast.mobi | tcp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| CN | 183.240.98.228:443 | hm.baidu.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 89.149.192.241:443 | prg.smartadserver.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| IE | 34.240.119.244:443 | ap.lijit.com | tcp |
| IE | 34.240.119.244:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 54.171.209.159:443 | ce.lijit.com | tcp |
| IE | 54.171.209.159:443 | ce.lijit.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 34.98.64.218:443 | setupad-d.openx.net | udp |
| NL | 89.149.192.76:443 | ssbsync.smartadserver.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 37.252.171.53:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.90:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| US | 54.156.79.63:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 54.156.79.63:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | 244.119.240.34.in-addr.arpa | udp |
| IE | 52.211.93.114:443 | match.prod.bidr.io | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 114.93.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.79.156.54.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | sync.serverbid.com | udp |
| PL | 18.244.146.54:443 | sync.serverbid.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 8.8.8.8:53 | 54.146.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | 134.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.151.173.69.in-addr.arpa | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 142.251.36.14:443 | apis.google.com | udp |
| NL | 172.217.23.206:443 | google.com | udp |
| NL | 89.149.192.241:443 | prg.smartadserver.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 13.227.146.102:443 | apivn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 102.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.96.244.18.in-addr.arpa | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| NL | 147.75.85.97:443 | prebid.a-mo.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | 97.85.75.147.in-addr.arpa | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 37.252.171.53:443 | secure.adnxs.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | en.ldplayer.net | udp |
| US | 13.227.146.12:443 | ad.ldplayer.net | tcp |
| GB | 163.181.57.236:443 | en.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 236.57.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | advertise.ldplayer.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 79.133.176.235:443 | advertise.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| IT | 157.240.231.35:443 | www.facebook.com | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| IT | 157.240.231.1:443 | static.xx.fbcdn.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| IT | 157.240.231.35:443 | fbsbx.com | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | vi.ldplayer.net | udp |
| GB | 163.181.57.231:443 | vi.ldplayer.net | tcp |
| GB | 163.181.57.231:443 | vi.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 231.57.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| US | 13.227.146.102:80 | apivn.ldmnq.com | tcp |
| US | 13.227.146.102:443 | apivn.ldmnq.com | tcp |
| GB | 79.133.176.235:443 | advertise.ldplayer.net | tcp |
| US | 13.227.146.12:443 | ad.ldplayer.net | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | tcp |
| NL | 172.217.168.206:443 | www.youtube.com | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ldcdn.ldmnq.com | udp |
| GB | 163.181.57.231:443 | ldcdn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | udp |
| NL | 142.250.179.214:443 | i.ytimg.com | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| PL | 18.66.233.89:443 | encdn.ldmnq.com | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| NL | 142.251.36.14:443 | www.youtube.com | tcp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 214.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.233.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apivn.ldplayer.net | udp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| NL | 142.251.36.14:443 | www.youtube.com | udp |
| US | 13.227.146.102:443 | apivn.ldmnq.com | tcp |
| HK | 8.218.183.19:443 | apivn.ldplayer.net | tcp |
| NL | 142.251.36.34:443 | www.googletagservices.com | tcp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | udp |
| HK | 8.218.183.19:443 | apivn.ldplayer.net | tcp |
| SG | 8.219.223.66:443 | usersdk.ldmnq.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| ES | 18.67.239.90:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 13.227.146.37:443 | tagan.adlightning.com | tcp |
| US | 13.227.146.37:443 | tagan.adlightning.com | tcp |
| ES | 18.67.239.90:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 90.239.67.18.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| NL | 142.251.36.54:443 | play-lh.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| PL | 18.66.233.67:443 | config.aps.amazon-adsystem.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| PL | 18.244.146.43:443 | tags.crwdcntrl.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| PL | 18.66.233.67:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| IE | 99.80.89.220:443 | bcp.crwdcntrl.net | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | 43.146.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.233.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.89.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| GB | 163.181.154.180:443 | res.ldplayer.net | tcp |
| GB | 163.181.154.138:443 | cdn.ldplayer.net | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| US | 172.67.70.36:443 | cmp.setupcmp.com | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 147.75.85.97:443 | prebid.a-mo.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| IE | 52.211.208.99:443 | ice.360yield.com | tcp |
| DK | 37.157.6.243:443 | adx.adform.net | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | 254.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.208.211.52.in-addr.arpa | udp |
| NL | 89.149.192.76:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| NL | 142.250.179.174:443 | accounts.youtube.com | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| DE | 37.252.171.53:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.193:443 | 2f0913d9f12d31c28968bd335bdb44bd.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| US | 104.21.48.215:443 | adxbid.info | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 3.229.202.201:443 | pxl.iqm.com | tcp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 74.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.97.40.145.in-addr.arpa | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| GB | 95.100.245.168:80 | x2.i.lencr.org | tcp |
| FR | 91.134.110.133:443 | ssbsync.smartadserver.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| FR | 91.134.110.133:443 | ssbsync.smartadserver.com | tcp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| GB | 89.187.167.38:443 | vid.vidoomy.com | tcp |
| US | 104.18.36.155:443 | dsum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 133.110.134.91.in-addr.arpa | udp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| GB | 89.187.167.38:443 | vpaid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| DK | 37.157.6.243:443 | adx.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 253.61.156.35.in-addr.arpa | udp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 147.75.85.97:443 | sync.a-mo.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| IE | 99.80.89.220:443 | bcp.crwdcntrl.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| IE | 63.33.54.152:443 | ap.lijit.com | tcp |
| IE | 52.95.115.196:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 152.54.33.63.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | cebfe31ac5e6a70393ab827e6c35dacb.safeframe.googlesyndication.com | udp |
| NL | 142.250.179.193:443 | cebfe31ac5e6a70393ab827e6c35dacb.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 16ed754104a7b8450d33315c7ad90c06.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 196.115.95.52.in-addr.arpa | udp |
| PL | 18.244.102.5:443 | setupad-tagan.adlightning.com | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 37.252.171.53:443 | secure.adnxs.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | user-sync.adxpremium.services | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 13.227.146.25:443 | s.ad.smaato.net | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 104.82.143.163:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 25.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| IE | 54.228.88.178:443 | ms-cookie-sync.presage.io | tcp |
| DE | 57.129.18.109:443 | wt.rqtrk.eu | tcp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| NL | 35.214.162.128:443 | csync.loopme.me | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| DE | 57.129.18.109:443 | wt.rqtrk.eu | tcp |
| DK | 37.157.3.20:443 | c1.adform.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 109.18.129.57.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| IT | 157.240.231.35:443 | fbsbx.com | tcp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 147.75.85.97:443 | sync.a-mo.net | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| NL | 147.75.85.97:443 | sync.a-mo.net | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| US | 140.99.245.61:443 | leomoon.com | tcp |
| US | 140.99.245.61:443 | leomoon.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| NL | 142.250.179.214:443 | i.ytimg.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | udp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| FR | 51.178.195.209:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| NL | 147.75.85.97:443 | sync.a-mo.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 104.18.11.176:443 | mp.4dex.io | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| DK | 37.157.6.243:443 | adx.adform.net | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | 55832a3d3260d7a92adb94d95b397fd8.safeframe.googlesyndication.com | udp |
| NL | 142.250.179.193:443 | 55832a3d3260d7a92adb94d95b397fd8.safeframe.googlesyndication.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| NL | 35.214.162.128:443 | csync.loopme.me | tcp |
| US | 3.229.202.201:443 | pxl.iqm.com | tcp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 142.250.179.193:443 | c9109865cf8eaa10e137aa07144f6796.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.192.74:443 | rtb-csync.smartadserver.com | tcp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| DE | 57.129.18.109:443 | wt.rqtrk.eu | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| US | 104.18.36.155:443 | dsum.casalemedia.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| DK | 37.157.6.243:443 | adx.adform.net | tcp |
| ES | 212.36.83.246:443 | a.vidoomy.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| IE | 63.33.54.152:443 | ap.lijit.com | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.218:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.11:443 | gem.gbc.criteo.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.17:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.198:443 | ag.gbc.criteo.com | tcp |
| US | 13.227.146.154:443 | aax.amazon-adsystem.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 147.75.85.97:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 178.32.210.227:443 | prg.smartadserver.com | tcp |
| DK | 37.157.6.254:443 | adx.adform.net | tcp |
| US | 104.18.10.176:443 | mp.4dex.io | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| DE | 37.252.171.53:443 | secure.adnxs.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.193:443 | 1f0d59f6f1f21b88749767cc990e7697.safeframe.googlesyndication.com | udp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 185.235.87.7:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.210:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.210:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.7:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.208:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.25:443 | gem.gbc.criteo.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 185.235.87.23:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.199:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.199:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.23:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.210:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.210:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.7:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.7:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| GB | 104.86.110.97:443 | tcp | |
| US | 150.171.70.254:443 | mcr-ring.msedge.net | tcp |
| US | 52.123.129.254:443 | dual-s-ring.msedge.net | tcp |
| US | 13.107.253.64:443 | fp-afd-nocache-ccp.azureedge.net | tcp |
| NL | 185.235.87.10:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.204:443 | ag.gbc.criteo.com | tcp |
| GB | 184.28.176.9:443 | r.bing.com | tcp |
| NL | 185.235.87.9:443 | gem.gbc.criteo.com | tcp |
| NL | 172.217.168.226:443 | googleads.g.doubleclick.net | udp |
| NL | 185.235.87.9:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.222:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.222:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | udp |
| IT | 157.240.231.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 79.133.176.211:443 | bsxplayerv2.bluestacks.com | tcp |
| GB | 79.133.176.211:443 | bsxplayerv2.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | bsxplayerv2.bluestacks.com | udp |
| US | 8.8.8.8:53 | dev-x.bstkinternal.net | udp |
| SG | 8.214.38.30:443 | dev-x.bstkinternal.net | tcp |
| GB | 79.133.176.223:443 | bsxplayerv2.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 211.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bst-launcher-sgp.bluestacks.cn | udp |
| SG | 8.214.38.30:443 | dev-x.bstkinternal.net | tcp |
| GB | 79.133.176.166:443 | bst-launcher-sgp.bluestacks.cn | tcp |
| US | 8.8.8.8:53 | 223.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.38.214.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.176.133.79.in-addr.arpa | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| US | 13.227.146.78:443 | now.gg | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 210.142.123.92.in-addr.arpa | udp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| GB | 92.123.142.194:443 | ak-build.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | cdn-bgp.bluestacks.com | udp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| GB | 92.123.143.232:443 | cloud-api-cdn.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cdn-icon.bluestacks.com | udp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| US | 8.8.8.8:53 | app-page-details-prod.bstkinternal.net | udp |
| US | 34.111.56.14:443 | app-page-details-prod.bstkinternal.net | tcp |
| US | 34.111.56.14:443 | app-page-details-prod.bstkinternal.net | tcp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 14.56.111.34.in-addr.arpa | udp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.10:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.214:443 | i.ytimg.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.214:443 | i.ytimg.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 173.222.211.57:443 | cdn-icon.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| GB | 92.123.140.34:443 | cdn-www.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 13.227.146.78:443 | now.gg | tcp |
| US | 13.227.146.78:443 | now.gg | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| GB | 92.123.142.67:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | sessions.bugsnag.com | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 13.227.146.65:443 | cmp.inmobi.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 8.8.8.8:53 | 7.88.190.35.in-addr.arpa | udp |
| GB | 92.123.142.67:443 | cdn.now.gg | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | 65.146.227.13.in-addr.arpa | udp |
| US | 13.227.146.65:443 | cmp.inmobi.com | tcp |
| US | 148.135.238.142:9031 | udp | |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 52.57.223.191:443 | api.cmp.inmobi.com | tcp |
| DE | 52.57.223.191:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 157.102.250.142.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| US | 8.8.8.8:53 | eb.bluestacks.com | udp |
| US | 52.52.115.199:443 | eb.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 199.115.52.52.in-addr.arpa | udp |
| GB | 92.123.142.145:443 | cdn.now.gg | udp |
| GB | 92.123.142.145:443 | cdn.now.gg | udp |
| US | 13.227.146.78:443 | now.gg | tcp |
| US | 13.227.146.74:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| US | 8.8.8.8:53 | static.vidazoo.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 104.22.60.119:443 | raven-static.aditude.io | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 104.22.60.119:443 | raven-static.aditude.io | tcp |
| US | 104.18.29.64:443 | static.vidazoo.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 172.67.21.232:443 | gtrack.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | 74.146.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.60.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.166.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.21.67.172.in-addr.arpa | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| PL | 108.138.51.113:443 | geo-location.prebid.cloud | tcp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 8.8.8.8:53 | production-raven.infra.aditude.cloud | udp |
| US | 104.18.29.64:443 | static.vidazoo.com | tcp |
| PL | 108.138.51.58:443 | production-raven.infra.aditude.cloud | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | wserver.vidazoo.com | udp |
| PL | 18.244.149.66:443 | c.amazon-adsystem.com | tcp |
| US | 104.248.229.159:443 | sync.kueezrtb.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 45.63.18.194:443 | wserver.vidazoo.com | tcp |
| US | 104.22.60.119:443 | raven-static.aditude.io | tcp |
| PL | 18.66.233.81:443 | config.aps.amazon-adsystem.com | tcp |
| US | 162.243.161.113:443 | bis5.vidazoo.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| US | 34.237.162.203:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| PL | 18.244.146.21:443 | tags.crwdcntrl.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.229.248.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.18.63.45.in-addr.arpa | udp |
| IE | 34.240.201.67:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 203.162.237.34.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| GB | 92.123.142.210:443 | cdn-bgp.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 143.244.38.136:443 | bst-appstore.b-cdn.net | tcp |
| GB | 143.244.38.136:443 | bst-appstore.b-cdn.net | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| NL | 172.217.168.219:443 | storage.googleapis.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 8.8.8.8:53 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 104.16.53.111:443 | support.bluestacks.com | tcp |
| US | 199.232.196.134:443 | bluestacks-zendesk-com.disqus.com | tcp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 104.18.70.113:443 | ekr.zdassets.com | tcp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| PL | 18.244.102.46:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | bluestacks.zendesk.com | udp |
| US | 8.8.8.8:53 | 134.196.232.199.in-addr.arpa | udp |
| US | 104.16.53.111:443 | bluestacks.zendesk.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| US | 34.160.86.181:443 | cloud.bluestacks.com | tcp |
| GB | 92.123.143.217:443 | ak-build.bluestacks.com | tcp |
| US | 8.8.8.8:53 | 217.143.123.92.in-addr.arpa | udp |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.104:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 016cb671605d14f5206b165997346b6e |
| SHA1 | b0c386454a797c6efce3d5eece9e24011304cab1 |
| SHA256 | 0793dfe9abd8f0cbfdb2dd2b22abb64635c1a1ebd6482927cab20defd2e7fae0 |
| SHA512 | a7a4b83ed3b830f82a63384436ebd732307dfc388c30ef05fb13af8b72a881647a396c5f5d7cbcab8109ae142d6b8fcb35c7712cf66edd64a02e532f9666051a |
\??\pipe\crashpad_4848_SNHLKJXKFBDDMXTP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8e6a1430c2db24d02c7b17479c193942 |
| SHA1 | 5b031344b0a2c231545ca387a37c86d0fe63df93 |
| SHA256 | 5ef2089855836ab06111d15f064d3c41aaee6fdf16f1bc5f6f8851a5dffd3365 |
| SHA512 | 481c4c63f3cfb377c32e385c459f15511137113e6560b5a6ad80138642c26018655b7a9b65903141b7309f9a20fa57baadbfde23125530deb2659b8da823c9aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 747f68b17e2163991b4a6225015af304 |
| SHA1 | 4dc347b2324ce1997f84a6234a23d9e7c46f721c |
| SHA256 | 24f6ff708478c89b39bbcee88a391a00c4df0f76327fe54fb0e5852b6b277fc5 |
| SHA512 | 8ede941b17d62dd81a5f598fe6341a4e113f1b6a2390b8d6518beaa6605b016bf60375eacec8a2363147905265cde173715b535d3e1bc94606909f392af88483 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 97194c73cd20d6acc7a361284a6c7200 |
| SHA1 | bbbb367b92ef19a22524adfdfd8c00c89e7ee076 |
| SHA256 | 4ad813f8fca25889f7955071b144ce6289a5651abb5c03fe5461ba80b67c5105 |
| SHA512 | fe64e276765156a8430eac0fe4a76b0ddf99907f5c0a08318b6bc7d9082d434375f84fcefeca041facfff9f9f2a935ec80312e7d057bca3f3b48fe1cf46dc059 |
C:\Users\Admin\Downloads\Unconfirmed 675560.crdownload
| MD5 | c8246dc58903007ccf749a8ad70f5587 |
| SHA1 | 0b8b0ec823c7ca36bf821b75e2b92d16868da05e |
| SHA256 | 347e7d26f98de9ac2e998739d695028fa761c3f035dbe5890731e30e53a955b3 |
| SHA512 | 02f5ee6fa5365498ea537f931bab82e3d95178cb8ca42a108030649283290520c27490557a2b642649533b935503ad240acedab005bcbf3dd7691f5671caf975 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36554cdc186cf182ca3b65e6072c0da1 |
| SHA1 | 966c751a192042f9151877b451706e55142a1269 |
| SHA256 | b502b8fb477e8349bdb79cf9f1aa13aaa4a7b6f7682b631c42fcb88b9094c0ed |
| SHA512 | e7ca0c8f9e82306a9580fe65512975133addec7cf8d9746ea81244b8fb19cbf18f0bec016f9ce5958da9ff107895a6c21b863ca69f578f4719136dd1c46326a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt
| MD5 | 45f86884f5e41082498bde9d0f1e277e |
| SHA1 | 439e65a95284ff4a6ca9ff116c47efd98d953834 |
| SHA256 | c81891297dc3eb4f919ab6cb346f95ac860d7982d1cebacbe61e4d8f8ba3f09a |
| SHA512 | fb7acf523f5e4d0f266ccde629388d9fdc41460233ec3b725684bef094a94d31b488db4bb8ab62c5f4b3054e724800a89f6e2e99b276edce59003916fdb5579f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe585ba8.TMP
| MD5 | d6255fd9df4bc19c322c12755c221797 |
| SHA1 | 20b059a0bb80a69b248b87a7e3268bc87e37940e |
| SHA256 | 3f6dde38c3ff5d7e6c960b362558c5a9361342f441aef3755d5f338a9ffce381 |
| SHA512 | dd22bdbfe74037d093e19d78595cf42f6d1a06b9e18f42f2e37cc8db6fe518a28a45ce43db464763ff277290b3b2222a2f804ed2b6c9bf8b44f5adf106e13622 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea433a98ab330f2a57e6af8a8f402457 |
| SHA1 | 44c5a287a56ca90a541c91a79d450a88e69eb937 |
| SHA256 | 9477874927b2e771f67b809b2f30b191f48c137a7fb41163a2c16bdc2dab2102 |
| SHA512 | f2399a87e250753720a716dbdf155e3a3e502a80db7ebb135ec2885549cf9768cccccc9c892c94da83dd70a08858ec23b6c6bb3b503282fb9ea569fb133cffb0 |
C:\Users\Admin\Downloads\AnyDesk.exe:Zone.Identifier
| MD5 | 0cd27a98a4e887b225ed61ed89c3fb2a |
| SHA1 | 8d7037d266c84b349cdc13093a96b6610be0c471 |
| SHA256 | f884353322476813d87a74247221be85ec8f9935042604def739ddf4a138c12b |
| SHA512 | 4eb88311be3bca80cb4469fa48ef14aff5c008cda3dc825bacc349e68c2873afd1d9d1ca7c53cae85eba86d89048ada82e1ab8eedd4db6dc2aab5a5e1aa72f33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 45efed5f4ac5dbd7ca6450ec14a49bc3 |
| SHA1 | 837c6d31d5fa6c40f5ad61992413b644ecc6c3fc |
| SHA256 | a59a59862c8169ddf310cee1d26f5abe172c30b32aab140af100730cced05139 |
| SHA512 | 13c50d9f379c7ed49a294ce504853a7c65b70191a880e725d560cc1a5b0cabae150444f6292a2e8607e460c965f09808b90463d72f8fedfb64d308806af22735 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3288692563d4dead4dbdcdbfdd3bd358 |
| SHA1 | b66bf1b921f0a38a2d033734293c0cc0d320fbe7 |
| SHA256 | 67b34e7ec4d23bdd5a226ad7223c53faf98db5b116a5d28cb697462f39ca07d3 |
| SHA512 | b7e25bc5efaf95d3a0bc05d0e00df5cc9f2305f76d90b19cc60d8c8617f659885fda867eaf3e3c247d03386e79aff2343421b8cbb85be3d958a7eb486a729e55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7b1f3373e0088910f4e5ebda3a123d17 |
| SHA1 | 1236b16893614cb478abd6f2fe12596fcf0ddf39 |
| SHA256 | c82121e72589ef5d16bd842e61025fa343e63bb05027c245a1d4165f2a8ca70a |
| SHA512 | 4c5896c57e7493009e248169c57f5c170d51a216bb09528df3843be22770bf33c5e851d712bd8303a257866875a67e3335d49a575324e3212ec19a6a0e8c5c0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39eb094ad44c44ded40ba91912aca64a |
| SHA1 | ef96119a73bfaf2d4d5f0c678a034863522eaae9 |
| SHA256 | 9eb42001db056f51d0d7cdec54465b15838fd26edb157e214925d45a3bd7be10 |
| SHA512 | 3a93c7234d0b06bdadffbde6c821e7d9f4f6dcddce2b354e63d627e4f01e184f67fe233cdcf88e31eea5d90e7ad91818d03f9dd09ae6539ad33fb6a4d8f82d4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 845826acd03d3dff0bdc45d2a4f57770 |
| SHA1 | 2dcef503104adb66a7351ab2b4ae0d3ec72735e2 |
| SHA256 | 751bc856ef0594d2b14243b4c21049fc786daa5e76d190c301303525f8da7da5 |
| SHA512 | b3c755c48f4fbc663bc42437f51638ed1b22cd1ac0ff27ce0cb47bd451ffc7818710e62a5d0bc81ec2038285a872401b75419c8ab62d004ef0b0f56a1044e8e7 |
memory/4812-476-0x00000000004D4000-0x0000000001726000-memory.dmp
memory/4812-477-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/2152-487-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 046ffa109e5302c7f8eda3c58a16ccd7 |
| SHA1 | 917d3fbda30bae6d77e7ce9d6bbe3d8e1bd545c9 |
| SHA256 | 6886ce966e826a47eab26ae5cc72316d8a255e4fe99fa22c44d6b98cb63c4319 |
| SHA512 | b5ab8322d94eae50afd7f94a860cc23f995315bb56d9cdd2afb2a0e37501f168e6049a82e15c8ea4fd4c122834ff9b9caba9533fe2ead7488b96a89aa5cfd1ef |
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | 640f1815e828506d3086125134eb5e3e |
| SHA1 | a3f67ee394471b4383b63a43e2f8231102e7a5be |
| SHA256 | 3b1af4aee4a4e78b5003375340283c3a897136567c8a4debb6197bfa41d401cc |
| SHA512 | 791dd6019e1928db2abe12495ee2b03d3ec272359ee0c2d17989e1f15fa7b02f87f24eb27c2629a203aafd0cc46c1ade3339a828314bdaabb1d4b22df747dad9 |
memory/3000-489-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | e0ed1c18001b99ea753ec34a9c75c7f5 |
| SHA1 | d5ae73c57a3972193a89d4397c0b210040c217cf |
| SHA256 | 44c2d7af43c5f8f4d02ea705647dac4bacf86be9745eb4248cb71bc148407301 |
| SHA512 | b6e95ba8cc8dd9758e10744c13abdbec9bca0602931bb3722cfc4829a15cc7fa902f80cf94f3f43140e13cc7742117498c1bcd81979cbef541e2cd1a791136de |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 0c04ad1083dc5c7c45e3ee2cd344ae38 |
| SHA1 | f1cf190f8ca93000e56d49732e9e827e2554c46f |
| SHA256 | 6452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0 |
| SHA512 | 6c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492 |
memory/3000-520-0x00000000055C0000-0x00000000055DB000-memory.dmp
memory/3000-517-0x00000000055C0000-0x00000000055DB000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 7f2d6cc6b1985c5e9baf3904cf361a46 |
| SHA1 | 3c77f7f5f4c493b8a5b2a36456a0833e92659447 |
| SHA256 | 488ca7e088b99048e09170b5d6c07df2fe3c7a690b49572bd1caa2fa01e09858 |
| SHA512 | 776536858adadb35482829de9f4becfd8f2fd897e5cc8dba46da139b13dc52b316dd3f9115c1c5926f8dfda96d54d9dffad282d2af49f673241888b30bcb4d9a |
memory/3000-521-0x00000000055C0000-0x00000000055DB000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 4a95ae01f64271ade11d6116066d1efa |
| SHA1 | fa160abfd4324c6e10c65f8b5c35620da26304f8 |
| SHA256 | af34ec2b5c991870bc2a0a91ed0b1635681f063769a822bc82cd726426bacd06 |
| SHA512 | 3c8beac203ce263c653954a0f1ce77e94541f6d17508b17db29c321ade4a8744f4464f027e5838b39506d72bdf24c0f7c267b9486a50000a145d04bad4868785 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 77674c32de2b9011c939a7d1706f392f |
| SHA1 | df543c7a4c8bcd5b34be9201971a0d4955420d07 |
| SHA256 | 57e13fe8385d2bf1025804a4e9cc35b4b0281f0baf7e83ab91378d246f827c37 |
| SHA512 | 7b1b64af65d87266766ecd439c8291e5060f3efd0d747bc93baf98cc24ba2c48800f700151b7b15c6bbfb7e0747643dfaa1a42ef2a87bc6b641d3015421303e0 |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | ef49ce4d1f3f54bf65982e91a2306437 |
| SHA1 | cc9b7b4c01ab329c8ee5e1dc0ac994de705ccaa4 |
| SHA256 | 59e24e5d112cb57a50d54368cc363d3d2f29101dc7e46768d12b412d71d80859 |
| SHA512 | 35287e6a0595c36ec99b875d33af7274e203495dac352d59a23cb340c1d86789f183c85a44c9cbbf4f7428cd531344d74b149ed73527c23688dc581f0817df9b |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | c3dbfd4eef39e951c2d6b2fe0298e901 |
| SHA1 | 8eca21987d77771fe33b101ff6cb2162d6c6765a |
| SHA256 | 86571c7455949e6cc64a7fddf67ba59777ab5152127d7f1cf39fa2143a8e3f56 |
| SHA512 | a98ae2ab5cb4ecf562a79bfbbb05d10d3d21802e7e0359e963f30e1c23c0bf82d043d26a6b1edcffd6861e7c185022ad8218d62a97650a6c74be59e5783dd2ef |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 003d86a17644a4f97e367a7498a2f0f9 |
| SHA1 | 588971478d82ad85f6d902f2b0cab962bdf47fd2 |
| SHA256 | e4a8e5975b7edd4a2345defe5625dca76c42049b179bd8a12dea386b640f7218 |
| SHA512 | 022d9525468ca2893a9762c426b7b4e9f628c18ef435edee8b083c0b34997587eb951994477cf6df3cab4add5adf2e6577c22ecd32d2ecf341f55b50078d67e3 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | f6d946a093295353ff69403bac0ab386 |
| SHA1 | 9d8492f19c13d9a115ab2597184857b159983cb4 |
| SHA256 | 3c5bfd600cae342dfb78deb040f5ae3597902d3c377bb254fd534a3f962bf470 |
| SHA512 | dd81eea7b18d8352827fe8f8686f32660b93ffec8165cec2cf378c240fa951cded16fbaffaeb223f5250b1ccdccc98cccf9a841e763d60914c64e1f466cb1015 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 163edf37e864e72ce5aac8eedb495268 |
| SHA1 | edd33cf935b19855ab36c4a2848325ee45b76ad6 |
| SHA256 | a79482f117517b209be68b88f77763a942ee307dc79019eb6978ad40daae0586 |
| SHA512 | d1af527a1bb5dd475dae8d7aca576abdf43b3ae959651793dc4a8a3bb5178d5a58e7d1f75d6eb916489fbaa22dd8e7dd2d8451565c71b102ea684dbf8d9c0a08 |
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf
| MD5 | 25d2d05b1c28a35a5ceb593c90056699 |
| SHA1 | 8dc2e83fc335f5b74d12f266437ae4558cb8868e |
| SHA256 | 7f157ea82574f49389170131d85a9357f78aea2c1565764fc144fe12fd58d001 |
| SHA512 | 0fa30f926f1cde7ff04569f1c9a568dd15b0498e3e55faf811e8c2e6bd24410110a6ba1d637f840469e36ff50da236463731d8a3c476fb326f37010ebda9a68b |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 9b2a8c36acb751cc1e9ad2d9b833f0d0 |
| SHA1 | 2ff80cbe103f9eb1c3f98e96a9fc29f7d92389f5 |
| SHA256 | 4264530cb4b0880e3910cc97352bb1e340c6fe361e3284062ca280f436fd9d12 |
| SHA512 | 82aa7e6ac846f5cd6842fdc59363e50501c4d029a8eb23e1dde214b61c4dcf28752cd8590f9fb8224466b058dcd8a3fae866465cb33705ebc1aa6627e7896faf |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | f9dbdb2a05c977565989dc675d709a5c |
| SHA1 | 14f1d36925cb1f9deeb96831c232e580cfbf07c0 |
| SHA256 | 742432397879ad27e2b431c7d6ef1c551a41557185b807402d80fb8630a8382c |
| SHA512 | d0218f9504ccc776a072864ee2bf75efae3134ebb0468dd50db0ad9d31f1b1947a187067e9c41f60184b514a6fca763dc8ad9736ee967894c40add1559d6acb5 |
C:\Users\Admin\Downloads\gcapi.dll
| MD5 | ecb9969b560eabbf7894b287d110eb4c |
| SHA1 | 783ded8c10cc919402a665c0702d6120405cee5d |
| SHA256 | eb8ba080d7b2b98d9c451fbf3a43634491b1fbb563dbbfbc878cbfd728558ea6 |
| SHA512 | d86faac12f13fcb9570dff01df0ba910946a33eff1c1b1e48fb4b17b0fb61dded6abf018574ac8f3e36b9cf11ec025b2f56bb04dd00084df243e6d9d32770942 |
C:\Users\Admin\Downloads\gcapi.dll
| MD5 | 1ce7d5a1566c8c449d0f6772a8c27900 |
| SHA1 | 60854185f6338e1bfc7497fd41aa44c5c00d8f85 |
| SHA256 | 73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf |
| SHA512 | 7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753 |
memory/4812-676-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/2152-678-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3000-677-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 73ef1449da17bd2ce4b477f2217fbc06 |
| SHA1 | 20dd8fc35c59ce391989662df0d47017eb157729 |
| SHA256 | 0bc410dcef1ad2482a5fce6fde981cecd69a17740c71afa2f331395974fb2833 |
| SHA512 | 6ef6978147fd7ee3d5d6279a12959e6ba1ceefb13d4a17e6512e28e3cf783908f56cffb4da94291e873e74f91f81baf3fd078b0d951b7859b3d5f36adfdf081e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a599d0d2b35c041613f9145a103dc77e |
| SHA1 | 70b53b9ec703cb7c57fe1b257fdd02ca882ba26c |
| SHA256 | 1ac7d8eb25ae22fcda69fe2d5b0a13014f923935fb4b778453a81ddc66585117 |
| SHA512 | 5ced0cbb6f0e3cd29c3b94d1537384df1b39da1bbee365cba8cbefb0ff2d2ec5c679bc34af9c6ce7526912bbcccccd53e78b3e48db8019128ce72d22fb112c5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 205327c555dd960c2a333e9f24c32168 |
| SHA1 | 9ae520e9733951f6f8dcb0d1f1848c49005eb578 |
| SHA256 | 46585ef29b0c5266c921642c3fa4aabdf589b9396b6b44fc8fc0e7861e0db89b |
| SHA512 | dcced7440bcb06b15165f3d13b104869210e99611574b5047556d92054502d07dbd8577b6451df854c0db725cb3416c561d36d855104ff9a2243b265cec99599 |
memory/4812-715-0x00000000004D4000-0x0000000001726000-memory.dmp
memory/3516-717-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace
| MD5 | 328d0d8e165f52b827a798ebf9442b8e |
| SHA1 | 6a23f4aa3b989c8fc6549069a180e0ed575a2875 |
| SHA256 | 8e6da1a58a7ed4c68e9cc423a60f5cb9bf2b9627a921574f463d4be68987b28a |
| SHA512 | a08318051381e673d6ae95d1119f0ea279348f6394ed3b874a2d01b3f4481c47780683a5077046b832711c5c11d00b5566847de28e674b8541d7fb6f8bf5fef1 |
memory/3000-725-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8b35050adb2b1ab51d59d22e204ac2a3 |
| SHA1 | 51281d9088f8ddb46f24740c3d07e68cba06a5a3 |
| SHA256 | fae997da890f0671aa98fc3af9b65351d5814be3bd7ba64a18a5ce0d822bb20b |
| SHA512 | 32a082388801a64145b8d7d3ba0ee125e2e7d789fecfdd5f726f14fbaad8ab48ca9e55004079de0b40961ea5068f08a5123ed0c5492a55d34d2abfedbb9a1378 |
memory/3516-737-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3000-742-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc23ffb282bee430fd80f8ed2e0a5651 |
| SHA1 | 3d183247982e6e13c378e5c4c40b052ee0f3abcc |
| SHA256 | 19535a06af58a2301aa09d8709ecdc8f4a1887aaf20a5b01df233a41e51a4238 |
| SHA512 | 5f9c24697b509811cf81244fc4c4feed007375e3a34d3f28620f6cfc3c2a6938fd68adbbe5ed41dcfd63c0321439bea5d42cb0c462a1ed54d1d401d2839504a3 |
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf
| MD5 | 79ecf9eba0e4cad49a0aebce8d7276bf |
| SHA1 | 40eb8ff45cda804a9f29c64fa7a77994712918eb |
| SHA256 | 292d9babf221723218e7f49b1ff7aaf49802b3875ba8e48c725cf6aff8efdc35 |
| SHA512 | 4cebc15a498e9d4dbe8b5dc55c488c170fae8cb4bdcea781cf81eb3e0f1196587cefb4ad3b1b598ad292f52dd9a3b06db0fdf3ba2d2a456774825724d46be1a0 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 05465953b1a35e424d023972789fc0cb |
| SHA1 | 078669c4afaab535996897baae344d69a6046d34 |
| SHA256 | 7b914de9a635d508cd26f9863ae276d14890ea850b84c780953cd4a3f9bd6789 |
| SHA512 | f84834ae070ad919976cdadc8e813b0b036ece274f99f25cd842b8995cc5074443c1a6b7abbaab85af84b01235870f09380c086eb15cf3efdcf0dcfc000ac6cb |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | a68aaa86ec43d28bf909f864b4caabb4 |
| SHA1 | eb9c8b99482a650bba98b0f24d7d33563d850bcc |
| SHA256 | 28c885e6a55f2c2d0aca815e947727a118fa156ca55faaa631212dcc988274aa |
| SHA512 | a243676031e65394fe7381b6901b520eca3df1533df14f69d0b5bbcb5970f2d4913430934d19394357e3b5e64d68d56bf7d582c670519250538ad4f7c0ff00f6 |
memory/4812-937-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3000-938-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/2152-939-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d21b10a10d0b915ae65eb7ee33d87083 |
| SHA1 | b781f25d171f9bbf7c67e59ddf6659e36b00e883 |
| SHA256 | 9a3417e0ddd228d98340ca3f094c3241a14b095b9046f3a3ae17542c3b16e94d |
| SHA512 | a2aa672cce7f9a0c9f9ea3c7387a8cc5247e9e4550a23e67e4daddf6a4df9ac335bf818a9a17233728fbf0a98bb966bb5954a26b82738754c1a1626ba94aac5a |
memory/3516-949-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
memory/3000-970-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7dc7b69998140be2769d81a11ed18dd1 |
| SHA1 | cb949447481993bcac10265971b8ba2d394e941a |
| SHA256 | 123a5db3e5d87b0058a06c88d423c58e9f25cf2d853f455e6f9008d30a1a14e1 |
| SHA512 | cee3ca5faeaaf7e024663a2d63e086d12ec93ec0306d4622261593c3a3998f2fcc7394e2179a97adf0e33fcd542e69719e6bd8729a646d54c00fa2ccbe1e6a26 |
memory/2152-988-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3000-987-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3516-989-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d9fc6b554cbdfba474f25f807342c830 |
| SHA1 | 9482c13d267a7688b90eb41e3d30e1062fdc6d69 |
| SHA256 | fc68c190fa7498215279dbdd5b4391ead4da34dc28aa5bb28ac83136541ac125 |
| SHA512 | 69cb35dfd8c9141ca04ad24f3ff87baa4eca8795905aaa90d02acc2afe152d84ab61cfb7a199027593e94d5b12c019f8583b21f6b21d95424307ffea5f2d27cc |
memory/3000-1000-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3000-1004-0x00000000004D0000-0x0000000001C3F000-memory.dmp
memory/3516-1006-0x00000000004D0000-0x0000000001C3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5ecd6dc6bed53f1722b6e06056cbed4 |
| SHA1 | d7cfc6ae1384fbcc839e52090c288af6f5fc95e6 |
| SHA256 | d2d0d0cc8e544ac0d4049274d342e883bb7745c421edc3563bf3f02719265b91 |
| SHA512 | dc29f9a26fe18a99c2608cf35b97f34ddca8a189be54a6dddc77cdc427023f62b642face856a3371e41a1ed095c6fa95a35fc6cafeb86a557c5a26cd64db2b5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a8f5fb587fdd883ad994cba21286a45 |
| SHA1 | 9cffe42f9fc9d786eb22569efecf5d4cb11951a7 |
| SHA256 | 297c39990a5b47b18cb7674c6529571bc2a0152d8b365b3e42a45a440abb582d |
| SHA512 | 13b271a30d1a0bf7f0f98e23506e1db13f95a112e674306503852a50a1234699f1fb823675e5bb5d0e8ccaa5315b5c3f607abfa614d0d7b3db1cccc6a6c8b391 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 215d065ba48cd4220b781dc14d0c9a10 |
| SHA1 | 485fd26352aad7e6cfe14e9a23f79a1cf9cdec3f |
| SHA256 | 7456e8d782206e6cba7b1bc1823735dee0f23e058543b721f7f9f670b5166f5a |
| SHA512 | 8a586159aec8888d966f0c871dff30efb9bfebdb1d7809b7370707544280a133dd2bec046229d76dfa3a56cc0e381e87968528b94472e714a0db06d9ba0f623d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e65eae883557873934f7892fe037074a |
| SHA1 | e1161c77ed4ef3840c67c7322646b83ed2846e55 |
| SHA256 | 9a4c5e72027f5b9398d334f0847478917327d036f54f1a5ee9d16400b121338e |
| SHA512 | 3ef2444301630440e74e6df20cd2e0eb15eb45c4a625e6c030ebd57b7f272421a2c584454d8bf95dd09ae200616007fcc78ff1c06f7803524caa5165966c97a4 |
memory/4812-1079-0x00000000004D4000-0x0000000001726000-memory.dmp
C:\ProgramData\AnyDesk\system.conf
| MD5 | d67dcfef6ebac9d48fcd7c7e7fa44b2c |
| SHA1 | d53718487319ff7a982eba4da3bed6ad7f82b51e |
| SHA256 | 73a44f8ec337e3cdcc3f42429b946e4e20bc59857c9c9e05c1a07f80c1e2513a |
| SHA512 | 04e4797b1b469e1de5f0d9528ccaac4fe384e687cbac633ea36159f56a2fe896f31c85d06c8da832d6ed43d673a0281d896143a70a56dbd7d1f2a03d7098861e |
C:\ProgramData\AnyDesk\system.conf
| MD5 | a27131da7bbe3ff934d551b1ab38a799 |
| SHA1 | 977cbed58824bba3eb27076cb7270541672ff052 |
| SHA256 | 35ce209fe3f9c5d23ee93a35e4a7ac0095df7253b0cc31e3f624f9d8f04a25b3 |
| SHA512 | 9e86a63ecbb57021cdcc43e8b37601210c9c8e33231f723e24c39729fb87cffeb533aeb834863d6566fca8098d0f8919b7211318a035e2ecf62e1a3ab288bb6e |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5521.tmp
| MD5 | 1e4faaf4e348ba202dee66d37eb0b245 |
| SHA1 | bb706971bd21f07af31157875e0521631ecf8fa5 |
| SHA256 | 3aa636e7660be17f841b7f0e380f93fb94f25c62d9100758b1d480cbb863db9d |
| SHA512 | 008e59d645b30add7d595d69be48192765dac606801e418eeb79991e0645833abeacfc55aa29dae52dc46aaf22b5c6bc1a9579c2005f4324bece9954ebb182ba |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5524.tmp
| MD5 | 6d1663f0754e05a5b181719f2427d20a |
| SHA1 | 5affb483e8ca0e73e5b26928a3e47d72dfd1c46e |
| SHA256 | 12af5f4e8fc448d02bcfd88a302febe6820a5a497157ef5dca2219c50c1621e3 |
| SHA512 | 7895f6e35591270bfa9e373b69b55389d250751b56b7ea0d5b10ab770283b8166182c75dca4ebbecdd6e9790dbbfda23130fb4f652545fd39c95619b77195424 |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5523.tmp
| MD5 | 0d7876b516b908aab67a8e01e49c4ded |
| SHA1 | 0900c56619cd785deca4c302972e74d5facd5ec9 |
| SHA256 | 98933de1b6c34b4221d2dd065715418c85733c2b8cb4bd12ac71d797b78a1753 |
| SHA512 | 6874f39fff34f9678e22c47b67f5cd33b825c41f0b0fd84041450a94cc86cc94811293ba838f5267c9cd167d9abcf74e00a2f3c65e460c67e668429403124546 |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5522.tmp
| MD5 | b76df597dd3183163a6d19b73d28e6d3 |
| SHA1 | 9f7d18a7e09b3818c32c9654fb082a784be35034 |
| SHA256 | cba7c721b76bb7245cd0f1fbfdf85073d57512ead2593050cad12ce76886ac33 |
| SHA512 | 6f74ad6bbbb931fe78a6545bb6735e63c2c11c025253a7cb0c4605e364a1e3ac806338bb62311d715bf791c5a5610ee02942ff5a0280282d68b93708f1317c69 |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5536.tmp
| MD5 | d4ca3f9ceeb46740c6c43826d94aba18 |
| SHA1 | d863cb54ad2fa0cfc0329954cbe49f70f49fdb87 |
| SHA256 | 494e4351b85d2821e53a22434f51a4186aa0f7be5724922fc96dfb16687ad37c |
| SHA512 | be08bc144ee2a491fbc80449b4339c01871c6e7d2ddc0e251475d8e426220c6ef35f67698b0586156f0a62b22db764c43842f577b82c3f9e4e93957f9d617db4 |
C:\Users\Admin\AppData\Local\Temp\{79a5a7ad-243b-b843-934c-4ed5d6bc7a5c}\SET5535.tmp
| MD5 | e0d32d133d4fe83b0e90aa22f16f4203 |
| SHA1 | a06b053a1324790dfd0780950d14d8fcec8a5eb9 |
| SHA256 | 6e996f3523bcf961de2ff32e5a35bcbb59cb6fe343357eff930cd4d6fa35f1f4 |
| SHA512 | c0d24104d0b6cb15ff952cbef66013e96e5ed2d4d3b4a17aba3e571a1b9f16bd0e5c141e6aabac5651b4a198dbd9e65571c8c871e737eb5dcf47196c87b8907b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms
| MD5 | b9ee014ac6dbed8c1e20fac6adc66186 |
| SHA1 | e0012f9cec6eae85b99d7cd7bc4ba1b58214ad5c |
| SHA256 | e016aca0a88fb26a33d76fe4646011efee4cc23f6cf2bcda60972569880ae044 |
| SHA512 | 4c4172e4435dec9a0aa7ea1ab9f570d600871b099b414be5452ad04265cc66900eb4166783c25f2721739ad8f2a684d66e12249837c4954b20e6336fff92bc9d |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | 8ecb9428982c703c3fb9cb84e08c413b |
| SHA1 | d4a9fada80d43b2f72ab4b16f692792a9397ac67 |
| SHA256 | c9e7a70ad180f612e87072ea6bcb01540dcdeb47aca2ce26134175fafee13ae2 |
| SHA512 | a4f55dc499daf57f10efb56dc7edb69f38263a829238c0984718ff7e7e432d128bc1c57870e1a67e17e658e83a92fda7db0dcafeb47a86593b5b875bcbe14ef0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4f80b73b22e77dc255cb8955fe0aba12 |
| SHA1 | c0c661f26705e6f2383e8ebca963a3d4ee9f3784 |
| SHA256 | 9cfe9a8c100a23e7227f164e622a1f65878e0db655ff1366247825e655f6d4c3 |
| SHA512 | 154f659d2c8cd9921b0745f1f1021327905b8a9d04a191c749ce1cdc205a4ef38be367ccfe9404e5c51795b40e2c6cdf99af08525814d3a53e88bd418744494a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4eaf5eb1d008a30ca5158a68eae0b5f |
| SHA1 | 9c008ffb62ba231997af494bb1715b19da4fd041 |
| SHA256 | a6d0ef227fe1e2249eed3e2ab550ffe934bf970b8d9de7432adff485727400ca |
| SHA512 | 95efbd96df6cc630c2597f1dcdce9f107bb05747f43d837c691c10249377f41904f8e89831a37e3c924aaea4441dba7e803505254ec825e473fcc75642281b69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34e669b4e0b0e95e513f66843d5459e4 |
| SHA1 | b118fd27196b6147a64a69961655f73fc322a44b |
| SHA256 | e240479cb9c5809bdc36420e6368651b43efa6691d9f957e63ee08c8be4ea8ad |
| SHA512 | ef006c715aeccb3d5a9be8952731848236f98de8e01768ec6678fc005a3f2529695b950aa6aa624484c6cc9c8b557cc354ee9040fa7cdfeb0fa80c267040eb08 |
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf
| MD5 | cb4e1efdec6b7ea25751db7e8058072b |
| SHA1 | 7f4101ec6fa3a34c40d53a0607ec80fe2dad6017 |
| SHA256 | 573c7c276b67532445ed92d36ee9eb0be3d99e0a9f21d425f996f18eca2e1896 |
| SHA512 | 32442849c42c3f58cc281e4ad5607373cd923823ff9c0b3fff1d021ac737733b57ac44da8b7ab90ec8bda1e32243259f8590ca0f2bc24aa6fcf7bfb8122e77d6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\75fdacd8330bac18.customDestinations-ms
| MD5 | 7c3ff67b61d8e616feaf8163b7132fc4 |
| SHA1 | 2ae03a918b89bbe65220877f7f30984431aa7436 |
| SHA256 | 248c74486176c903a2cb27aced581b369a1fa3d9b8b6796d422ab7a256cf9f92 |
| SHA512 | aa906bb541b49399e09aae02ea9dfcd4508a749f10ac6c114064d07b3de474e60dd4b8e6d7e1df3db69f1c85fae33a5bfb3a34f62b9ab2907088c2616b8a344b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bacf9138892acc5e6a9c9d3a36220d42 |
| SHA1 | 4a8e24ccf1b2982f9a27a3ce3a8801658e4f9127 |
| SHA256 | 8e79d64b1fd63016800f01f8930e26bb8b3bc2ffbbe425b437d6fb6daf0bf416 |
| SHA512 | 8b56d6e824008d9876d7098772bc4f7419aeabc0d93ef8bf5f41763d0e17ed5f2de134b9ea8d6611cabef8bc1a2c09c4ea4c0eff5950b46f3332d5626b6ac369 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9dbd3f0ba76b8ea41cf980d55d127d91 |
| SHA1 | 6d9755f1fc3491ceb354586187ccfb9bf93fdd50 |
| SHA256 | c2e2f9ee9c81292f83e58058836dd571eaeff657a9c90ac0fe6c59c3ad6c63f9 |
| SHA512 | d0252a0014881638304095fe12fda799be74c3709b7ae02c6aeb2d96913623c2baab9e006400938ff12528906587d2e6792539fc63863a4fbccd370fa8b6c4ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07de00748b010b9e4efc4a473089778f |
| SHA1 | 9852d52cd02583fe3856c20e5a83773373d46dbd |
| SHA256 | f1a204078dbedac3e5ba4913799504eec53bc965ebaa028042815adb5cab4297 |
| SHA512 | 918b4c0c964a4ffd0360a5f1e32ff9365a7b57c44f114974d59d5e466ed8408cef60d69cb5d7239535a2c01619621da6492b3df707f89ec525f8b6f7a8808129 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e69f87afb365d855195fb16e1d999ee3 |
| SHA1 | 37a598cdf0ca95e7e721e80198f09bed1cce5410 |
| SHA256 | a52265a8cf4b09053dfbd0751466017cb90c0e6245f26453cd34d828e9464c23 |
| SHA512 | 4a31e7b7212952b21835b4cbdd60fb68da2b2b34d992abc16c033a485493d363caabe8b8b50e3260d32918b82933cdbfe3bd21ba43bc0cbe1d6a220f62e2a138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e7bb606376dc65852808f1545e9cb8e4 |
| SHA1 | c915aae39ae1ae160c5632428bbd17b53565f108 |
| SHA256 | 94b4d2051007069265620a725d2cf01fc53c613ec98e0449d986aca5499d8e4a |
| SHA512 | 39e217235e763146bcadd94b3c753a1625713fea13673997579f76ea40329aaf195cb4caa1a3d8b59f9958dc5ad9fb86919d2605e598ba7c6df1d073aa582505 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3e3abc76ba2223f7a72e14ae610d1b0 |
| SHA1 | 0448c60c405c2d8be5546d7216c5c48986ba30a7 |
| SHA256 | a809b33524a450187a90ae73d4183dfdd0e5911fe7d5d4fbd65177c929170b03 |
| SHA512 | 66b59e7896417f49d38128438cf6148a7f86f0e7a8a59bb4ed45f6b57afabe85b3e23aa0bdffb79e19b4f6b5da645bea87fca95e7896e89a57660ec3b33cfd45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb27b6f20eab066286cd4364d9984e52 |
| SHA1 | dec83dc3b8f1eec027359ddf2513b8f3deb93bf4 |
| SHA256 | ee1d3078c851aea712423303d07e919ae53e466c34dbe9bd252ae25060edbfb0 |
| SHA512 | 5291efb23ffd69cd190caf2360f26fb42398545ef0dfa55c16fd0599a7c74b2c6578c830b9865e7b1d7363ad4625a0c76db72f0fb001073a2fcc199a175562b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb214c79ce206da16bbbf4708ee4b4c3 |
| SHA1 | b25bd08ee265916045493d36eb03d0e954dc8c2d |
| SHA256 | 6a3dfd1774a1a44d7b868a360bdef889e0e2b5e75585f4f54decd44568d48f93 |
| SHA512 | a19f903e9a8c30cbecb192dd0be65536883824203a75a02d4e3766e99c092bc6218bdc14b8b0053b680b51eb23099341a5b78e5c80793eb5c59ac3cd456e1613 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7cd16ac7b301f138cab85003171fa408 |
| SHA1 | 44541361de0553cbf9a81fafc125bb4904fa7806 |
| SHA256 | 2b09e2f929477f9ca3aa62d731f2ce2e0924881061d06eac71d07eee22a6c4c3 |
| SHA512 | 865979ab172e75c6c0e5c0fdadf312bb2ec3fe1cb104510081a349873a87dee7319e3143d6836f8db72bc58f4e718d558d40d0f89040524f401733020136fe6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82cd263fd6f5a6f9f516a898aac41647 |
| SHA1 | fbc2444abfe1aef3c52252bda75478a776606115 |
| SHA256 | 908e1301f7df2331ccaac47e8c7c7652fd5925b29e267c03a1cc9a5c75e25647 |
| SHA512 | b5e1effb45afd3aec3fcf081880e8d205a01e220d96c2009b9ed24fd5e4834ad2a78d5730ceea3e68d239ae69a2a098735dfeed44c32636966a42495c33943aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | d56c90cf1ff6567d934977fb178605c0 |
| SHA1 | 2ba4bf90593b46f86073a990dc239b2ef9c15bec |
| SHA256 | e4961ea48767fcd80a6c626350ec730c8fbcf7c84ce5a5097beb96af7aac2fdb |
| SHA512 | 6dee81c94e4b04831a3087c3016666a06a001ef0f5da9dbb0a1102e2da6caf60dcbd479e47a18bc39a7f8da7c0a3024a05c2913408a8acf2c890e19b2d9ee0db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c2d705e91f5f5c8f90c69c3dbf63dfa |
| SHA1 | fb95faef9b290097b96168722cac1a897e7ae00b |
| SHA256 | 090bbded7f6490f6c52b0cebfcbe5765cfe0f670c0c82649a59b06af67e0028a |
| SHA512 | 3f27dcb61e3a607cc60ff02df57513edb7079d6dd4a728e43b4639f14892f110c263f3406b3b34b39ceb9e545d4095504bccc6919b5b78d6c545f46b58c34844 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 97ace068419f50d356b98efcbf73c0e6 |
| SHA1 | 43d5a893ce66a1f1b2906a0a76b445dda377e9f7 |
| SHA256 | 7ef13cc935fdbdb2f9b0b7acfe730a884f43ba571a876a0df7dfe5315bf34d2f |
| SHA512 | b78713aa07511abbdd7e2960a669efa07fa79f190f38edd305f91a918380b612cf9ee7fd5ab36ec60a17ad82e3b5070af14b8c741b1f04ece06087c08ea48a50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9daaa0811f30d8af54bc7ec893666856 |
| SHA1 | 24aa14c5eb6e0437ba96338c485381945fde1cd5 |
| SHA256 | f28b396dbe0d06204158f78d5ff82776c8d6ee599937a57bb54fc369fb8b226c |
| SHA512 | 8fe33cfd25d3f032bb90c832bc359c81b8d0a0b30cac362516429994fd95b98e2b6a89151c8e79069da9e0f133c30e975efcd069b87e9e4f5274e3ef3e9968a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78d6377ccebd1f791dee0b42b4960f90 |
| SHA1 | c5025e0a95a13380951468de55daa9f057396402 |
| SHA256 | 22bfbf2696ad2d27d9f4323ec49fa67b9c5c1e5a26e3101e18892f738b482c8e |
| SHA512 | 0c84560b48b85afe5b29a5b43faa1c34eb443747d3e26f194e01ce5c4d92200cfcb40e0331cbf9f77e9431c41f946ba9c5bd1d40d0ad5c4574cde573b128024f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 63c66ecd36b2ec1038597b2022498970 |
| SHA1 | 870e9f3acd1b803115025ddae22427c671e47684 |
| SHA256 | d00e7e1362b851205052cf443c9379a1d80b5f5936def2a36ac1a34ea81779e4 |
| SHA512 | a7c3f1120df975331e60e556df89f6c8b5aab7418d8509d14f35d316d8df5ff40d8631b3136a42e152f87b7f82cea3b40cc258b76a5c0d8299fdd578f6580680 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000062
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0665b45b4e1385ceb518132dd86cf883 |
| SHA1 | 4646cfd0bd885db3f29d2c96c9af3ce93d47666c |
| SHA256 | ee7a0f05d489aa2dbd23fd2fa150b22ef2f5cdbfba8d1ceb9a086cee9cbd2bff |
| SHA512 | 6bd3ebd092ae7011a9c5b45449d8a72871bbe5c7ba722660fd4f4044946229dd90da6879dcf5eed31aa2aa10178bda70ea5e8ad45e1564288602ab1c0375b511 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 19e9a6d6857c5e147627e3fdc2667d42 |
| SHA1 | e771b122dbdf19b2e8f600ad005615c61fbd8077 |
| SHA256 | 706bcfe7b9740ecec16596c3458462ba589a2f8c3d5d2fd3c3645809fc608654 |
| SHA512 | 76d83cce5b0e88420cdb946c7cc3bfc993996cf63aafe48e8a6c0b8c29d9c505734317f73f000c79dccfc1d933afa4d2797bd605c8136a7280c35ec0106fe240 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 34db97cf304b75cb8d16cc591342713f |
| SHA1 | 843daf31379578301590202a37ff30d9e226e5ac |
| SHA256 | bcb328686b236e0d6a261e95ddbf8a0a8d824f855cf1394f2939a57f6fc623fa |
| SHA512 | 7ad9699bde62d07727680386aebeb3b73d9bad81ed60ffac95d6dfa527c5b5b90a6e60c8e20895033c91d7b84805e2994e52b5d3125d99242e4249e1eecf2480 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 144c2172afc2f185347aebfdc1a993c8 |
| SHA1 | a14a6a63f95492c3a211648ef7735c1d6ef9b605 |
| SHA256 | c5bc30e7d8bed6fef01d98070918720845aa521ad383c5c65cf4a9fd5075560e |
| SHA512 | e421dc373afc522929e75bceac12d94eef9c7e885866ddaa08a1ff8ef7938a258b9646c5ee91299ef0f8030dc0df71cc7d4b03872923b1499bd0443f1abaceae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00b3cdad68b8d4bb52d6d7f3a74f2854 |
| SHA1 | 8a52ffc8b615034f3b9e7bd754a656be90c4249c |
| SHA256 | 3f9f0cf72e0e03f7feb2685d368ef83e5fa1fa7aed8b03fd0c4bd1feb8228801 |
| SHA512 | 1a90cb40f9c3de591155ad81f904f183bdd72662c299743b84fde3e0e7f8343d67cfcceb56ddabf558b2552a89f645d9a54202ef290a079438c181093c41f2a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e994b4e6f049b10689832625e60c77e |
| SHA1 | 76960944a6bb811ed086eacb68febdc457cac117 |
| SHA256 | e391ef39547e756665d8e8bb165f5d165a6cf6a59a6f7f8d38f22bb3d0fb7124 |
| SHA512 | 419c72167f184f99bfcd3eba092df65ac87a69989fd919eb2f1d07fb7c75585db96078d8eabf3dc83b5a1cb84dbf9389ea6879b699c24e8ae171c66097ffdea6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b07aa5fb672bb52f14e656f2dffd34eb |
| SHA1 | b46c6dff12a235f07f8581a47c73504ac550b2f3 |
| SHA256 | ae24e868dda55694e8d6f79a75a56dc6581c7ce87c8c39a7dcc35005978cf537 |
| SHA512 | 13ab9a0e8cd2d24b56a8d5d41272ca2094f60aa4b4948e755a43b56bf97cc2e13487197f3ff44ff89c726e7ed66197a27f0f7dd528e77f098fbbf7d00b9774b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8c44d500ddb848c1aa65c13ca31d7a9 |
| SHA1 | 7e12ad1afab4331e55e46e3b4bf9048070e78a3a |
| SHA256 | 7b929815d3ad730714b2b0b37de77dbf91c16db5bf87986a16995287e101e55d |
| SHA512 | 0a1f7ef87581b78f75b0afa50240071fea5e178434070dee6656756921bf3d7d39909a16bee107810a2d1fc1296b16a2ff65a2d8c61982ab5bd3025859cea8b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c4c49013a91dd5e67258c99d56c52e25 |
| SHA1 | 691960d7a5d09629c85063be77c6d52cad2116b3 |
| SHA256 | 05972b70e27a6e5121edfed1cc82350793ee1d2045cdd15abb5a0733f70ece3c |
| SHA512 | 772ea872a3aa5fea3ebcde119bdacd0e6054abee5baf94cf5e1ae0572f76f212c62dab7c99e82879098fb7987e1d3f26ae72a914d2f719d010b8e0db46249a3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b8bfeedbfa16cfda50a33cb9476e13d2 |
| SHA1 | 1a875d8c403c2bad419e184cdd9d3bbc33823712 |
| SHA256 | be886487e50010a782a20b1cac2e4bffdd0fd5558067f3f08f1784312cc70b6f |
| SHA512 | 6bc5160bb56f4c9c2de54a8ae033e0c0fd99031026ce164eb634dd468bbd6b5f63e0f7a75f1677c722ed096e36f7da64d9ee57db929bba1da97875ba8d9495f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39f466cfe40af3f473ef6abb3fd7e759 |
| SHA1 | 0af18e74edd32915b587414cf2cc7aa32cf99571 |
| SHA256 | 76f8afbe89a1f72df3ef8180fb6a1f6e972b3f99c692d7e4973865661f59af8b |
| SHA512 | d08e9ea8682c37d4ae0e0917826be7ce3035a69f7da5522317972297ebf88957ca038ce4583e909a984fff7bcf8abd0ed268d12e171e679e23dcfd0e7f46aec3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a174a67babac1951ff9722a8ab87bd65 |
| SHA1 | 954542b025e0790b5adb82e876e946c92526f893 |
| SHA256 | 9fa5ed86e64e9d0d320c410b09c46b309aabca8af2fcca7975a6b79adcfd36f8 |
| SHA512 | 8b7b9fb4b9bd632e6e64260d0665c9508c14b73a77eba043a43ac510a5961c862ea6389fa2d69c29a0f5e52795223329f4ab26e255541ddf60718b4af9bc404d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6eec6b078b85aa3de84d69991a785951 |
| SHA1 | 9d24ea0b1a85a94ab4bf921e4491f15efed5ed9c |
| SHA256 | cd16d6963b2d019d7673646a47cca92ac33aa618a5133a95d1c2c4727aaf73f9 |
| SHA512 | d4244c9d97f660b769fa8a4b38555239341e89ecc127d16f4c08fd4eb36669e6b961fc62aaa5102a08ee529d9d848073a082378497beaf52047fec3912182bab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1bb64f3a0de457bc1fceb2a34505d68 |
| SHA1 | 6fed2be801e9f794156d2ef76741e6ef75445aab |
| SHA256 | 6c4e6a148356ddcd8ab58f6ac462142364c1a2c76086129da48d10b9237797ec |
| SHA512 | 2e172d6bf524b4d3ad3221324cbea916ba123688a9671d09dadb306b826c7b12cf5ce7d4dc6dc43981ca7563a9aca0aa580bfe05e8f4a99c41f567505ecdbd00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b87170888384bf38eaa4e8228213ecbc |
| SHA1 | 7fdf45febde5bd921799cbee33609e74fddd2b15 |
| SHA256 | 38e856bff80630a1c1e2a01649a7b301f76d11063d29d544be3721894d21ab45 |
| SHA512 | a5682104c3d5c880f32d54b5ea5a4197184be387dbc2565abf1e54d10bcdea6865f1247c9ca93b666e3ffc5da81b2a89ce4a2e08083c5612d078c07b8858162e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 073b654f02100df7c522e9bed3cb8b2a |
| SHA1 | 9b66ee9e05ebb5393879211d0fac86e6aaa78b2d |
| SHA256 | f0f9f799ccb42c55cf5040e409c42d853deee89c5ba02a07432bbaf2c9c77dd6 |
| SHA512 | ad926f431bfd4402bf54f43d159fa0c7580878bce7d96c56590b8cc3ef4529e60cb7ed8dce836f2127341df6694f5c5412ffcae290d953cdd5ffcfc772e635a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2190bb47d8e8761f00e2b5ccb9bff40c |
| SHA1 | 64033c65337de3ecd241227df4621124406123e0 |
| SHA256 | 663d520c8455689dd7042bd140671ff6c6c8c5929b0c962f99488dbb50a5aeea |
| SHA512 | 2ebd06a8b9c1a3700d77bb35f67eaa2ada7b4b68fda3115206f5249d98eb8044b07b8a74f94978a4bae7a8a2f95a1406300b765035912dfe257ce8c9ed565962 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9bc18ea8515379ac1cba2847c55178a0 |
| SHA1 | 47d42d341e687a5d04e609d6ec7d30cbccc5e1d7 |
| SHA256 | e2c9f64f7c892421f34bf9a9a4828a462dd26015b65cc69b600747186ef1abd2 |
| SHA512 | e9738c63c60fdbf142a7cc251e1f058b70b36c38a04ca3a63bd56efb0752748927e89eca304dfcc5097f865b0c1208400b0f2cdd4d1fcf6744e673a33890e595 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34aa4394bac13f7ac5228582bdcb816e |
| SHA1 | e96668ba999da3830b474899ade9cda4bc8d5438 |
| SHA256 | d0e559e09e6f984e828300e77d0e24b148c7d93c36b4696217d4f44022b13075 |
| SHA512 | 2c6e6e1f14bdd0160563efb056f6a104bee2e5ea31d94eb9b51f0ec21a6744410c20813c8cc9abb8598f90d7b416a7b29bb7432df7059e983a87b3f5ebdd6b1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2d2a330322ac77f33a833c29e6aefcb6 |
| SHA1 | d4b81b30d1641a8cbd910aa6d2ef2413139226ce |
| SHA256 | 4a69095bc3e636298f5a75b69ab7671faeb1fbc4b757ce8e1fdc18979fc91f1b |
| SHA512 | 93f67fd847c328737268373edcd3a35effe23fc932ef58e5fda290dfd765b6d3f6f198416a2a2219e4ba4d41ab2427d4aad6fb444871eb0136e8d256e4336e2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dc7d2f701de83486b8a88cb15be7f338 |
| SHA1 | c2682571c1ad4baba1fe4ce1d57141bb0333e51b |
| SHA256 | 898439a80abf00be34468c3a1658d10eaaaf3eafb396dd52dee6faa5bdcdef82 |
| SHA512 | 067235630e64d655e29e43ca52126f95e8db48046008c94b670aad58b39ca11d85a476b72af42b9a3e6b4f3ed55c95a2698d08fd48653ead6478b4c1c76a93ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6f9649523691ffe566633ff1dd18806c |
| SHA1 | b2eac83b7d1655eb41c6ea242c78d66c113834f3 |
| SHA256 | 4cefe41bf7ca2b2668f2bf1d42448cadfc960f3ae758bd60265e04d48f520783 |
| SHA512 | 04fb9f87d2aec9fadedd914711946d61ad277b242fc77716854d7200653bd2b51591d59f0508500051f608d0816844588fa197337d053a94af73fc69b4b704c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e582ea7982f5351dfc8a34c6a92db6f8 |
| SHA1 | 91cd8404eedc06d5ef83cc4fcdfe1c6d43a2019e |
| SHA256 | 4016971c150bafc9504908572506d7ca8f2e4510b2728f0f5241141f63d6070e |
| SHA512 | 5fa4f87ff60509366533af346f3911be6532fbe040a423cb4c1658f26672c9405598fe7cd58f85817c11b770a46766ea68183b1d2c26003553b2af3c320bd210 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dfd64b10e634894235182b2becc48719 |
| SHA1 | 7ee2098d7adfb018235118e9b00e3648efc66de5 |
| SHA256 | 2cedc2254af2a1b5ec6b258e6aaa237688561c8dbad6613233355917b2c3bf24 |
| SHA512 | 9f25f294192ffb9850195e110f34a6326eb16bf95d2abe091dfe0d3eca7929f5e541437052d557376a0309942ee3952a15ad51159dd933174650f8428f1b66fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9fafaccb13f9a430d3cafca86c4802e |
| SHA1 | b1a1622ac35bd87793150e3a6fa41482bdcea075 |
| SHA256 | 5b3cc3d4a79f7abeca0976e6127ad564247f7b485f865657b83c795f40c28e9c |
| SHA512 | ef2a38e052e5d426f697f718a65ab06ce3028559e270fa72fa64e7c6f3ded5a5cce662f10a14f71e60c7d197fc04fdfc8f78eabda1fabbdf5697ba5f58c4c248 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 626254ec824f29eb81c21efd9bd6b0d3 |
| SHA1 | c4af8d7f37165d87cf9f50be4fcef0eef440d988 |
| SHA256 | d28b5a13cf3a78e056c2756e3cb5334322fd11f79fe83e919c9a91d8b60abbef |
| SHA512 | 921420e2c345175a5dc91c1fa9e6ab750eaa9fecd9d61fe4d1af9443722af6a789e7e96e20217a54113354ca1c1ed1ff3600d4d2475da3e15a09070403744082 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b3b43a414f56d7c20af3017b9a09fb36 |
| SHA1 | 11cc531e034bd19fef1ddd95f55253a3986574a3 |
| SHA256 | de893a400e72328b4b382e211cf7ab7fea9eeeaf80a5ee26e9e2a9b618db8213 |
| SHA512 | a509b41f96613e450e1bac34c85a1d34e06900a834ea215858049ea6f36ec43adea4fdb5243bf27d0b4d35005f6055bc62ecd2a1e9dda90a363535c1b729e16b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c05553831d6dbf092e993261365ccc67 |
| SHA1 | d045320049656c44f6e21de884a4e53454bbf7ea |
| SHA256 | d180214474c0449984af161c81e803d5e9ccd89b6980b51934614b54c1a3307b |
| SHA512 | 1994729e4fa714425acbb672398a42fe91e4a5a947b57fa93373b7b72079f03e3f60bf116c531dd4b8c0939989820fb61bcb0e0ac8561f326b24b44bc722e020 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3617a9c8277a8a3b9df2a48b2058dc16 |
| SHA1 | 1c0a2aaa706dd21dd3b5181ff9131cb4d9384888 |
| SHA256 | 5548e277fbd580590a76e06f80e71732c8f57e61cbe727c683e337b54cc84247 |
| SHA512 | d98c375c1687feea2906491b81818f1c3b860ff33fb98093791fc2278e87f92118b0ed832aadb4cd083a13b96c1cc51d8e7b56369513bb449965a6755da2126e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 41ad1771b49951c0e166c1daa5ef8f68 |
| SHA1 | 83fc5f83810bd0e1a9ac8fe49c7dc1180e2a50cb |
| SHA256 | becf5680228a7f625d4d2b599956fc106c50be55c66f2fbf0d8650a9c427e722 |
| SHA512 | 29bc35c2e5a68b7cf474901ad9e4d24a18a0d9deef95150273fcb96b0b9919af1b113f3a159c7518d4ddf65ebf6c2fd5ffb9e3d08f989611dea3b237921fbfc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c945abab673d8789d646a6fd8bf15059 |
| SHA1 | dbdc8100e27f8d95de53b2842e483fe59fb4ae8b |
| SHA256 | f3760e595db54004965d77b0fc9443690b8d66f577cdc91d37fa130d788a784b |
| SHA512 | 1561d12f56c668e44ec83256a2be498278795e58661bdcd52579e572837250501e6b37c13cedf418fdc527f1c9971cf2dcde8f44544a9b4f3bc481ac428e0b4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 843854d2f4e28b842fc10be557208f6a |
| SHA1 | e3547c218c1951d74b8712a35fec234c8efc7937 |
| SHA256 | 8eedfc7f0675e0f28549581c5bb445101aebe670271b7b334f47df15a6d51966 |
| SHA512 | de462f986bdfdaeed2933a00c89d00adf14e93ec4598e047f438e3c85c529e39b262632ac3205f44690d2a6d5bcb80bdb96fcc204c42d6dcfefb1ead43d7b870 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 46779d317e5701ad5a04071ffc1c4643 |
| SHA1 | 75a61322e5ab33a148c2e6a0f4142a2f664697ad |
| SHA256 | d228888cc5b35c9cebbb06b6ed2705f618929301b10ccd4c2d1531735e16edf1 |
| SHA512 | f87cbbe085427ce802018d1fd6ec54a91ac345e9e7d19b2c95ddf772d30e4252d61f86243f0fb4e6c1511fe1ce49c33241b8200a75d7f9f751d804d7f35a47e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b10c9e446f9e952ae9247deab277f5d |
| SHA1 | 4678af7fadcc8614f1c03654d81ff4657c661f8d |
| SHA256 | b940cc6eeacac4c99ddbe98d98b6df6e12371b11d5101d86ead4dceba71df73a |
| SHA512 | 3fa1d39b0ae893ecd3bfe3998e5bf4dc653243f151a3495437701322cdb17a6e612b1ee4e0b1c7c9b656faf053e461e1b0108d67d5bbfb4bbaadee5af8c7d261 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fb5b5c16ca8361f43b8dc412445c7acf |
| SHA1 | 7221c47f9e424be816519b519aa425084a003ae8 |
| SHA256 | 672f1b26a9b834fa932165d33e218cc952ef22e3ffc854c0b3a174a8902cb230 |
| SHA512 | 469a8360c923edcbd5ca6bc23ad98961a70789c9189191c12f141880ba182ddee66a914b07d93ef0086b43cbe297b291bd69cca682960e6cddddfb046e3c87e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b60dc39e85d6a6179fe4ef834e543c0 |
| SHA1 | cc21d37583d8319946d72ad5aed0ce945332c149 |
| SHA256 | d633ce42c586b43904e13049d7f261b2f94ee62814771275f9c7d3c64bf6d912 |
| SHA512 | 2be1d594ab2f2842fa539ccb5b2dc52226aff7298e9fdb7730ef25c7c5bedf8df761b3245582f1e639ea7c7001d0d07a8c13d540afc3741ce2669b2759f4e3c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 09e029052bec190d019197b8f4540bff |
| SHA1 | 81164db0b7a7317cebfbf4834489c4727774e944 |
| SHA256 | be4ce74786b17f05e4e926674dd2ee48fbdeaa9fe021be5b1feec98c3b87de6f |
| SHA512 | 29880575ffc0b162f78c7080389b862f12480bbc94228b4839f917dd5ef682fcae7a5986413f13e43845fac50c457a1496e51604dcba7ae1de2b9866f5194157 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 02a8bed4279ba8f416451a7179d84ec1 |
| SHA1 | a243592cc251ae175c36ba5d7d41203001f9ceac |
| SHA256 | bec0cca7a763b5d3f57b36fcfcca57ce08a8df0dcef462640ec9ca3e27c2012b |
| SHA512 | 8ca16ce554256a15a5fb259b07f4dd42fdf51e9850be6456625139f16242abb8d7962cd498dd827c5b0228ef6eded3bf501365fa74325e8c2dc75fd703cd2f81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 361a41f421da346020c0a101e727f364 |
| SHA1 | 04af32be34364b8756dc3290c8927bc46462e882 |
| SHA256 | 2623c84fb646844ab75a76a1d1445d329b15f1b1e2928af2c957d4c1e7c08196 |
| SHA512 | be2d34bf086e5dfbc64fb3e365d2e85f45d20ed576ce6c62bf285c74b80fca8a281eb63703e6dd7028ea5381c7eb05ab79f2b8603ea186de490e682245bcb377 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\40a9fc38-cc0d-4d0b-a396-bb67662dc5ed.tmp
| MD5 | 2ed172cfaa8847ed5557da6386017f49 |
| SHA1 | b85d138856d050f60eb6356eab5a3a9cfd0bc5c2 |
| SHA256 | 2abc7ef8caa11f3e3c8c96a0fe8ab9d7b7c7509fa86ada5a5f9a85531dcf4612 |
| SHA512 | fc3ec46c6458ac7985811fe9a84af2802d1dfab5783b0cb4a9782cb04ad7bce22a8800f07c7547254968db0ab1cfab6418b5f5c0c07180c59b75821afc7f73bb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f625c9781f02b8075c61066c87a79195 |
| SHA1 | 28c87a054ae0981dd28d34c818064d13bc4ed2b8 |
| SHA256 | d9317f84d9a00ed680699a009f7c6fb1557d93f7636107f3f25a3502a350825b |
| SHA512 | 60cb355890f76a1ab681615423a963d006b453b6ce1c4b5119074a97ad4953bba54056db0e2fd1b5e9a9be6a7597c1037ea91f5aca2bec68c2255dc030c7e82e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9116d45e8827650aefe340c2cb90ee25 |
| SHA1 | 374f6ef051cee99b76d202f8be6de864716b2784 |
| SHA256 | 1401d44b02f5366a88af6a398266d88a4735546a2f3e3b9b9794a04d7eb42bde |
| SHA512 | 317d2e19456bb7c11960e7ead27bd5e024770d97d1f545593334c8a409f1cd17c90fd9f084c565bd9bf5d0a051b0686544498db915a5046fedc48d42719b1562 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\87d5fc09616e951e_0
| MD5 | 35565e700b3cc9b79ed8b2b79fda1aa6 |
| SHA1 | 53c619acee26e802a4b589bb703aba247c76a533 |
| SHA256 | b4f347f8095a51acdd79abb4fe691f2128fe8001d1acc42060e6a3fa90079611 |
| SHA512 | 5bf1e6d0ea16732675f494bab5249cd4db0c1022dc5c08bc85fac9ddab98742b83688aaea63714e0b145e3aaf70892f910cf74cdc64c0fbb1e776715a9130fb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a0c43b31dfb24280_0
| MD5 | 09ef82f6f4f5cafa3bcd2b4b7296c10d |
| SHA1 | fb588f8a3f214dff25eab1cf5d65b2380c7e3529 |
| SHA256 | 55d7d0eca1f22534c7000a0cf3f81e59112fc1e4996b2e51082c8ecb3d37af09 |
| SHA512 | f765f682c3e50fddcbb7830f71d4d87beeef9904a3d2b4ee9bd7b973e566ace6e6d8fe179fc125e73fcb8cd9fcf58872fdfe18d24f129343207d6e61b3b2958d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | bb9b3838a5706d208e2aef3b12e18dd5 |
| SHA1 | ff5821afe169fd96ac4697e9f60551febc9626a1 |
| SHA256 | 672f13b98b82da37d36ca985c88d091228d53fd2e272b930f2e5c56f833bbb87 |
| SHA512 | 520f56da1b1a7c9ac93a6d5a287ecda8d6da84070a8329df7edbd57d4597477b847b5fe3d7a89e1dd33698da7a361d2ae95abbe120fe937f29ec7398ab082bab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe65eb94.TMP
| MD5 | d66c5f7afc1869de23290d1c2af96f48 |
| SHA1 | 82d880b0b9ac1d1b7ceb9cf6e5d34c2033337322 |
| SHA256 | 3bf3fea195b6d5b5feba4507113595dad1df3f0df814adf73e0d78ecffcfeeaf |
| SHA512 | dc03c7545ed2e660500bd5364fa4351e65f4f9cfb2f4764f236b04e1e395eaa4f3ac6da569a7487dc9678105bc49f42a69e8d94fb97c6d22cbb2ce3fcb115756 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3b9975898ebbc584302871cd23aca6bb |
| SHA1 | 9a324836bf29c1618b1d7306217068f7a017f83a |
| SHA256 | b41cd4a5d5f391ca2a07eedec213e2e843e82e52ac51ba9073a98ac8bf4f0acc |
| SHA512 | 92b7088318ead54155c8562f0f487aeeeb9797a9c9dd66243237625d6c022edeec6d83649871292354998dbca154d0ab003d287089e0ced819ffbb51de95e543 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a8ec6933f03ca7c551971bded08548a5 |
| SHA1 | 3f8c000e4c71406eda6acba900699086ac3bf1a9 |
| SHA256 | 1357b633f89895071ccb704c7a9326d5aa182c9a12cb1c25fb04a395f86e4994 |
| SHA512 | dc11c1984daa868698837c3ce065939640850715127d5c0772056c540c7d0fc91c6247438ed27700b136fe13d37513b5fc9f47538ab5d496559cd16e97efe1c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4848_910068258\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 206fd9669027c437a36fbf7d73657db7 |
| SHA1 | 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5 |
| SHA256 | 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18 |
| SHA512 | 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 529a0ad2f85dff6370e98e206ecb6ef9 |
| SHA1 | 7a4ff97f02962afeca94f1815168f41ba54b0691 |
| SHA256 | 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6 |
| SHA512 | d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\406692fb-91db-4fdb-b009-c041c927ba9c\index-dir\the-real-index
| MD5 | 705147325adf1c7e4f32a1d1965a99de |
| SHA1 | 55ac09ba2c3300153b64632d8f71a20f3004cd2d |
| SHA256 | a8a155af58b073559470841f550defb82a34ba17701a5035305f8c283e2bfda8 |
| SHA512 | 6cc6499fd3a79650b198e63636968573c27605d3cdc1925613d75e7f5c71fd150e702dae482ffd4d399fb074ef65b211f175c801a8c93aacefa72deaf75bf8eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\406692fb-91db-4fdb-b009-c041c927ba9c\index-dir\the-real-index~RFe660b80.TMP
| MD5 | bdbed71f64a401737864f883bfae3942 |
| SHA1 | 0cbac21d5ff58b0048251778a7973b930bfdab69 |
| SHA256 | 37bc67438d9f879b73c392aca53c25043ae1d8d4b64b5ca3f2412b497ade5ae8 |
| SHA512 | a03eb70209aa1b6e650416dc4f572144080fedba90a6bac16cbb4e7dcc4c97c7bbf7c1276d034814dc1d6032d1a1f4867277cc3858d4cc6de340ebc0522d80df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d01f210819e4531cb79c0e4b40402047 |
| SHA1 | 8d004263ba3ee168c0111003afdfa092432c88ae |
| SHA256 | 5014ba8c04ba27b2044edf7a9e206f471fb08df907e63c738b9eeb387dfd3e88 |
| SHA512 | cedc2c7512a662e93729ceff5774ae989adf668704bc2c6caa1a03ca36e63eed27c230d5651cda8c3712635e83536865b8053a8891712402453b5681a2f30a65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6d14dd243ef45034e6d13c847e0198da |
| SHA1 | 51d5664e8a51dfb12fb8a039613a75ac3bc58820 |
| SHA256 | 07dd168ff8ef8620757310a71814fab2837d3931456ca4edd2b9ecc1e9347016 |
| SHA512 | b33f60835b85277786e02f41c471fdf4ea4be58264c70bba0a795b2b88da01853ac9ebe9a9a7320de727da106eaf51dd35fd2902bc53c94993afcd96f7bf0d81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\970b3092-bcc6-430e-b2f2-5cd54fefd50c\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7884eaf883603558fcfde1aef011c474 |
| SHA1 | adf8e9171bec2f4824414978ea4a34eae20ca66a |
| SHA256 | 1fa1a9b6698edf6cdae2c1571e94427a08d8207b414d6266ca80712fbe7efa9e |
| SHA512 | 453df57187cd2d86cf094e3e936bba2ba2b61d664c3f3f11bfa334fed5ff90d466a82f5788c353c7fc8f918aa1d66b46e875cb9d58da08877eb31f52f59d715c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 01626ade71d622b098757482ac169675 |
| SHA1 | 642d4faf7e3c1486b6668d4fb7580cc09f787d0f |
| SHA256 | 24c4a57ccfe8f5468c3191344cbefbf44702dcd26a40267ec52fe942ee005450 |
| SHA512 | 23fed7888c7cc81f47414049cf854e54981c5229083bb2b200e762bb6058cec769e8a602c11698b6c5c5db2336bf3b4e446bd3f0819ed64e9f5203700cb690a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d
| MD5 | 00be450e53be4c6908de198044d0d123 |
| SHA1 | 8791756b3cc3becb7a8daa77d0df718571256c14 |
| SHA256 | 95675e664f3a169ccdc99be73c4fe4a1217d8ff21373ba7d6839c3d72f8ad8dd |
| SHA512 | 8d758753acc6ed7d26c5d770d55c88aa6fbf4e84bc71ed56b64b0342c17bb02164e26cc7d91049061fbb02c5563fde21c8f0ad3312fc35454524abc980c5f8a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095
| MD5 | dcd507c2d15f5727bb68cd49cd21537b |
| SHA1 | 11e3182ae9e2930bd4aaca34bd4eb9d24fb0e891 |
| SHA256 | 25faa783118dc4161f9fc728dd6fe91e83b37a533b4d698d8a7a154e1d2b0890 |
| SHA512 | 56a73e8a8ae795f7d8b6fd8b7561cfc5de14c78e0fbfcd0e01785b63d10d2218a8157aae205ec1112f298efedac7a94f68333f2660af5a7aaa7d0bbe8c98329e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093
| MD5 | 80f1c7472825e6dd19d7ab65b0984ffb |
| SHA1 | 76af1427993a5d699b8441a32d751777a91fb0ef |
| SHA256 | cc6186b5115525964b454ef070e9034df1d919d806314ee6a2203a2d66b4f7b3 |
| SHA512 | b0be05f9536efd3ee010afef24fe879aeabe56cd52c877cc23980b8c1742823834f2e9e8c000a78d79b077d0f257dc30bff10b5eb5bfa6d2cd684405bfec7c0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84e0c00d5edf323b9c48ae87fb7d7010 |
| SHA1 | cc3aee24093d878363a6b0ad4909846510d40fc5 |
| SHA256 | f830d41f03bd2468efc15f651097be507c130e40a617fd96b38b9fc6cb8e55f1 |
| SHA512 | 7c4fe4ae40689dfe458ccbc340bc0074a3adf43ed95c6701e9b161a2796c69b1fa5a15c61515aaf79baf069588a9b3f0546622e13f90745936cff8840f957aea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097
| MD5 | 26d51f80be8b4eba2f2bfd0bf12fd8e1 |
| SHA1 | 34b25b9da6aa0418b734dfc3ac5303d31bfbb37f |
| SHA256 | a962b42006d54887e66690312ab151780b57640a341e70e3374990d2e96e4a46 |
| SHA512 | 5b6e3f1a5336bdc3ba4c2793c046c2bcd3a3adddb30c3587dd2ab544ea5e5836df780c3c1ab2c9b2670f1eaba6bf7f619dd646f5b8d58551a48f7f79d2c22c34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000094
| MD5 | fd1f79856510e1cddd8141f1d82aff4f |
| SHA1 | 659aa5c13b63adfb1480856cf8da6acd4fa624f4 |
| SHA256 | d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4 |
| SHA512 | 7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096
| MD5 | bdcf1dd416d169d87ad5f73b2fb38bb2 |
| SHA1 | f6f595a5d88f84b54533e34be969f3871ed9942f |
| SHA256 | ee2264f45d3d0fc70f89a61c215d0470df5a9c39e47828db7e48c59fca9a50dd |
| SHA512 | 335a8b789c5dd06285df135e9e33cbaae0b20b3cda378fd2e92b33a66d7726e4e079f7920055121d2495d102e993e18d9a4430a36860d8cef5cfa100452186fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 816a06b7485c44050fa867997edd874b |
| SHA1 | f7691dcbba0fe95a47b8e9e30c8b53f26db769ac |
| SHA256 | d45880371dd1102a7d7c57e388166e58354bff2bd9a24a94e024c556c1f991c2 |
| SHA512 | 955072ce4354365c2e0a30f6f8bedb9a42892179247c11da59b24e7b851b1694bd084ca1b303bba9c66fff2ca02fc517fd58d1e98f1bff972e0c9686b8edd6ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7bba2da44df78c47b68293c8a8f7895 |
| SHA1 | 11fc20e7a9a18210a1b4bf5dd0d36abde3f1388d |
| SHA256 | aa02de3e04cc3cd441b2464db5392be65077bfef28e5f5340555d0a0917969e2 |
| SHA512 | 933f880215c77d5d2f06f31ff5321c832ac3edc469ac3b77c17081428078279f139d6e0e67ff3c23c4f60d29989424ab80d69bf790557993788cb9b1c85f9820 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | c54acee5f1dd92ef912980e9ef8fa183 |
| SHA1 | cd368f1ce2282b543208bd71dcd0962951ed9a71 |
| SHA256 | 9449a660a0d9fee21591e3fceb5b701aef9ecf621260bfff07b51471f640bb76 |
| SHA512 | 0788f36ab26c608e40ce58d53277f9bf6e2ed3c5d507cee482b1f5e0afb8e6e5afc8dc9274b2ac833a5fe7429acd047cfa19f0ca5120fb4d50925f532a01f2d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6af8bf97a55c8a593102db05dc5605a |
| SHA1 | ccd8436b180f85aa93fd0698e276bc2b19a23f36 |
| SHA256 | 92e42ca668f11d61d0ba8afa4592565392e4c5bba65a9f5e581864ac9ef5be40 |
| SHA512 | 0986f465a7be020a3d7457106d91f22bd4b083b30e9ddf6078685812069351969c8db1ffb459538e79e9309a0f1b99bfd7dedbf19d94ed31fc8bd41bf41cf539 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\da28d5ed-9e00-4d76-a137-010ab70a53e3\index-dir\the-real-index
| MD5 | 2ae5cf88e3f452d9b31e25beaded5c71 |
| SHA1 | ccd5da45bb43d96d96608db5592184e989c0bda9 |
| SHA256 | 374c80cfb082361a94b236e21a118145acc503a50cede0138825cab179f6fc87 |
| SHA512 | 49c108c80f614cb2be7de1edbc6f50e6f35c2e44a5f447d7597c804644bbf47c161a56b2209e641701f3bd4bcc64e737ec5b05626a146ea0c402767c8db48b2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\da28d5ed-9e00-4d76-a137-010ab70a53e3\index-dir\the-real-index~RFe666568.TMP
| MD5 | c4d6d3fc72a0140303ec2258e59622a5 |
| SHA1 | f50337b6e8809dfb3e69478e2eddc51d4e01183f |
| SHA256 | c431ec4f72ab74937ecfd1bb7a3bedd10e6292fe9fdc7c345241ecafefefcf18 |
| SHA512 | 5c10acd0efa23c9cfd9439336c7a089698fe58990ee1b603d82ac743748b7550a634765cc742a5b1da4f996f281cbe407af38f6fdace897d5e73d9baa6833881 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\406692fb-91db-4fdb-b009-c041c927ba9c\index-dir\the-real-index
| MD5 | 533b016a52171bcdfc4528c27ea04755 |
| SHA1 | 077143f9ee18e59e88a5d9cabbac1c629180fb86 |
| SHA256 | 4c9b731fe2106e97927760082b0d8a72d83ccdf51637d3bcf5f5f8e623d04ed9 |
| SHA512 | 17cbd3150e59682bfb8a998c727ec5d3062207b3377a940cf8361c297f8a670200b01e68f71bb080978fb6838a42a6913f698fd79f3119741930e247c72e8653 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5beb55e04f40771ae852e879f7dde886 |
| SHA1 | 8f00a0166d2bf0839a7c774e148b5d68427b0d6f |
| SHA256 | f1be1a839f6bdbecddfbd61a5bfd7ba04cd422da86a32c1fd27d10d2f66898f0 |
| SHA512 | 510924af94465b283ea4e8e9f48aa64cca36f46721944bb6698b411042851efb99e930fdd1e2622d59d495d8794cb615da75faeba5267b7d18c4ec2b90ab02c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a83db50f6bf8d2fd720f4cf59b419d1 |
| SHA1 | b9cef517fc70000e70f077570e63265c6edd0beb |
| SHA256 | cf41e904098b9e1738fe36a8e14c78ec04f9bee7c5800fcb1107d62859deffc7 |
| SHA512 | 24c77cefabda684278ef3ede8477614ddaea6a258f4b1906983f3f01b28f8c36c793f8268e5d331fc28eb27d9dc204d348f5f4babdec99cc2e6e5848fe20260d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f31d243d8abb5f0015f31b5bbc7b2e85 |
| SHA1 | 2b11ac5c4225d2d1fb5fc8a5667248198e8600b8 |
| SHA256 | ac5aadfce33f5cab6b5d24a12773ce1f476be11ee88e02ba10366d859ba0dd50 |
| SHA512 | 4b596ee4206ce66e5a6e0accf8d466b052922d38249f6627e1f194e04fb57d4063c89d8e35f65617b89c4fe6f63e0b732f9b7d69744d5ca1a4f7e67d855e52fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\406692fb-91db-4fdb-b009-c041c927ba9c\index-dir\the-real-index
| MD5 | 406b6bdb1e73795265ef646cb338b688 |
| SHA1 | e726fef9da6419bc3f52b9fe4e9adde76c0ca563 |
| SHA256 | 30c7426c916b3347e95b19604d1c036a4c6584cbe02276dcf9031af0b7817fd5 |
| SHA512 | 8aa76be9d34af085b1d5eea81d7821f8eb2d3324594e35c7bf20740e0dca7ac17e1894dfc807f921c623cf58148cb1fa8509095221b02905d99a8014300bbe64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 718a0eb04b2ae38d5e5e2d386ea430f4 |
| SHA1 | bc80cdf2dcbd11a7b169bb3cf159edbdf4efa029 |
| SHA256 | 15e03d1a30f79b489bb5b267b59184e9bb9b5788c561227badd0da7e65862e6a |
| SHA512 | 5076e4cedcf211f4fc4eed96978a6219862fce36f8f56f24ad86b6489a1055c97b97c1dc83a31298aaa68e263d3bd327a3bfcf2e7d2bed91bb8b7b5a999e1046 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2d3ea64d679c16b22a9dcaee58a94e7 |
| SHA1 | d0ba4a5eff678164283be7b9a6e4b13160e569e2 |
| SHA256 | ee616d02bc6abfbea95411eb0c052028cdd531dca415a1c4ad3cdee20287bf7b |
| SHA512 | c36a9ea029c85124d727cd5333edc0ff6d6f8da8ffd1a5c75a9ce8f39e66bb2d283410f3fb456e5be88285df2b415aa18817bd9655ad4c1f5e6414ecbc943a34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3e48236fa955e1bf35ad8b672f6f4b4c |
| SHA1 | d3c6e260fe597d610c1ff484eb31c8fcdd5d8cfa |
| SHA256 | 9590a86a3bad046e142590342d57b1b3aa20a541c8d0a23cfd733585da593d0f |
| SHA512 | d3cd6ade4cad195e8a0fdcb3c82d27cbcf46235dfbf1a83d6e8fd279147d46f774277adf2531bf76feba527abcde84da2d9ec16cf3bd19027789eb253dce9ecc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f926df26d832a169bda552f89f224ed |
| SHA1 | 25fb18bc0e8529b4331bc399d40e2f7c41b11cc9 |
| SHA256 | fc5e16ac29305639e0396518be7e36f85fe38ed5b214924b3428d3ac12a81040 |
| SHA512 | cc69580dac3d67bb842053c5c5a6de3515523b51eb56e08e2c98239c840dd232959582f2f98b41da57546e04bd1ade35a962e968a3568ff658675370f8e96727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2924b207c852cde05b05246b004a541b |
| SHA1 | b7896e60cc90280bc68df0007073f93f993b424b |
| SHA256 | 7c0ace172fc44fde15432651540f1469a579d7bf32b0806d59a8b2b5ec311fda |
| SHA512 | d57b07295588f78ee0a006090881cbda56c7e2dff14d34e7870503f01a113d19a06da3f607adae88cbf99190c476f137a75d315faa1e16025ad1653e5347cdfe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 71ed24e608a8e7f2ba3ba93c23e904bf |
| SHA1 | c8632780cd76b37474ee2170daf2fd5cbc127c6a |
| SHA256 | da0e341ddfe15d0b40cc24918a7a45dd4662d45dce0f98057c8122e40956b07f |
| SHA512 | 1e69d243a43f8f56b3631402a499f4db1630ec14a2e3a73fb960c0b2b560c8ddf78dbce4f806c170a119027c3b3317749b8e22130d2b7e0764226836e3241789 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b015fec8298a99d44d93cf8a128e378f |
| SHA1 | 1eb4f670fd28f41fc1080d5602f10ef08fb6b3cc |
| SHA256 | f9defd5c50716f8ac213f5126442575d55c4477e9de45bc1518cce44dfdcf122 |
| SHA512 | 42574ec57e2258f2bf74a46dd6a154a83e81df881b152c68652d2035a13d4e3550f6f9546c644158a9b483407a1a95d8f9e921aca0ac68bf6d60c96cecd8d6e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008f
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | aebf4de2845b428db5a496a1e6d8ae9e |
| SHA1 | 20cf67c8c96132d6e7a7d2f0ca2c592920eb2d58 |
| SHA256 | acf27aadb3735d2d03266baac15ce2b8af8c2fefb38f9f9ab4819c32f41a3845 |
| SHA512 | 442effd1dd414db1f639af7bb685a031c87f026de15a0426950bd61f1db38b990372fefee2716b3bb282cbc028b70b131f05c3c83fb05e7711720a57e1132cb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7cffdc29cfadb7fddd09a3ff0c77268b |
| SHA1 | e0975a1f7350cc0824e41478e95374aa83520523 |
| SHA256 | 8d740519377541b02c4be38494a36e77236feb1ce10372bf0d339d8e3498c773 |
| SHA512 | 7bea168b8d8a9850c5da1c5f8755095651314952b46114825cc978c20ea5c12af763dfd92f63cef56fb6254c23b2b6d9b168c50629717dfec524c5e60840d828 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000092
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000091
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\da28d5ed-9e00-4d76-a137-010ab70a53e3\e969d77e575a9dd3_0
| MD5 | 876c6fa27ed68efd3236457657d398f9 |
| SHA1 | 470505356b28a960855e1c16ef156d5c2fd7f081 |
| SHA256 | cecb0b1fca6fa34b3203078f34feb3e335622d8a5743e09fdd234088a5eb4a1c |
| SHA512 | 2c1823aa97273727a667ca5133e1fce88429a64b9e4f74cc2904f05fa099c58cc65969ac34a5aaafe397b5b0476e5e490b3d1fb032456cc9a70dd559917d1998 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 269722b76eb42c2cbaf03f4fa6292a1e |
| SHA1 | a7025edb67d975212d44838735b427205eafb567 |
| SHA256 | b435fc21140265fab65bfa961d05cdf295a6dfd351baba731a8376fc44325dd3 |
| SHA512 | c888631e65cc0adf21df3fa4c1fa65c7e9b2906630ee98d75361e8068edbbf5a342755f2cd762c0c24f0fdebb9a5b1b91342d5b7ca96f4649b59aedd2c210529 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a8624b3803763c7257a676c74710a245 |
| SHA1 | 57436edb70f492b4f624eed1b278ce4e5de5711d |
| SHA256 | 68aa68b4416b3baf4522405dd6373945f2f67cf82aeb4b4ddb07bb07ec606ada |
| SHA512 | fbce62013e7ae38f0e4eece860a571eda62155c66944da260540d337e9ae2b0fa358d489e1184174af05c5e3faebcc03e165294b13ded866aab7365906a355aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\406692fb-91db-4fdb-b009-c041c927ba9c\index-dir\the-real-index
| MD5 | 9092c9db9c5ef060967b0b24f03e3aa1 |
| SHA1 | 542a5a48da16117684de8306202150dae155133b |
| SHA256 | 8fcc4fd7b99f734a1c84fb4141a8885b150d1e36d7afbb1a2c072d8c5032422e |
| SHA512 | 473ac3dfff0b3d6c4309e0563ff0c3dc68fc087f4c634a71a01a0b4c26255b625ed4f52b98ca2959724ad83b6d4a6c79ccd3a25f4366b53c74045d620c5e5eda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d50724805b557cf591b694a361cbe0db |
| SHA1 | ff69796f52b973aa015265228e9c6b5a4056f69c |
| SHA256 | 50195138bda7c6d97378c8a4ea1d3a42dd3a33e67d64a219f618b21a0f85805d |
| SHA512 | c9d4b4106f63fb946587f194eb3d2f33a065e3c41973557c5887b48f59b48cd5747b5139480c716279590c12fc87a8eed50635e4e946e9483d9e044e4d46f953 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 330f76ef2802ca320e5bad3c701fc2f3 |
| SHA1 | 8f9bf85a9ab74a5d0a2144cd7afe285cc8593ecc |
| SHA256 | e75939ac47abe01219f3084c3a79ec59764ce7510b35fb6cde2df5b73b4052f7 |
| SHA512 | 3a766d5d6c076f8023962dcef3ddbbcc4432ea50c1dfb6e28d61a65a4327e5f569dbcfebbd27daad26a00d5e829288fca8130203649e1cfb622962dd7628a704 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\da28d5ed-9e00-4d76-a137-010ab70a53e3\index-dir\the-real-index
| MD5 | 730aee442b6e522e166560b16b80293d |
| SHA1 | e548a7bc412842e28d7466826b82b0444d10f14c |
| SHA256 | 5686e18b08c4e6afd6f64c9b7e63841ad4a2bb3cc3cb2dd3c65512b610c9b40c |
| SHA512 | 335f6ba03e0a7fe103f874b6414f58a8504f3688ea273517a1c411f5930882291f62318c88ae1c45e9968926198154d30a2abf527c640e4431bcfec6bf9eec6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a08e4905368990380eb31d89fb7e9658 |
| SHA1 | 42e07820e3e35ed30c30833315ec005c09f43ac1 |
| SHA256 | 07e97b52a71ac79b38f6152d0a1483f38f10c8cb91e77a3711721e2801a9a8fd |
| SHA512 | 2393e2c3419a74539e501c4cad5425211cf0b0e9ab0fecab6b53c10c0bd98e12e58564a8eef2729b880d2a0bba50b46c6f06d036a95732492c19cd0decb0ca69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 34306973af4ba4444aa41be95f9cc3da |
| SHA1 | d591894b2b1c51a185f63a255b2729b80677e868 |
| SHA256 | 7e5dd9fc336349046fdafd0131ea8c7b1d028484f91de8d7871b8b4982f0cd93 |
| SHA512 | 6462391690b03fc0c45c6ab66b6072ee9dd6a3750557a67fa42864f7e6cc05349e597391d3b06494e95170c4434fcfa1b2401b7a68b98d009ca18e8e99fe1c27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4c5af746177de8a390da012a2597b72c |
| SHA1 | 1cf65670cd41db58b0b019f5129252f2370dbda0 |
| SHA256 | 815fab3a5334fcc81029f5394c101bc4213a3d86c8899d02891cec27661ad535 |
| SHA512 | 1b7f27bbbacab1dd1052aa7457b82b55d5c294f238d467a87b3213bbfa3ceafd6b77b283a1e4d8a2b1b868ebc2611401e9ffb79e78189996d68a25659bc78d82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7027f0c467374aaf1a10acad53c98f52 |
| SHA1 | 7dce64761d9b5badcf9ed0c16ba4fb0654368b00 |
| SHA256 | f70e6f5fbb90221afc478840aa2a04eaf3b62ca32e0c8b0a9541466bac4e51a3 |
| SHA512 | 653f1304f834a83512cd9afbf493b629e03981de56ad27ed69e0b47899271207ae423f1df27073312b8665356cee814984cf7b91cd88d9ed1efb56a33b1eec4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39932b22783b4a631e31bfb62469bb9c |
| SHA1 | 34e92c7925cf34ee280c1843a2912c9677497b7c |
| SHA256 | bb44819cdbd7b708250292f147318374124a8e9154449d2020aab2fd7eb04ddc |
| SHA512 | 926a56220a8d4052b88103df8aca393337185b054df9dd1066d0e19cfc3dd02d2dc5f5d6206f99ec0ab9245932c81e9589a6b5c95d78c47157126f20e4c3cb6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1de3018ca4d240adabbaa66684015a92 |
| SHA1 | 13960f7abc773d16bfaaef21aec1d876f7e6e97b |
| SHA256 | 0b89a34e278a99680658e6c33d773fbdee4db7ceee5f2e283a23e5270b68003a |
| SHA512 | 2d012d26cc88c8d4d72fd94e25b9a0efa5b31cb4ac609223a31f35c1cbf913d18bda9b2a52e9f9ce5f116fafaafcd0e3a619be4c36c8706703b83ca19241eb1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 26ba448cb07d6cb8f3b922f7dbceb0ce |
| SHA1 | 46eb36ad367ab582c7a21274b0f551f1f462604d |
| SHA256 | 5ff2ea311f40ba36af57da4339f2afe40dbff74b364f4ab6e9ef6bb8d528bb22 |
| SHA512 | 7154197f805ba8b08d00a94a7c1be961be6229fa1f1225e98c3f96edb6ddd80c3bbfbdcf3676f5be46ac11570fe8822de06c0ec67172ffba01dd626870b149b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\974567e540c4c0ca_0
| MD5 | b2bf450781aeed6e347c86624e732bde |
| SHA1 | 804a9f997e286e2b14e5f440a6b21beceb730cdf |
| SHA256 | 86e7dd967321366f47e2422e81b55df5ff37ad920a9ab7c8db33b5f2397645ec |
| SHA512 | 7befb79ca3b375b515e45b231fa74c7d638955318fa62c44c081daefa830bfd4a64e9f041e6efd0a00a84d3208384a6361eda61e4d1da75ab38668630a3ad985 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2d1a60d94cb115fb_0
| MD5 | 79a56e8327f154592d9da44c4b053d6d |
| SHA1 | 58c3d83a6cd8b9004db454e433bd5f4a3b2db6af |
| SHA256 | d47ce76dde2588411fd1c805b54422dbfa674e0492790df37629adc7296ae730 |
| SHA512 | 9f88999d8a498d15f876956de9b647ddce6aa6895d30b967ed0f7c2a6cddc35d92781dfa2a94e3484b8a327713da1d81c5754fc849e482274be0d49070a58f95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5882f58fd10404ac079cc50a72132b8f |
| SHA1 | bbc5ae9604872956d2a92fec15569b8879b3dabb |
| SHA256 | 508cded30b0ab5ff38508a94510d1da3bfefc725e5fe37e0e8d16b27850f67b8 |
| SHA512 | 0f9e2dd7bae1f8668d7cfbc389b1b24a603eca5fb984bae9c83a45568cbab1b85b9f92bac86319c9ea98b5bb8966299e2c80348551d464eff265ee33996ecd55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 71980888f55d200931acfc1be4d0b4f4 |
| SHA1 | 84c1cccfcbadff4ff2666d16de34f8cedc92dbc7 |
| SHA256 | 4e3780313cf1d018666a7a07210e97fa980e2c1a6b91a057ee492f2f68fe25c8 |
| SHA512 | 9e81e2cfa4112e25f189f255f4bd2624d2da0d4a6951c8ffd3d92d415d1b9e8a41ea437f5d0d5b081f30d60ac224bd45e9f126b0cac244d30229a88d345ea0a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 47a5e3f83ebf8ee11ebce022880895ab |
| SHA1 | ae43b06743eb6e0463d745120a786f9289fde3ab |
| SHA256 | c9559680e793bd6e78e79524078dfefb7c5bbd84f8aa17f26ab4f721246216e4 |
| SHA512 | 0b1500f414b0fb53c116ff3cc63f9334839a40fbf1facd3620a09efc63d30109370e93a9684605a447357b53bf57b8114c8a151343aabdfb08e13ccd95c34837 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 05ba5e9e59013514d849b196f7e42024 |
| SHA1 | 08b433c2d9778e9e9fceb52881534a0badcfef74 |
| SHA256 | 17074901fee3a019804823509e8014ddd4300df57d1922a44c95ad8d20f6f344 |
| SHA512 | 1cfa540b4624cdeca785b32d023dd5e082bca9a8e87fd599649585d78ca366d893e4c8be82f3b10958f4ec8d5a880c4a77732c5926d4b69303b3ddf927d79e41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a0ecf56bb880947e7cb37186df63162 |
| SHA1 | 5302524fc83a12fe2c394eb3a7d8613571f5333c |
| SHA256 | 47f54c3f19f87c1f2db67df04258aa440254033e29b852d051146a7473dabfbb |
| SHA512 | b2e2f720a88e96496fe09efa12fdb5ef08904b9c9d273261db44e6fd1d6fdcc6a9b05eeb38b44650dd245374ffe781d567701329f275dd185eebb27ee223af06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d4
| MD5 | 335e1e56cc42c560d968c9045381f1e8 |
| SHA1 | a9d8683b6bc00c00ae7e63197560542422ee82c4 |
| SHA256 | d161fc024ff279db7a1e9f59d36f411911b158cb4d9ba6a2ada7aaaa6f9594d0 |
| SHA512 | 9ef8de7fd17f022034b686e86f3ebdf2c12b1ee5e6f9b02564b618e81b821fb8f3a3fe0375d0258ff815eb317962e2d73e37a52f500581e476e0cb1215e64d57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d3163461ab9bd49016d228b340d19928 |
| SHA1 | 46996cfe04fb769e3304ee4e0367aa703db1be23 |
| SHA256 | fbf4b8131a5cf061c6f38570db9c862187d8333b89b4bd18e4ec7d4730719d5b |
| SHA512 | 3c7f330eaa143963a26b8148dbeda1dd3339a5d98863730ae1c2c7f5163ea7f3cca95a4b9443e0d3854f56bb7363491a915bda90c64cc3a3cbb5001850e2ad1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b0bffdadb474a2f5516e2ef9496f3a0 |
| SHA1 | f85b02a9526b64a2f8906ff2b60ebeb633c8f75d |
| SHA256 | 7f70040fd1684febcd0cbf7f2984650e4e2d62f9070e126b9190444d31ed9c29 |
| SHA512 | 1f574db137d5479995220f9c8a2b9daf27ac17470f2954f87ea8013eaf0f63fc489c6b29583f56312105bed8299a90c1e6b661b2c1ab74fed8aa3f9e67ecb213 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 05eeb0ea6c2e570b250f3f7763d658c4 |
| SHA1 | ae5fa99aaaed0ba1cdfa6660c4dbe28c18752483 |
| SHA256 | ecd60423848a31675e528b1f1c9931d17be1b219a01fb95c796ca312e29be8f7 |
| SHA512 | 96bee45c67358ccbfc2b52fdd06c48bf2e348d5eea4ef239ce96606200fd23b90651919d64b1ac0c654d75d8b309da67a404c5f64bad1322c81acf16937478af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22bec6c163187f5e4198815af81e1db3 |
| SHA1 | 11dfe37bd8628f30118b29e13f6203862ea7cbf2 |
| SHA256 | a050cc1c37c178ed203c66bd30b3c40b8c8d497290cce1754a399c16ae0518b6 |
| SHA512 | 148fc6816bb3d1497b75e546cf5d530a5dcdd528e7580a9cce080f02b45e19d8ae6dde0875ac7aa017d53506cc4f8050d8b6071a4fadb40c631cd9bc7a42453e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 351c91b8354980a17f5b9f941bbadade |
| SHA1 | 892bb5aa4eb34a878011c23d347815b5769f6ae6 |
| SHA256 | 6191e56afe9146884b51b84e7c2286202bbe7e7898ea8d81529c359a29359bfe |
| SHA512 | 35bf56dd799f4742b6b4f63e63c412ed484a5d159e25784306c9b8260163db688e164dda2eda656eea72f978ffaede1bc6ec48977594f69bc1eaec1d777e6d05 |
C:\Users\Admin\AppData\Local\Temp\7zS086EA039\Assets\change_hover.png
| MD5 | 57092634754fc26e5515e3ed5ca7d461 |
| SHA1 | 3ae4d01db9d6bba535f5292298502193dfc02710 |
| SHA256 | 8e5847487da148ebb3ea029cc92165afd215cdc08f7122271e13eb37f94e6dc1 |
| SHA512 | 553baf9967847292c8e9249dc3b1d55069f51c79f4d1d3832a0036e79691f433a3ce8296a68c774b5797caf7000037637ce61b8365885d2a4eed3ff0730e5e2a |
C:\Users\Admin\AppData\Local\Temp\7zS086EA039\BlueStacksInstaller.exe
| MD5 | 61649b18be49277188fb628ad4208ce1 |
| SHA1 | 7d601413b233c6f8f579275841449852bec9b279 |
| SHA256 | 0231016bb24e3b91fd80dc779b9617e5dbc36af45ede2b32b204691541ad4f08 |
| SHA512 | 71263084b20816a209e6ebd141f5543c4da7b4f99679063a7bed94c7f3345e3b801dedb1ccb7241241620ca73c8044d24a03315acd42cf86b5e56957dfcd4f1c |
memory/4796-4139-0x0000000000FA0000-0x0000000001040000-memory.dmp
memory/4796-4140-0x000000001BE10000-0x000000001BE78000-memory.dmp
memory/4796-4142-0x000000001D0F0000-0x000000001D618000-memory.dmp
memory/4796-4144-0x000000001D080000-0x000000001D0B8000-memory.dmp
memory/4796-4145-0x000000001CF40000-0x000000001CF4E000-memory.dmp
memory/4796-4146-0x000000001C8B0000-0x000000001C8B8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a2995ab12c73bd35ac2d3f8bd34e531 |
| SHA1 | 7400f9e964083cf72d15deaef9fe125ab047202d |
| SHA256 | 8f934e76f4a26565051f99aac0d3a530a420fba17460f5135d0601b213c9951e |
| SHA512 | 71276290ba3723c36970ea19d81d251f044c91425fea7cd8c9907cc5af53f4aefa13940605f3416bfc3d8394f3d4c6839a465bec77db345cb9d7ac6f92849991 |
C:\Users\Admin\AppData\Local\Temp\nsrCA10.tmp\nsDui.dll
| MD5 | 00b6133cfc90765dc003b02644e99723 |
| SHA1 | 50cfe98a05ca6c964d899bd8532cf20091a9710a |
| SHA256 | 7e490c705c4fe27aa70ddab2e36a5f9c54a3eff2903642c170b89b9b67e90efd |
| SHA512 | 4db73e1fdcf25d85008deea08568c52839ff4328f3ae58836f1d944409d045d474f6fc15f16eaad993928264ffd3e1761793be7dc7349b13409e98b9ccb18df9 |
C:\Users\Admin\AppData\Local\Temp\nsrCA10.tmp\BgWorker.dll
| MD5 | 36c81676ada53ceb99e06693108d8cce |
| SHA1 | d31fa4aebd584238b3edc4768dd5414494610889 |
| SHA256 | a9e4f7ec65670d2ce375ffaf09b6d07f4cd531132ca002452287a4d540154a38 |
| SHA512 | 1300de7b3e1ac9e706e0aad0b70e3e2a21db8c860e05b314a52e63dd66b5dffdf6be1e38ab6ede13bfd3a64631cc909486bf4b1403e7d821e3b566edc514c63c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd8fa4f85689404134dac5afe5aec29d |
| SHA1 | 3ac3effbb0b702c4f4dbb002e2fc7fb4100bc695 |
| SHA256 | 33c26dd7bdb02b0281e0e7265e2df82ffcf6e617ce8dd87b321d4744a160c334 |
| SHA512 | 450faa1e5f1eaace97fc7e91bb5b4a4bd1dd652cb06336fe51402b2329b452adf76115137e04b3ea43bcc604a102d26cae3268cbdead9800fcf06c9985f2f40e |
C:\Users\Admin\AppData\Local\Temp\nsrCA10.tmp\System.dll
| MD5 | 959ea64598b9a3e494c00e8fa793be7e |
| SHA1 | 40f284a3b92c2f04b1038def79579d4b3d066ee0 |
| SHA256 | 03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b |
| SHA512 | 5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_pressed.svg
| MD5 | dfddf8d0788988c3e48fcbfb2a76cd20 |
| SHA1 | 463bb61f0012289e860c32f1885a3a8f57467f2e |
| SHA256 | 9585f41eb6202e89f2087266fa31852d7f41ca8cc659b907c96753fe165f937d |
| SHA512 | e708c5114c60f7574589d6a56c9faedda26ee4a40f0eeb25f5e12eadcf790f24fdbf393fa0aa6ad449b5337d625b092d6f8822472fa8a6ce1339aca59c50c3ca |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_normal.svg
| MD5 | 3221ac69d7facd8aa90ffa15aea991b0 |
| SHA1 | e0571f30f4708ec78addc726a743679ca0f05e45 |
| SHA256 | 92aeae68e9e0973d9e0dc575941f1cb2e24afd0574341a46b870be7384eaa537 |
| SHA512 | 5e2de0abfe60a4db16ea5e8739260c19962fbfc60869a77bde6ab3547ad8ee3ad88e74e97da31fa23be096afddad018e431d152d6d0fa21a75357a11dacb1328 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_hover.svg
| MD5 | 76166804e6ce35e8a0c92917b8abc071 |
| SHA1 | 8bd38726a11a9633ac937b9c6f205ce5d36348b0 |
| SHA256 | 1bca2e912184b8168ee8961de68d1d839f4f9827fde6f48ab100fb61e82eff90 |
| SHA512 | 93c4f1af7e9f89091a207ab308e05ddd4c92406c039f7465d3b8aca7e0cc7a6c922a22e1eee2f5c88db5e89016ef69294b2a0905d7d6a90fd32835bc11929005 |
C:\Program Files (x86)\BlueStacks X\image\LocalAPK\close_disabled.svg
| MD5 | e7fdf6a9c8cae1fc1108dc5a803a1905 |
| SHA1 | 2853f9ff5e63685ebb1449dcf693176b17e4ab60 |
| SHA256 | 8ee5aa84139b2ea5549f7272523aeb203d73954c5ccdcf6f7407bf1a3469f13e |
| SHA512 | a6388b24926934e20ccf7fcab41bd219dc6c0053428481d7f466bf89f26bf1a36fdff716a9ddd9ab268df73b04dff1449c6bac1f5c707e31ae2ee71c2087e0d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff917ff7ce324ab7caf02887cc19ca95 |
| SHA1 | fc3985a48b4c2ea5487401f9a98b43bd16e845aa |
| SHA256 | 5667273b89f7a6c5b064f9315f6b8c054de50004ba87f0360533f977c7de3c0a |
| SHA512 | 8a5dbe5752a74df3425952d32b95f4f99a746059f8215f80c35749f06c8a5190435f5770c7c4a3577a52c4747c7f0d7f5dcdf7f5c792303984eb9e2d3dc1a132 |
C:\Program Files (x86)\BlueStacks X\BlueStacks X.exe
| MD5 | 824fb5970ee20c8205d0a128e610e2d8 |
| SHA1 | e2341a3a786de0898cef220e5c7716059cdeba20 |
| SHA256 | d1983c6f709e0a45d97182317d5d4a2f2ea6bb7533aa14e735aad51b54c02dac |
| SHA512 | 7ef37534d4626f53bc363de095493b53ef3279d12ccbd6e855fc8452ef2394746b27c935380fcbeba628b2ca29df3af85879668cf5a8c44a292a086261898015 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 19c3c41441b8f263086d9fe049327f4e |
| SHA1 | bf05febd598fab76933c54193ecffcb0333d22b4 |
| SHA256 | 8389f83a728090f8c805d847706dc78f053e34ceec4b3c3dc17aeec2242aed6b |
| SHA512 | 350400738290b8cf24a1802980b5dd142a159a9577f3f886c5815c701ae6439f4b574600d5f72ff5deaa80680700552d1e913cca3bf7b1f8b8457e022aee6c7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05adefc672f9f51e545dece2852bb572 |
| SHA1 | 76f6d86abbf26f22d220bc6ba26ead52d1851c0c |
| SHA256 | f15e704428aa16caf30c74edfd1882d714d0c72a716fa2077821783f0d3056d2 |
| SHA512 | ae391edc9ff68725dd044c9fd46a887e8c2d98a76b2ef85fff2fc2a8c7a2a1594f9f3afccc9d9c018ea3627a002f1d142c0ea375578721274fe9f49390fb482c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf5acfff7242202d15cd22ddaba1335c |
| SHA1 | 8c6371399cd7218a54cee2f494a21e28aa404ece |
| SHA256 | a22995ef0924cfa78aa32a327579750e53303faa6a62ca8929436741edd17054 |
| SHA512 | 1c4d4d8e4ba6526cdb43c38a8f4aa9516d9c5e1fd4ad977aa8a5e9f29ccf90e3e41b3fd564f4688656cdc14e5ea9d3b57e23dd7027c0d750bb8d644d28ba7c63 |
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\Assets\minimize_progress.png
| MD5 | 1504b80f2a6f2d3fefc305da54a2a6c2 |
| SHA1 | 432a9d89ebc2f693836d3c2f0743ea5d2077848d |
| SHA256 | 2f62d4e8c643051093f907058dddc78cc525147d9c4f4a0d78b4d0e5c90979f6 |
| SHA512 | 675db04baf3199c8d94af30a1f1c252830a56a90f633c3a72aa9841738b04242902a5e7c56dd792626338e8b7eabc1f359514bb3a2e62bc36c16919e196cfd94 |
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\Assets\exit_close.png
| MD5 | 26eb04b9e0105a7b121ea9c6601bbf2a |
| SHA1 | efc08370d90c8173df8d8c4b122d2bb64c07ccd8 |
| SHA256 | 7aaef329ba9fa052791d1a09f127551289641ea743baba171de55faa30ec1157 |
| SHA512 | 9df3c723314d11a6b4ce0577eb61488061f2f96a9746a944eb6a4ee8c0c4d29131231a1b20988ef5454b79f9475b43d62c710839ecc0a9c98324f977cab6db68 |
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\Bootstrapper.exe
| MD5 | b2e3067e232c3e7240e9f2fda16c32d6 |
| SHA1 | f024aaedda326285bd0a9a23fb98b616907812d6 |
| SHA256 | 43d8be3c07628b53a3b5ba65362a96a79fcb9b5ecc84b0c772d2fc0705d4cb18 |
| SHA512 | 166baf6954aa3423a5d24e3b396c054708defd1232f0e9af95b0b54ee5d8e63536b9b10f09a0595c8a8a6d96576c54271ccdf58bbe2184f87d0cf12da33e287a |
memory/7056-16628-0x0000000000440000-0x0000000000468000-memory.dmp
memory/7056-16629-0x000000001B0D0000-0x000000001B1B4000-memory.dmp
memory/688-16630-0x0000000000FD0000-0x0000000001026000-memory.dmp
memory/688-16631-0x000000001D2F0000-0x000000001D370000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zSC800A1DA\HD-CheckCpu.exe
| MD5 | 81234fd9895897b8d1f5e6772a1b38d0 |
| SHA1 | 80b2fec4a85ed90c4db2f09b63bd8f37038db0d3 |
| SHA256 | 2e14887f3432b4a313442247fc669f891dbdad7ef1a2d371466a2afa88074a4c |
| SHA512 | 4c924d6524dc2c7d834bfc1a0d98b21753a7bf1e94b1c2c6650f755e6f265512d3a963bc7bc745351f79f547add57c37e29ba9270707edbf62b60df3a541bc16 |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Program Files\BlueStacks_nxt\Assets\checked_gray.png
| MD5 | ce144d2aab3bf213af693d4e18f87a59 |
| SHA1 | df59dc3dbba88bdc5ffc25f2e5e7b73ac3de5afa |
| SHA256 | d8e502fab00b0c6f06ba6abede6922ab3b423fe6f2d2f56941dabc887b229ad3 |
| SHA512 | 0f930edd485a0d49ef157f6cc8856609c087c91b77845adeb5cc8c8a80ebc7ec5416df351ffa1af780caad884dbb49dcc778b0b30de6fb7c85ffef22d7220ebe |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray_hover.png
| MD5 | 62d7f14c26608f8392537d68f43dece1 |
| SHA1 | add4f30e7c3af4f7622e6bc55d960db612f3bb0a |
| SHA256 | a631e26bd5b6ea19c8c65b766a056c92ba8a47e1483768dcf12b05293c9a7a0d |
| SHA512 | e41210a78e6076954f75a2f73c0f7628e8604a09ecbb1d2ee0972741d4ef1d814b366828977c02944736b03ed116bc559a2ae47ddb7cbc6f4e54578c8263edf4 |
C:\Program Files\BlueStacks_nxt\BlueStacksUninstaller.exe.config
| MD5 | ca0a329097316832e4a6ea5d870c9268 |
| SHA1 | 4a36b93361d3dc9df9b00313f2c2b394be9e1e72 |
| SHA256 | 4b7df915d706af6459c38d75b09c5e14f951842ae0678078400f204ad1c7a7c2 |
| SHA512 | 51f9a874e84f130be4fa29fcc4bc934105318234b5dd9ceedaf569e3f0e6b38e29f3bec056044724476ae24295a510b16d8a737b994fd6f1268609defa315271 |
C:\Program Files\BlueStacks_nxt\Assets\unchecked_gray.png
| MD5 | e50df2a0768f7fc4c3fe8d784564fea3 |
| SHA1 | d1fc4db50fe8e534019eb7ce70a61fd4c954621a |
| SHA256 | 671f26795b12008fbea1943143f660095f3dca5d925f67d765e2352fd7ee2396 |
| SHA512 | c87a8308a73b17cbdd179737631fb1ba7fdaeb65e82263f6617727519b70a81266bb695867b9e599c1306ee2cf0de525452f77ce367ca89bf870ea3ae7189998 |
C:\Program Files\BlueStacks_nxt\Assets\powered_by_bs.png
| MD5 | 7a2e5c21140aa8269c2aafd207f5dbaa |
| SHA1 | 4e0d9e7e1b09e67eba10100d73dc51623517821e |
| SHA256 | 3d2afe5236ec813d9e8063bc43eb34b88c2155784e1bce19c6a533c32767af35 |
| SHA512 | 63f512559f2068a9702c7c527c126f6017cd8d1d16af52e41b884aa9a64ff4294a57243ec78c3a416f70fb6178a79877d68345357725ff92c935709a2ef8adde |
C:\Program Files\BlueStacks_nxt\Assets\installer_logo.png
| MD5 | e33432b5d6dafb8b58f161cf38b8f177 |
| SHA1 | d7f520887ce1bfa0a1abd49c5a7b215c24cbbf6a |
| SHA256 | 9f3104493216c1fa114ff935d23e3e41c7c3511792a30b10a40b507936c0d183 |
| SHA512 | 520dc99f3176117ebc28da5ef5439b132486ef67d02fa17f28b7eab0c59db0fa99566e44c0ca7bb75c9e7bd5244e4a23d87611a55c841c6f9c9776e457fb1cbf |
C:\Program Files\BlueStacks_nxt\Assets\installer_bg.jpg
| MD5 | 3478e24ba1dd52c80a0ff0d43828b6b5 |
| SHA1 | b5b13bbf3fb645efb81d3562296599e76a2abac0 |
| SHA256 | 4c7471c986e16de0cd451be27d4b3171e595fe2916b4b3bf7ca52df6ec368904 |
| SHA512 | 5c8c9cc76d6dbc7ce482d0d1b6c2f3d48a7a510cd9ed01c191328763e1bccb56daeb3d18c33a9b10ac7c9780127007aa13799fa82d838de27fbe0a02ad98119d |
C:\Program Files\BlueStacks_nxt\Assets\close_red_hover.png
| MD5 | 5ceab43aa527bc146f9453a1586ddf03 |
| SHA1 | 88ffb3cadccb54d4be3aabf31cf4d64210b5f553 |
| SHA256 | 7c625ae4668cc03e37e4ffc478b87eace06b49b77e71e3209f431c23d98acdd0 |
| SHA512 | 8a5c81c048fb7d02b246ed23a098ae5f95cdf6f4ca58fd3d30e4fe3001c933444310ca6391096cfaeed86b13f568236f84df4ea9a3d205c0677e31025616f19e |
C:\Program Files\BlueStacks_nxt\Assets\close_red_click.png
| MD5 | 6db7460b73a6641c7621d0a6203a0a90 |
| SHA1 | d39b488b96f3e5b5fe93ee3eecb6d28bb5b03cf3 |
| SHA256 | d5a7e6fc5e92e0b29a4f65625030447f3379b4e3ac4bed051a0646a7932ce0cd |
| SHA512 | a0e6911853f51d73605e8f1a61442391fad25ff7b50a3f84d140d510fd98e262c971f130fb8a237a63704b8162c24b8440a5f235f51a5c343389f64e67c1c852 |
C:\Program Files\BlueStacks_nxt\Assets\close_red.png
| MD5 | 93216b2f9d66d423b3e1311c0573332d |
| SHA1 | 5efaebec5f20f91f164f80d1e36f98c9ddaff805 |
| SHA256 | d0b6d143642d356b40c47459a996131a344cade6bb86158f1b74693426b09bfb |
| SHA512 | 922a7292de627c5e637818556d25d9842a88e89f2b198885835925679500dfd44a1e25ce79e521e63c4f84a6b0bd6bf98e46143ad8cee80ecdbaf3d3bc0f3a32 |
C:\Program Files\BlueStacks_nxt\Assets\checked_gray_hover.png
| MD5 | ea22933e94c7ab813b639627f2b38286 |
| SHA1 | c5358c5cb7fb1a0744c775f8148c2376928fb509 |
| SHA256 | d7c79677d2ef897fa0ad1efc90e916c46da29f571208f78f24505603b7165c20 |
| SHA512 | ba447a1aedec49419e2b4a8de85c6047886f1a5ebb94f1c45e205a3780c6826f412a3892e97115b35e43839f43e346f3c72ffbf0c57d57f6d26b360ae61b3964 |
C:\Program Files\BlueStacks_nxt\7zr.exe
| MD5 | fbaba140f30a11e5ff4f97d921de6d45 |
| SHA1 | d12360b79d9fe7ddc5380a22539dc7d4768ff5f3 |
| SHA256 | 4889c0826c633c0291264d37834363be90ee39d07fcea228494ed151386dcb16 |
| SHA512 | cd18bb1b057b1b077fde372ca5f98701614b196b692ac42ec56e5b839535022d884a2cd9b6bf644a520c6f48f12f673574a24e60580c70c695067b66442ea7a5 |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\Registry.dll
| MD5 | 2b7007ed0262ca02ef69d8990815cbeb |
| SHA1 | 2eabe4f755213666dbbbde024a5235ddde02b47f |
| SHA256 | 0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d |
| SHA512 | aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nsbD4E8.tmp\nsExec.dll
| MD5 | ec0504e6b8a11d5aad43b296beeb84b2 |
| SHA1 | 91b5ce085130c8c7194d66b2439ec9e1c206497c |
| SHA256 | 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962 |
| SHA512 | 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57 |
C:\Program Files\BlueStacks_nxt\HD-ForceGPU.exe
| MD5 | 94887c7bdec016cdffdd03df19429145 |
| SHA1 | 9a7ca11be6107954ffff2d5c11e9f629f4c165d1 |
| SHA256 | e38e6793bdf91452e06f049e848411f23e3cd581694b149c66da77be9ec7dbc4 |
| SHA512 | c54aa1353eb81b598e3fa11759072f26290de7c60510693ceb6309dfa29a8a6bc1d0e8cfb5e754a9d79aef44fe14e234c9c3141a064e9f0d6255ac6bbc806704 |
C:\Program Files\BlueStacks_nxt\HD-GLCheck.exe
| MD5 | b88a940f580970b240e23df45e70c27e |
| SHA1 | 73d8b651e74fb906da42b42f2c714610f830b6d9 |
| SHA256 | 277313ea55f808b207cd43fa39af1e5823028bd3d784d4268b70e4ca054e00cd |
| SHA512 | 778b535e6910c702f81d2375a76cc4ea8815917fb20042c421f5d5c2d71272e5af5e15241259a6d346000a88c587c08818efb07eaa38ae5bbcc281c50540b888 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-319519575871875b
| MD5 | d21f3dd9f43e12fac642e9852be7f8b1 |
| SHA1 | ef7ec9c1823debbb02011f71d6a5fd916274245b |
| SHA256 | bc1fb6d576a25ebc8f44b8ff747db5076cb5469e2d2311240ea5128e825046cb |
| SHA512 | 452db46d873b3f519845c06f79634bf28c29eec2aceef939179c62381c5f2d0fa56d1efba86dbd48d65a7fe0f07d7cb92717f0714da47ea69313edd6d6afd6fa |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | 61dcfacdd316400b2fe0b44c4864ac04 |
| SHA1 | fb3dbd6a5cc4120d9fc7f1a9500b9087a8ffb2b7 |
| SHA256 | 8ed17a992f4e13c902dbbc8ca848a547cf607c3ff0fb1422c2369afe0ff506ce |
| SHA512 | 53b12bf4acf744be03cda0509d7d8ff070b5b9efbdc7ed0db3d06c90e31fe2d4c7b0c13dabf322eb7c46ddf2af9783486a857d287bfa7dc0041c9ea1c280c84d |
C:\Program Files\BlueStacks_nxt\ProductLogo.ico
| MD5 | 169706218f98a42594a8c5c5a65771fe |
| SHA1 | b8ded94180212578d86a031eb71ef93dcffe1a26 |
| SHA256 | 3803045963af064936d7071c178de8e40854968b3d3f9171c57a182c869f3697 |
| SHA512 | 1c3f18ed0a24ffa78fe938826eb88531eb8be134d6f209b87d7af5d0e8c4829f01947d7b0048996b9755562bbb7f52e000bcd15d07d646cacb2989ac881ce448 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 63dbd0ff84a276344245246a6a40777c |
| SHA1 | 4ba1a96ac36240f6b8c42e69f2f7c309e072012b |
| SHA256 | d9214931ef7069dc76ac9a29cdcfdbc0e12d790df7499f0f1993a886b9e03d0e |
| SHA512 | 22b07a7b74d01f1a6c60b0af4b1c9aa3f49c3a7b7b573ab090e97c44a6d4bf846435c899778d528a08e1ba0549b091c73b158c81b9a7acd425f53d7f7b273630 |
C:\Windows\System32\storage.json
| MD5 | aa9ab927f7bc1bc84ada9519e58f9650 |
| SHA1 | a9515474d15f9cd43c4f1c30b2c7041d6c6b05c4 |
| SHA256 | 3cb23b535845ddd6fd6160dbb5fb6b14096161d3e632e0dc424a788875c85094 |
| SHA512 | b5bb47ea20ec20587e29dd3b6f8f68e7f8ac567e087b1e432320c3264769ae5e03b16693f5c9d4ba38a0c67d2f2a071b3ee7d104e75cbfaa0aa9342515f0085c |
C:\ProgramData\BlueStacks_nxt\Client\Assets\exit_close_click.png
| MD5 | b09525b48c0023f893d6b64d06add4b1 |
| SHA1 | 10ecd439ea04e02eefe17f6c110d0c0a78a1db21 |
| SHA256 | caa2a8fe9b282939a21b86f8f61fb0c9452222cc3409f06cbb0dcc45613aca8e |
| SHA512 | c6f5a7014c24133eb576708ca17d15becf2b45ec278b3f94e5275e47c78cf0f2eb8bb1a17d277d1a665039f38f2e25faf830e275f426b0a94c6a3da096b6204f |
C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_unselected_hover.png
| MD5 | 22efccf38e15df945962ac85ac3aa3b7 |
| SHA1 | b94a8615dc92982e1637680446896080f97c2564 |
| SHA256 | 0ec39ed4bf89a341f1b5aea56d0e99ff5c923b9c3a6a81adeb9ff21764136f92 |
| SHA512 | 41a4dbb57abed1a16aa84c72c202da461ca45cbaf68f69a10cb3e5529e8dff659e89f7f4459d1e2e8f3549c6fd51f23fc8422f86667577ebed5ab5df149c79ee |
C:\ProgramData\BlueStacks_nxt\Client\Assets\radio_selected_hover.png
| MD5 | 47ff3e4cc15b8c4a07e3ceb6cb619b62 |
| SHA1 | 0318e54c613b8ff00f54d843e90ef88310c1a96f |
| SHA256 | 4786cfb7c98edcf01d6b670abf19c50891d56a4de87b96a5e17be142b1af666a |
| SHA512 | 0212bd7f6cee390d3bc221a22189b75407fa660a0951c7f768645bf97e7b61ee86fa9b1de6f546ff1151560dcb3b071db8c14a7b08b0e771b539a817b31b154e |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ru-RU.txt
| MD5 | a7748f70870a0f2cf2e5804d05f433fb |
| SHA1 | ee74469bbfa6e5d04043dae2a2cdec1a777c5b28 |
| SHA256 | f74bceefe2a7e7d39650128096f9b97aca5e929fa67e451bfa8238d7b90cea34 |
| SHA512 | 122025652c05ba9336b339db79b925b781862a635cdb0c8d5db0adacfeb6e0e43ef85c283d417f119d8622640d0ed15cdc6d915749ee3cc1a4f89b062ae71075 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-TW.txt
| MD5 | 3ab7d825111b89950d8ca4b3da1c00c1 |
| SHA1 | cdf4ec4344598ca9593665465497d370a35aa178 |
| SHA256 | dd286cac4e14fe69877e4c2f35eab8352de125f7dc757f47e4fc8329572460ce |
| SHA512 | ac0c2dfc6a963a88657304c83d9f00cdadb5735f208571e72d43c410d767ff6c2cd05c4fcfeb5d4c7f8882e079608e8eeee8b1aea1e2cb6442f78cafaa8ffd09 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.zh-CN.txt
| MD5 | 1eee99faa98b0385fd8077acdf53e81e |
| SHA1 | 3191f6c03d6fd3b4db1944e3e7b3a8b85ef20dde |
| SHA256 | 7d245f9271426eb08f976a83e8b229e9a830f51674e47b6bfc2181716ec0ecf5 |
| SHA512 | d2c116c7c56d7fd6154c2ab856adccba5848ba1fe1ce5ae38fd740e388cae77f095feaf90d4161527a4b3c99c129374156f85033c18f3293defde33f78708691 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.vi-VN.txt
| MD5 | 2ffe813470cfedf7384207e61dabf1df |
| SHA1 | 1673c446a89a41afff299acd0f74b4df65cc29c1 |
| SHA256 | e666975aa6894c7d5230eb44a6ee85564cac7a51188ed05b77059beb60545ac1 |
| SHA512 | 3288001e68c5533ae092460d7bcb20ca42c37c04fbdfd412c1046ba41f0582ca3a135f136303125f680165c401536b9bacf6d6435e10ec1477d7f9b45942c34c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.tr-TR.txt
| MD5 | 2ddee14b7986e234a208189d650a2e4d |
| SHA1 | ab60bc9393258e556c7ac20a8d68f632ad44ea6d |
| SHA256 | fd9c690e597fc7d8b3bbcba7e39816087c424227f89bf3107da7d16d444fb3dd |
| SHA512 | 116d06a37e836d4f48b59aa9cf4164e1ba4abc081e62adfc6f3c8d112f46b57c060381dd2fc361fb83a162ab12f915408df193bdac405490e3014bc0effecc9c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.th-TH.txt
| MD5 | bfb84603722e804e4697a52285b867b2 |
| SHA1 | 5840e5e93319f981dc0f6df4c7d7be23547f6655 |
| SHA256 | 98f156d8184c10d504189eab0077aeac8687e1d6714d0bb228704d660e01446d |
| SHA512 | e26cc6ab7087a252471cd6233e3baa9d9a66c0a7a0b3703987b31ff4f91f89d00854d8d970f3090b2d90155d5eb5f724a096badddbc6a4dca7dd1a53fad6ffd5 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.pt-BR.txt
| MD5 | 162e3a28c1b32a605d84cc18a2998ec9 |
| SHA1 | 9c0a2ce21321f56a1ecc61879a9b2c1660cb4238 |
| SHA256 | 345f2c774e182f1dadf8dacb5539dfa94e33a4d3effb006053f9ba17db6c0f01 |
| SHA512 | d2377da38814cfc22950bfcc42545542e33ed6d4939ddb102d1fb11ec2ff019e53fb980e97ce9a9a9926c0d9665d101dc12655a1d67f506a1456e5b244ad50d9 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.pl-PL.txt
| MD5 | c61810a689ad52145f3b644b3e4b01e9 |
| SHA1 | ee7f7229aeea4a0ec6e18805b69d0ff928afbf87 |
| SHA256 | c5cdf3696ccd6e3e600483836c81b290e5270984fd7ca12becafedea42cd64e4 |
| SHA512 | 79dcf55c6ac864764fa4c614667053c99cd37f408b2b573ce18077fd09ba70877b3cbbd1f57b680ba6e9b5ed5a4d257f11d12c67a0b56dc9a099bf2584e0c393 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ko-KR.txt
| MD5 | 299768cf839ca0926344233731549181 |
| SHA1 | 773aa661c5bbc1a92a41b2f02e59bf1d78b4b142 |
| SHA256 | 883cf4af6b2124bb70f51d683c7a1f4b3cecccc4ea61163b8c4ea967155ea839 |
| SHA512 | 0de4317aa9139b415d4d10aba7f64cbfe39f0417e2d19dd8e69ada7d0915a81f71be242caebf5e019a2638d6d0457c042493c80ea0d24c2dd43c18bfe76dd2c2 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ja-JP.txt
| MD5 | cb5797745966bfbded96d28cf53e2f93 |
| SHA1 | 1cdc380338f076c608a4143cb685e4cab2bee916 |
| SHA256 | 25fbeecfbeec0b2a8ad45f8b7da31c4eb6fdbe413f46e75f40cd22d874c8f7c3 |
| SHA512 | f42ef0a3566f02a4487daf50725c186a0cd8c03850c569eb0cf4134ad2c2004135730ff8f672207bf12837980fe722c4581bb0c6c1eea5dcc9014da5719901b7 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.it-IT.txt
| MD5 | 444e991f12d84ad04baf6c8eeccc7a9d |
| SHA1 | f4bec5e01161d6f5cc9107f2cba325cc9b0ef325 |
| SHA256 | 4b1f6e0fbc834a783ab8230e678bfd1506ae6c18b0ac0a5bef1d8344b5b2531f |
| SHA512 | ff61397322d86f36a225e9be7444c643e2760a556311c97b230583b0b2788208d11f723e500c3d291d55d076b5cb0a52d92b50a8b1fdfe348fd61341b915f855 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.id-ID.txt
| MD5 | 7e8631459def09a456900fa9d3cba360 |
| SHA1 | b5204153e26b303598c473e7e92b01a87818787f |
| SHA256 | 9620d50148651dc75d3741eb12a8a23fbdeb5efc29f1be24842fc37d01b71f8a |
| SHA512 | f813863475538f763733b0668f3b5cd7d4b6f7132c1a9df3b4665907fe6280d6d8c9dd4f6e3e06bfee7f90a2a527f7cd66bd647f08b8203664395f31321cf84b |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.fr-FR.txt
| MD5 | 3809a8d9df2f73bd1b2cb6a727e3768a |
| SHA1 | 78f7f511fb688e49827105109e73affcf0447040 |
| SHA256 | a0f88af33c36c2fdb71b4ef157c1fea12eaf4fb30b0c51e4fd2a574d3529fa10 |
| SHA512 | d698cd445159fb2ee672f719d99c1feb1a2bf0113f8f5cc17233b2dc01771a8c1cf3a979788a91f02f6e8e299dc7c55e31e5bd3eeac4fa028a7693f945e29f6a |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.es-ES.txt
| MD5 | 412ce0feb5a656c908775da52043c31d |
| SHA1 | 54a35431dc77d66fde2c828f10372142926b4c47 |
| SHA256 | 7db48c44d717c50011a2fe2d8f5eb0214c817c7eef5bf1f656feb70270a53458 |
| SHA512 | 2209d911c91d21ceb44a8e9375fefa9b5ea55cb800f49f709a7baaa56d52a94f5711fce850d880394f6ae78d23d0e3f1a5727514b970f940d0b670e2e978a997 |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.en-US.txt
| MD5 | a1e3293265a273080e68501ffdb9c2fc |
| SHA1 | add264c4a560ce5803ca7b19263f8cd3ed6f68f0 |
| SHA256 | 1cb847f640d0b2b363ce3c44872c4227656e8d2f1b4a5217603a62d802f0581f |
| SHA512 | cb61083dc4d7d86f855a4cc3fe7c4938232a55188ad08b028a12445675fbff6188bb40638bd1ce4e6077f5bfc94449c145118c8f9b8929d4e9c47ed74cf7bece |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.de-DE.txt
| MD5 | defbcf66edf5e18b0b13c8062fdfeff8 |
| SHA1 | 8c807de19b131831b72325455f1bcc3ead0a09cb |
| SHA256 | a9d87275086fd2d700d588f45c3121eb6a75c64a2e6c4a8714a61032403cdb03 |
| SHA512 | a30e142679e942932d82fb8179a9f8ca2cd5882577de64e8e4c38eb84c99e359235346c35b6237133159288261b0f6e9032dc6b14f512e2a431f093187e1447a |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-IL.txt
| MD5 | 9fb07e066cc2f213a64d35a97a8c2922 |
| SHA1 | a70db989f5c562bc69caad89a1402c8ad7c9b80e |
| SHA256 | 65e7b0f37b5e2aa805ac8d57969804d803430186f34e9703ca9fa09ba908ef90 |
| SHA512 | 81680bff55b475a62a4bf29a8c219230b84894c1165f60e372209a5aacdba8e4819c3dfb76f3b55c15d472ababeabf0cd4b30c04e7daa26df63c8a5101970c3c |
C:\ProgramData\BlueStacks_nxt\Locales\i18n.ar-EG.txt
| MD5 | 7dc7a16b5e42818c9249db888ca17075 |
| SHA1 | 42f6b065b90017078fca7161cc4c26ae530dfbdd |
| SHA256 | e696f4f231acef534d62ec9d99a3f4fc7b74a1c1deb3f9bbbeb4e94194bd9747 |
| SHA512 | f2706e0bb348a691d3cdc9d05ff4f71979804628547a41386aab068b008fe4933b8689500b5e45abf6afa6b6f1db3024ade2846659b2664b37b724fac5416a74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67f72fccd12692258fb3ab7d7f553a24 |
| SHA1 | ea151ef3a8a46ab294ef72d37bc23a9450382144 |
| SHA256 | ca232befafc43f851ead900ca46f25824377ce4541d2f62f3d8d409906ce0f23 |
| SHA512 | 6e86dd34e269c37c7936c20dc7bbb2f5eaa2b7567afb4d26f794dbf2be89f467f8d8b7d9eb0e6f3eea192a58a9bf9357f0f99fafe40a31dcfa5b61f7d131dce5 |
C:\Users\Admin\AppData\Local\Bluestacks\BlueStacks-Installer_5.21.505.1008.log
| MD5 | 8c873d1e99c5484ee1d087d57ccad302 |
| SHA1 | 89d1be3d1eb7e56dbcefdfb3fb324eb2a9f13a68 |
| SHA256 | 372abec2e82e7ebd110d9f0f57369c00a221210a9bd81dd3029c0bb55d9c995b |
| SHA512 | 68b4bd75109259415e0eeab0d7fce92aecaa1d8515b342f068ee25e9dce53c441df928b3934943a0fa9860577f53616a67cecba31ad33fec14d3f13fb9a2f59b |
memory/688-18482-0x0000000020BA0000-0x0000000020BA8000-memory.dmp
memory/688-18483-0x0000000020C10000-0x0000000020C32000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98cd6ec131c9417b73a4e35b2fcfde0f |
| SHA1 | 270f1ae6605f1b95623b376488704d529beaae00 |
| SHA256 | 889f0ed55c9da154e4b02484e7078021fc09db08e9b1bea4a55a8be1d4b75460 |
| SHA512 | 17cafbcb02d075a85deb7ad887bfd244c95f428cfcddad8944dbbf42c5f582e14e63def2f4f7b6f7174b9dc913d71cd9363fdff01feb9683614db2321217c747 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 058032c530b52781582253cb245aa731 |
| SHA1 | 7ca26280e1bfefe40e53e64345a0d795b5303fab |
| SHA256 | 1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e |
| SHA512 | 77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8276eab0f8f0c0bb325b5b8c329f64f |
| SHA1 | 8ce681e4056936ca8ccd6f487e7cd7cccbae538b |
| SHA256 | 847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da |
| SHA512 | 42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b0a473fb3a1bc008f1da56fb9776b978 |
| SHA1 | cb577afa8a8d3f5b2c088b44c25c3f67269cefbc |
| SHA256 | 29c3270e695bdaec8d54359e203a337e4067434f2eb80610c3647ee1ff2b4d9e |
| SHA512 | 1227849e55a520e1c0a60c3e68fb5b1fbc8fac368dbd7d156218a9507f557820203ccea25a7ce823f8c32bd65714aaf19f6f6819e421b2adda8a7852b91e1499 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8035bb8c157d80282272568c54d3de7e |
| SHA1 | 9ee30c0635da62fda4b9d7d93762f6a3fa39e5fb |
| SHA256 | e613846cb13cbcaa533a0b13dc7655f6d5d0a76d864c38c21c27fd28bdcc5076 |
| SHA512 | 89ae15a87d448bb0aa9b687104e67f91af3b29569630d772fbe0fcd777e3aaffbfc9d5f5db48403c5bb590bc86b333286ba2cd0e25eac8e17e26142a38f9d0a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 28b259373829e514e0f26b5c6cf9637d |
| SHA1 | 6568734df2eae037b55f8fb2f4014b478f095106 |
| SHA256 | a3b7120d4a5fdccd166e56f8acbe537dbe9a2049f2802dd5a01c4519f0a2f0d7 |
| SHA512 | 7888274b4d70e9215015f2b8198aeef307bca74f990bbe12bd570d4f6d6b32cdba7f850826ed0e72590ce3ddd145c363f7da98f7183dfc9d0e5dc5c3eb6f94e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22f26aec434406ab154b102b346b9cc4 |
| SHA1 | 842e43255ecc29b3d0e85fab338e375d014e807d |
| SHA256 | f5f250e8a0f98e70fe74c7a26d8a68e852c7a8d46c4ca80afc083eb84fa663fe |
| SHA512 | a903abf9667501911b58a0ee806d4d0d4e30bd9a2bccac8c9057117d1aa1c87b9f18535359d85f6b7610e1be3c4e429d10c845d2e5eb53b8d7fbb8c79a2ec84d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31dffb583c3e5c4743621973c09bbfb0 |
| SHA1 | a95199124557f8c8ee45925cc067161b05413bb9 |
| SHA256 | 6fef3088bbd6b233d479348c995fbc75384204afa78cebf55d5394fb75d85aef |
| SHA512 | 3ac2440806b903291f11c123af76066b4a1785bcd723d9941409e92d9cce06f3642eb8912956d056f665fe6078f68f41fa646b98015254ef9b0fb5295501caab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 58572ece84e8edb56bb1b98bd971e730 |
| SHA1 | 12582eedde5ca9b0191479fc4de80c2a7713a93b |
| SHA256 | 2ad0ebf01646a78af804b098a11508ad77b973d6fa867b3559fb64948910206b |
| SHA512 | a85594e6b286511c5231506865a9f1c2b015283873f0ab1b0f707474236049330b5e0c48af3970f1dc64e2b94297f690f5da281935c012965aa8fd84f070c40e |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State
| MD5 | 2548e3fb59a0f01df691f8db28daba91 |
| SHA1 | 0f15608fe142aba95d76af18fb8e013372226180 |
| SHA256 | 7ac298ca568edaaf8a1e5c1a97c50401330ab7051461853b5b2e7350f7144272 |
| SHA512 | ed5a969935ab27670af2e489cab2ac8c178fad44de02b41737860b5ba3844185a88609af2592db4d3cd00f6f50c6cd4ddf06b42cb5ed8b533d7eaac5e11fb4f2 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\Network\Network Persistent State~RFe6c0a0c.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 142887bf474516087567552adc2d1330 |
| SHA1 | a97bbc61030e3d6500b39bb21dcf21ed68c6dbcf |
| SHA256 | b7a8a27b981fec42255d18d1dd2ad51cba631d9754b1cbb9e5ba6cd48b47a6b3 |
| SHA512 | 93d16fe341e1c66755ed2fd5236b618fedc9fdc99e09accd4cb04f61acb46c6b66ac5d6b50612f6237a535b267a329525edbed0eb044c8386c347a0ddc0e9295 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fbefac56fa30fb9c7c77fc0a0d76e7e |
| SHA1 | 8fa7d82c7bcd743ede973d5d49f317a6adf47801 |
| SHA256 | b3fde0e6c77418bd79c6b3a94f77ec74870609b1287d3b0eee8f19b9f91e95fd |
| SHA512 | fe57d76b8360595e0bce24653bc5a7124ea040b02322c3af752b52cf8532997e4ad7fadf9f5438358700604a9bc681484b2291a14e7dbd51cefbb3c8c607ad5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b3ced8535be59ba48f5aebcf3da29c5a |
| SHA1 | b217ada5dbabb8b25357958c5489d4cc00fa1935 |
| SHA256 | 718c498699961e634b4c78f8540c8bc7b896b9803a441a2e6ae461b3e7545709 |
| SHA512 | f3aa54e57f0a718e0ed373061f166265a4c0ec56a59f060c64b7ab9cabccc3ed878eaa49154f2d6a678a75909474852b56268d4f4a00e0d8fb9325d86b65b75f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34557dc23ae1a8dbacbe09cd3731441a |
| SHA1 | 35b944bae41438f945a1482729885278108091e7 |
| SHA256 | 3ba961bd191ce1f862cd89ff78ef15897634af6feb27f79570e2069172df3ad5 |
| SHA512 | f953b562ba934bcc8240f04c24b000e02f3676aeeb2c7f1ad9b931b9fad81a8f2ebed598985da903153e5f16e8e5e5132550e18a10b21c69ba6f867e8f81b006 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | aaad37448d78bd6a29d4b2467298f6bc |
| SHA1 | b6b7d37cc003215bbdc05008e38f09829cc6f614 |
| SHA256 | 187b177dcfa294c296f88813e2d757478bbc37cf1c477e8d2b25b72ef1a703ee |
| SHA512 | 77de1531ad45ba5c3489b6e01135b7f5acdb6023d05ea34b2178da879d04a623ec3bfad94b58847ea2d7bcca0bb664552b6c72822758a6e24c45e12a2bc4e22d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e7344035c473ce37db4edb860deaed5 |
| SHA1 | 73ad2ac42616517f0f004e772bcd48ceb2b36079 |
| SHA256 | c88900cf71c24f561ac8f4d7fb2757e4c55a3b23b77e8eb45cb407880626e54f |
| SHA512 | a5d41918194a0232e3555001a6f3d153aef4d07acf95df6b94bab8616ae4f21caa0e47717fc246d602015cd093b13e8ac5844d6a1401c65687f999b0a01982bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ef008e43c7e0678edbf2dbb8b86c0367 |
| SHA1 | 545911f619c22536ae0e00d408e9165f6361e4a2 |
| SHA256 | 74623a4bfdd8866b0421e669cccc5dfb42f7e3ab81d012f2c47b03ea47e516be |
| SHA512 | e37e610781136f2db50d3ccad02497c336d49139a4323b37a124e88282495c424967a5b420ce5fefcdfbbccb80af4799a5f063b2e42e0f4375d9b2ec3095930f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | f78557b4c28f732ef19489bc33fd1796 |
| SHA1 | 58ffbf40c6350d09f73a75cf31087739c1112429 |
| SHA256 | 959d9c16b3885b829793932a505fc0b198150db3a4f02dd4c0f1702223e01a07 |
| SHA512 | 00d7bca00071ad0cb50fff91305d047d450dcbe867b5d24b59316d37d9aad01800765662211de997746aeb34d1993d7e59730ec47badc7f77d40a1e1dbd5853e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a9c9bf8784b25abb234acd92d4238eec |
| SHA1 | 2d81e73e8a1fbeed3aaaf07f1164060f2a20d1ea |
| SHA256 | a5d6aa50a1997938837ab154bec42423056a558b78aaab921ac3343ca4d0578c |
| SHA512 | ae53639311bc4ab26c7a4769cf40f3cecb8c609447512341c952fbd69ba0b184f99237933a26b45d277e0281beb4ff667184b70867824af93510a75732f30038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1632a93eb3092c8a3b1196d55280114 |
| SHA1 | 20bc0ae8fe9ec46070f7e569fd2ef4bc9d7f6f6b |
| SHA256 | 3c987ef83b4fec24898eccc0e8a98fe747f26ab0186e774ab5cf4833227d3c7f |
| SHA512 | c1812a3c8f373cda5af7a05e8152f25fb701d53ee076bf07177690d53cddb5bb19b493f83c626a599d49e19786b9229f2801cede02030d0628f461c8a38864e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c8294751297e10a44e03c38f88b8aeb3 |
| SHA1 | e165a7cad8fc3655c48f5717aa162e80196c9d53 |
| SHA256 | 6028e6f5dfee379df5af9174693d014cf995cd0d8ce495eb51b87fbe8b12c216 |
| SHA512 | 65f123069535ae5adb18349f7ea29c93b756c1c0147e4ea60104ca9f51b8ac500f181de7f4c501ad5caf58af1709182db08796e96c748e2d5fd3560866c14e99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0bb94b58492325ef6c50817297fe8ef7 |
| SHA1 | 62f318da11220e4ca0fb15c50cc3909ba0903801 |
| SHA256 | 182a0ab4b9e671c4e5752ec2a232355f2de300678cfd7db219d40c5aa17d3ed7 |
| SHA512 | 2b205ded149ebb694ba7b5d6f87399d18e8e172e49e36fa8a3795838ea4eb87a071f8e37045da09e86129fe67630b98bf6048c5da5910fd47e5c18ddcf1efdc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4353aaecb68104bd29cce8eb91b1a482 |
| SHA1 | d4ffd104189c31c054224d1cf5a2181104228847 |
| SHA256 | 453eac4bffd871d132933eaa80cc931e160113177f5b629f84c788a266f56b83 |
| SHA512 | a118b666074569b2de2cc56c6902d425c75c6dffb8eddee6f1afe2d1b4ad8872d8ce3ee8c1433b677320b6b0b26a472bcc15ade8708d5a17c6dbf67d2cf0063c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e70887c81d46c064b49eaa8ad8ccb989 |
| SHA1 | d1e686ce8fbec06bb11ee02be785115af95ceaec |
| SHA256 | 2794db7cddcf345fc95e48a4e84a43aada22a9759ad9e45b1d2f16622e4937c4 |
| SHA512 | 2e72f9b44bf8804e6a0ed5f0b17659ed655bda821a9e7b8f1bee9a037ac15ce837f60a96ecfadae23250c7e5fe8ece44f62030aaa4a9b3ff34844ddc9ed624fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88249ae1cee8d23f38b85e8f030404b3 |
| SHA1 | d9934e7a04a60efa7944d3da6d25e20980dc6a2b |
| SHA256 | 8bd4ca94729fc02448c9c446221da91beee17297198017172892f80bf784823f |
| SHA512 | df2e15d0559637e40220b0c5913e94e4a9d45d38e3cfedf43e39a63ca4d81dc4873f3db265702d889225e5742f0cdfc0f90f0bf7eafe10a1cb60ec61e1830a8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8e972c936febed3bf6fc5585ab37a7c |
| SHA1 | e8fd91114b152823048b72265a5821e5acd8625c |
| SHA256 | bad430fd95bf9a9ea0f7f9d81d269231d0fafb47e2cfc5bddcaff970dc8967cd |
| SHA512 | 12e9cd1ab09cb033ef7f738e22ecc27a2318496c8a6dc63a572964a418d8a8d9522768f34f259ca517eee323fa0ae2f94d1aebce217a9e169240af87eb7acceb |
C:\Users\Admin\AppData\Local\Temp\NOXC20E.tmp
| MD5 | f529dd5c9109598721d753efaf306acd |
| SHA1 | 69aacdef7ebb9a1f974b659c8831a59107538dcc |
| SHA256 | dfd55944df560ef7d1d9bb058f03e0d80e53a9d4eca0461cd67077da25f680c0 |
| SHA512 | 689d35f0ca1889e52e55dbd50d5ae646ad8b52ad78cd76159a96508b7a4837c6d0a632584a462b4bfcd4676e7fbb62ac78d4b839874b5ed05ff36416dbe0c514 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f8366894-3244-47ad-aac6-d3aad0c8a9a2.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fd01ad1ec59993125f501d763d18aaac |
| SHA1 | 0cb578cc4798b0615e42d60cbfb615c74cc643b4 |
| SHA256 | f8b6c1472bb3be6826740d7a2677db7670ebe20d479a473d345ea6f819ee5139 |
| SHA512 | ca8de9b00cee6fce09df2fec02be55af7f9e01c634fba61b4b620971522eb235d3c5f90eaba9c5069a1c23749540ef9f0891486ac20036bb7b26a95346aa6985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4eacf05903594600b2f0dee48705fd43 |
| SHA1 | 537231535e4cdd76ce27b1854fc6d6ff19570367 |
| SHA256 | c9cd40d5e74946e379ed4aeca71a593882e608d39ca20e27e95e9f4db5d11d2e |
| SHA512 | fb44de0105502afdddca13de0b3bbf19e441c4c35565c1cdfdcc5da7e2dd60541a555a8c777a3f5bebe5846111d6cd8e594ed6034037b7ea4c452cc4a4b26fad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 06451c4a1fd13a59de74201e70e652c8 |
| SHA1 | 56c713ad8555389e57308cc3c9f5c52d084029be |
| SHA256 | 5c6fad4ff473e6922dcb16bff625de4e885b815e65d20c3a22ff6dafae428fd1 |
| SHA512 | 936f902d9dcc5232451e64dfb772b6799913103d7a81681653ce79ba8d8e1650a4afcab849677f24e0ddbe74fb987b3e69414c15ce8bf8301693a07eb99bcef1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f192c0713a58acda709e8297c96de521 |
| SHA1 | 3b0d751132036f8ebe120dfa3d0bfcbaceb5a207 |
| SHA256 | 24aeb470185f980956f4b6749cf415e3fc722184c1092c7ce9aace59583af2d7 |
| SHA512 | 17ee6b438f609cb5ea5d01855ce445ae4cbec78564adf0e5ae246c07a1720e7ad2a797818aab1e9c0db4e31f482dbb5244678d814391c98638201d6a9c2fedd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eb30408b4eb3fe0ede8eda0550c378dc |
| SHA1 | d2f23c719950e0e494ee37b16e57b75d614a1fec |
| SHA256 | 305d388f0a163b38e1a0303edc018e15baca6cdc64d5c8c17fbf3b59779706c0 |
| SHA512 | 1c5c6f7eb0266709e110e9e0ef020aee5c4a879c2e123aeb8ee76b2c03aa3eeec05a1124f73a237a4a305b0f4490d7fa81f1177582eb91efdee9de7003a11be7 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | c0aa63e0b4dd571e990d8f578023f77b |
| SHA1 | a8260a0b05fd7f35024eaeaf62ade720e8a0b237 |
| SHA256 | 714347b7352f69f10cca2f4098e59e3cfa3daf6ee1aec98e0ab77909330c96fc |
| SHA512 | 637d7a8fbbefe74d460f85048211d499afe0db01a050c13dd8337be41fe1091ea21db7128751acca5cacac38adec162bf746e40bbe77f1505c0c6c8ecb26e31d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c351ec079e4fb2ec7716c3057628b86 |
| SHA1 | 457885fc427293eecb3ff6d38086c53fb4098597 |
| SHA256 | ae15d07ef962f93685fecf41e0109a10b69a8e98f932833c4eb978314469a417 |
| SHA512 | 9cdbb1897f617a90baaa23ede74f2daec1f71807f4944d9238b585269818da912027fa9321cf7c0f4a78fe0ec348e97bc8adde71c3c21a263c30d24c84dd2d74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c7c458b90e104e444d6d9d89ace5a93b |
| SHA1 | d81d614810138fe4c7151c4fa24936f270f05a93 |
| SHA256 | c5efdf39a5d017412c8901071cd707228fc9ee7dc341fa126137c8fbf6c5133e |
| SHA512 | 2974be57537954d2fef40cd1a4b81b1f525ae79f002168827bdc1160c17911d8559e7f55cb02dc3af0ed822faeb4893ea5036d62a15b577355380674a3966fbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b4f13ec3611a1cee6b8bd3d7f12cf3c5 |
| SHA1 | 5ff4498dd34f71ea1e3e32ec703e9418082b2860 |
| SHA256 | 92e79bc2c8dd1e6075827e8a3cad925bfbfebb8ede191178fcc35e36c1102d5b |
| SHA512 | 96c823af2dc04615b0d425608fefa08be637ee61c9fee79d8b8c36ee9aba8751725c0fe858d254308c2e0eb948dcdd1fedb09c6bebcc6feb503af72d05d106b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a6e79b94343ae947384cc68c41cd7d85 |
| SHA1 | 3a393df83ae57a1976fb23db4c60684c3ccdc716 |
| SHA256 | 32fd840e3005b95cc235bdf7378914307c1b15a7c3a6b32b19613983f07c8a17 |
| SHA512 | 6b97115c4a5da4c332d7da0314c72a76aaf898670364a8ebe188fac97347d03c264237de29e48ff2082531b6046c76e2f680222cf0dcb99cc0798e4b401dff62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f19193fd9341f4e7a5ccfc19a52b3928 |
| SHA1 | 3120ad72bdd086b5c82ed0e1772bdff774a86855 |
| SHA256 | 7499505a10e15dd4ea4390ce2bcd3c779e50b391809bba1785e7a65d51299d38 |
| SHA512 | 8cbf28c792d331d9ba2215146a4bf48e6d1c631602f57c2c42030412608406f9267c7c60ed2ca7c735c3a2033c480e025047ff3eec74e39b5491b237d4e40fff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9661431bc513fd54933551afb1a4b2a5 |
| SHA1 | 88421c1cc4bace75269d3c68f212064b44e217bc |
| SHA256 | edc0530193db06e022bafc276b3e1919adb12a6959c953a5c9fc69d339f35a68 |
| SHA512 | 6052436e2f5036c4c6de7a4e0859fee23a17199d9255ca2070604a58dc08596c98a0963c5ac9052e32549397c055602edb33e5a2d108b8abead2cd097b35b35f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eb66f8e7123c5dcdfd4d49be19ad06ea |
| SHA1 | 22a87ee87283c11a6342fcfa3d60f199a53da705 |
| SHA256 | ae19c9cc29f037710cdcfd997dd47b4c63f466f98e891281fc7855f3ca6db78c |
| SHA512 | c3483b567f0787093c0fa28738c166741f0f6716d6f1b8f64cfbbfcff1f96667cc55d2a6493435b2eb437845cbdb25c7c0c90dfb237db65faa3a8cd7b42b4a38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2fe1e10a3b3487ae4f99e3f7a9b9b29b |
| SHA1 | 594b604d5ba1db73a09e95c23ddc3a3dfe70db44 |
| SHA256 | 748b3ab07a1bf4c53d304e3172b7834842de0072cb1aac41a524605c46c13be7 |
| SHA512 | d1ee81daf3dc4d5be29313bf1e08c537ec4d862a6bac11731ccf90a6aea4b22bd686dbcce8d98ed66f85bfbb28c44ff0dfb019f24894f357504504948831c866 |
C:\Users\Admin\AppData\Local\Temp\NOXC21F.tmp
| MD5 | 90d2edf41c693375a6246787ab76987f |
| SHA1 | 874d1df6f6fecbf714881134283af3005a1de431 |
| SHA256 | a1e348fd9ebf170ee6864f960c010fa89de32d992c6bd52c3960e7231ba04b74 |
| SHA512 | 41f5028f4c0a41686ab77cd09770bfa38294d599bbc26db9c2591592f93f9c935ef0d0ab8b1a7a7fd83aac74f859a36b169d5ab59f484652f09a0f854cd3d4f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1fd3aff82c88b6400b2da1eb9c1092e4 |
| SHA1 | 9292d8b9882820f3439354c3074f0cd1a579e831 |
| SHA256 | 19bf19d47131896676388b818efa999c20bae8f9ad336b79793faac1a0186025 |
| SHA512 | da114089fb878588f0654b622f2a6e6d156c37cf6a16ce637903d61014121aecfdf23dbb5e2374449aa096ddd62b8c13fc7a01e8c3322139264c6f0d60733543 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\297ecea5cebb5dfe_0
| MD5 | 86081cf32a877d4497f91e6df902bc7f |
| SHA1 | 75a843835c9312446d336c1703884282b6ff7815 |
| SHA256 | d8c1a01e70cf72f2d8a5c4ab1c3043d715595bc2315c9a82c7e2c151a69fc7ed |
| SHA512 | 0651d243801dd5c4e1b4bd21e4ed8da5553dc7ec967e17a1519c9ce36beba4b0d443eba7d5bd18f7f485229d5a10132babde9eadfa77dbee3219085869155d38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0
| MD5 | efa31ecd35b669360ec3a3da4bd25536 |
| SHA1 | d87f3c3542557e8b4f9ba8c3932c3aec310956bc |
| SHA256 | 08c22b1c94d3c731d618a9dcc2c3e19838446d1cd6fea6effd5a2b8a01e3759e |
| SHA512 | 2616665d838b773cc9bfff7ee9592d015046bf6ca0e3b22f467234ccaa905d2424beaa409b19bef75d78ca68b27e85dfebbfd343113b09e756aae41709bb3613 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 537626c83cf90ad06b6d9d374d52cd78 |
| SHA1 | 6881748e54a2ef43ae036b6b75fbe5ece9e712bd |
| SHA256 | c5a94a9c4611fe13991a7d41f385672020fd11f99b400eb5a070049607512d55 |
| SHA512 | d466cbf48076fc0c61b816bc3bcba1ddd8463c5ceb40da1611247a4b13ffefa740f1e84d0bab5e478cf27f56c92ef606ea0ffdb4f7b770cfb760bdfcb9466512 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 859e1ed3e95f5d16a9f226a7e2da9338 |
| SHA1 | 0fa3d83d0e5a0856a8d78ef869b0ef6d55726b3a |
| SHA256 | a96d3d3efcc1c7f2d6cb1d62a02e902f873bad4fa1ceffd076452dc5e0728a48 |
| SHA512 | bf161912675c2b6dfa9aac88727228b282843d112bd85a5e15d680cfd66729d3d1f570927292e6a18b46b6a306a437c13d657d692a1954df17c7e3becd53045c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 528c61501597b6a4e8e8a55ad4a6ceb1 |
| SHA1 | 0dde4723b6c52670c0b63d36dc12762afa299b06 |
| SHA256 | 693a4ab3553554cdec54a86f86df8c65c6c69c33dd998bfaa74ca879797ac5e4 |
| SHA512 | 2e3e340611213c7724092ca9dcbbdcff26fa4ff587bfb17cc0d38171158af8a8ac9d41f3476070b832a7ad68e1e7312229b3c37dbfbe9925ceed2fe7c79dc549 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 328b8bb05b2aef0623caac454fa4e762 |
| SHA1 | 92ab0f2ae81bcc23b9e2d0d77f0c22171a655459 |
| SHA256 | b7a3032cbf529be67e493354e2dd053508c5a3e8e60b1df550c6d0aee16030da |
| SHA512 | ee85a2fddb9b964b377a5db6d5806e9b05c01946411be2ba27da474100f4e0909e12bc0370357e671b31b164f17573e9e1484f01c72d89c5f428f373bbb5b56a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000133
| MD5 | 631c4ff7d6e4024e5bdf8eb9fc2a2bcb |
| SHA1 | c59d67b2bb027b438d05bd7c3ad9214393ef51c6 |
| SHA256 | 27ccc7fad443790d6f9dc6fbb217fc2bc6e12f6a88e010e76d58cc33e1e99c82 |
| SHA512 | 12517b3522fcc96cfafc031903de605609f91232a965d92473be5c1e7fc9ad4b1a46fa38c554e0613f0b1cfb02fd0a14122eaf77a0bbf3a06bd5868d31d0160e |
C:\Users\Admin\Downloads\Unconfirmed 464713.crdownload
| MD5 | 757987a8437039276dad42102cba8f23 |
| SHA1 | 9a1ba7bdf9ecc849525bb099bbd9d277dd46da15 |
| SHA256 | e3e2b21dee0127cb9ea06ae7184665284d36413d38146c252bf6fd8812e600ae |
| SHA512 | 9ebab1a503184ce029c319413c4c0698ee3ae0a71d3363f191b3464f7ab7b35d561c36489478bb481c734974ff3f469f4e3d5e0c553c7af88341dc2950af19a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a04bf8ca832dd19c284f861cbc16b3a8 |
| SHA1 | 8f8864e0a1da936c58b150aeb8078f81b59e605d |
| SHA256 | 25248cbf3d105594e901bde51a32c47df3c2728fdf9db8e3c0642e978ac542e6 |
| SHA512 | 18dedb5c63277d1fbff624f9706b050be1073b57727aa0f1942b66be8edecff65369d326c2a8cf170588b04c073e3d32220479a4c61f87fecb39819e38fd34cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 261985b198103c8c5f4e1a25da237247 |
| SHA1 | 2f19472811ecc9eea86fc722e5fe83934a75945a |
| SHA256 | a21a4402417c97b2af0bd2727ce35cbd480e9dae171b16222242b9e84517cf3b |
| SHA512 | 05a5380fbe0573d35bc5326eaea98ee4598b8b8349c15c906f78dec16fe721bd1667d3db9d07d24197c808c31ba09b7aa5f92666d14ad8bc0a49f6ea86b6f805 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07c70296f31c19d50a42311d5cd58068 |
| SHA1 | 709ac45f7baaab38b745810285f470a56c2185c8 |
| SHA256 | 3573a20ede18a6ed24cbe69e401776d770b9238f870c8705d545303d9cf58314 |
| SHA512 | 8ee4f004b4bccde53feac576622b7023d6803ea83fa3ec554b364ca62ceba53cfc75e426450e6e11f2d6a7e094404ea2a0a68c85b1c792aeefc612ace4ee64f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8f1365204c30a317c58696780775dbb3 |
| SHA1 | 744cc4ee15f8754b6300f4590c67522fa75d0abe |
| SHA256 | 6fa836af5b6c445cf16316979f3d8063ff0cb64c95e58fbfdff34cfd00ae917e |
| SHA512 | e0624f3231a3b11b318a07d9b159bb60be5be6a2204bb75f3ad2eff3c8d0bf437b26edd99362cfe8bf65e53ba24a97f41b9efba5454c2a6eac3e6cdf4c5bd81f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fa575e6fd2d3904087f4a324119956bd |
| SHA1 | 3a937480ed85aacdba7cbf60f814c9355a60cc9b |
| SHA256 | 21b74065accc90d9540184e7061d4f39aee7a68c70a6f842bf33add5d2d4d8e5 |
| SHA512 | 01bc6d433c11f0c6a8e1ed2e12f09f5ec8387b77f8b52cb99ed0ff5d76e2a4b0ae0213d125588f8331a4f3706df276cab25e1722b50c1562ee5cccbb132739e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000146
| MD5 | 05e9679509b61424a07cc4d4efb7247f |
| SHA1 | db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81 |
| SHA256 | 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b |
| SHA512 | 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000145
| MD5 | d9d4968d58186f2b73099229140910e6 |
| SHA1 | d15ed09573302bf84c5e25998dd0d130f8dd7a25 |
| SHA256 | e42d4e8fbc0fc3db0617fdb9901dba11bfb126296dcbf24fb8792e2a61134394 |
| SHA512 | eb317fb19e4dae070b64af4c1a153859803bb2d831e61ea2f2e190e35ce062029776fee11708d59bf8599a95d9d278b054af9e33df5113e30bd028e0d2a64761 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000147
| MD5 | 67e59a06ec50dcd4aebe11bb4a7e99a5 |
| SHA1 | 5d073dbe75e1a8b4ff9c3120df0084f373768dae |
| SHA256 | 14be8f816315d26d4bc7f78088d502eff79dee045f9e6b239493a707758107fe |
| SHA512 | 6364515e92ed455f837dcc021cc5d7bbab8eac2a61140de17ff6a67dfdbbd8fbdded5ce739d001a0ba555b6693dafdb6af83424d6643ff6efddc46d391b21d95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3606211ed32676d5d9abc56b0ed84310 |
| SHA1 | 5028041f5a92cd72bd365ac35c66e47f89f4736a |
| SHA256 | 7e0dcb5721eb2241775596d9d12f1b3623e1f0446274db5c84abb2487417b9a2 |
| SHA512 | b0d2234e36f32faa929e32331fc207f381980351d230531f93b23ffe2e3d006ed2aba09c5bf6d0438ffac399ad7b2ca2258b11b12f1d1ea372f2674742a3656b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6304caf8189e5a5d04c40f62661cacb5 |
| SHA1 | 6a5d9002943bb34b1c6a8033913d1a946b7580f7 |
| SHA256 | 9314ba21253815388bf7eb22c685fa7cb6498f6d2406aea98d8bc48838c8e575 |
| SHA512 | f26774b60c997b40549f61aedd171a18637cb82992540597d4b47fa8eb64602c70f79092a759237066fdef9a9f1d74b187d24b55ac4b47cbd1cbbf271c57c012 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4615a1c70b54e49e7604a2e6dbe38edb |
| SHA1 | af61e883a057c3b1c57441722118dfd71d29b41e |
| SHA256 | 1c8d5da0a7936886e16118794cf258f91a551bd50bd69497e182683108d3fc83 |
| SHA512 | 185a122cfa7d4d17f550c251cffa5377596516bda7e30b69ac17ebdfe293201af09c63d91f3901e0bacfed38dd49399998165ca7dd202508d71c580db355d831 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40c201aab400feb2a32d0686108ea4ff |
| SHA1 | 77ea332701a627d23cda0899aeec1fea052a7fe5 |
| SHA256 | 0389b58fc62d686381347131a0b7bd78e367bb31914e985e4e861664eb528b90 |
| SHA512 | d0bde7a749d4c86f1dc591c2e5564e65e372f59fed3a0def6301e79d0326564d6e7408ac0e8c94dba20bb323cebec8105f4169c46359cbfcb1bb0a64e0e757f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 99f91cbe700cb36357e51a2450eda313 |
| SHA1 | c62d7cd32f06f08c4181f4a6a980e6511065df64 |
| SHA256 | e3f15cc88bb5eedf3434f1ebb96bdcac94719c99488fac0cad96f7afdaa5d460 |
| SHA512 | 8f47aaa5b58e4e92e390c11bea7ac89ffef08d4ddcce7e58c0b5d448bd2b699f0ecadc503d754871f2eec56963601cfd7fdfdd59cb1cdc4e51baf86f868a0de9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0168423721455b97a54a5ae9c6444015 |
| SHA1 | 7a90948b2764bc12583f6b1925f835152c820216 |
| SHA256 | e67579e02d4c272be2183d359622701291b6d1e2ae9422e12ee70f799656142c |
| SHA512 | f9634fb1eeeb477e74f41bad2e5dd368746252d002318b00274b8b58ee4288f1077295f734f4ddda56d904e65cd0de0d17f4d7de3be8056f8c44e458341063a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | edb1154215dca58a9ba3ca646d5b077d |
| SHA1 | c862d8d90a856d3bab77258755ddf449647d9423 |
| SHA256 | 8b83381ad0e5e63ae48d19e9687da53da9c1cef3990a86bf163937a381320d06 |
| SHA512 | 8df6656f73c6655a30bc9b194c6e72c26e0a0dbc3674b48f2dea8142b40248fcadb6759f0f03aa3373c810c705cf08f781a21ba5fb2a696d5be499657feea429 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bf420be1-50c5-4925-b85f-f6df82c13ff8.tmp
| MD5 | a123aa97f4736a7e8c86e4ff302e2a43 |
| SHA1 | d6e1874f3b83baa816a858bf90d1b3329f0e98a2 |
| SHA256 | 8a989326c721413b89ffa227b4b59a7fcb7eff7b30510061428eabcdd15ee1ed |
| SHA512 | e241157bacbe21c32f43a81f1b5ce3eddd14f870772da8f686f8ebe366e4c633d585d97bdbc40b29cfca072c8b65bfcd5ae0def2aca76b29d34536dfac935b40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 19b8c7100c161b65398fe065dc5a7c73 |
| SHA1 | 1883f6e8c0809ec9adefcd6ff2e23963011b5cc2 |
| SHA256 | 6f08aa2f4813c738addc7694b045c7656f2d057cec1dc97814fae2b617501043 |
| SHA512 | ede7cea87f516982bc7e3206df05be8cd8a3f799ba4e4cb910c8ff0227dd859e90e68fa79a2fdb99dd85d0f60c4d42269bb14e9e199c82aadd54b9766597760d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7654d14284ca5fc6ff026de9103e6f7c |
| SHA1 | 78e8c04494c7fb38509c6b68b4bc7abe42c1b587 |
| SHA256 | bdcf2b597b922e613c3ea56eb4a88b87647b7c866cb0661a8efcd5dd08abc004 |
| SHA512 | 0ba166f751a811b0f614acfdb79af82db5609d77411af1179fb05a5aa2012f88fd63cbd1126a45371107f6a459c312cf73b57ad41aca7e8d4b98bdb17366c7c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea67222b4b434b891bf82657cc3ee9c6 |
| SHA1 | 044b9e178e66186e0b18bf41e7094fe1452aeb8c |
| SHA256 | 815ec8a290694e483f4249c3d13213313c14f38ad51d2f5388d2b0c161f0b88e |
| SHA512 | c5f38a4a905ac6192241df1c4a94b43a26c077b1d87c44c6a78b91d09f78ba8dc48e625df8b642af8ed215590bd3e54cb2061dd15f0d564208ec3bb111ec2fd6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7a004a01d398177c219dc381111ed25e |
| SHA1 | 9d8b85fce4b61c9c703889ebbeb0f5a9961e4058 |
| SHA256 | a269f4edafdcd80902ee0dda76bcfc5ef0b996f57e964eb64e1e2550622f11c7 |
| SHA512 | 919ce1aa279a92470ab359cad266f13e59009f352ca6f62f17b2bc3a4fb77dce2a03818e4f10da0427a6a4ce233f0e1c87dc6283223d7e064b793a03f4d85931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ed83b50dca5facaf5f6b699baac8a512 |
| SHA1 | f172e85904b877fb49c63550d4a9eadc22b5355a |
| SHA256 | a16c8f1024e8442f485c578f52d853c070ce8299b0b366db514306550a1cf6fc |
| SHA512 | 139c81f9a00f886c6f2b7f6ed880b18b2394391c272af91aecbc08eadbdd222443de3d374f880c54c4725f5f4a46d8b12133340e3078385abca374ed3d55d5d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c735d4039825c80b_0
| MD5 | d85ab9d13b594b9a403c1bdc50b1cf8d |
| SHA1 | e614b80bf9103c4935bfaa0f1b3d9e8dc9c06d92 |
| SHA256 | 210ad73728bb8e499fe136cea9b4f9f5204cc8bf813cdf412437eb9c7837ce4c |
| SHA512 | cc0f99d2a096415d4f0e7b0da4f0bc23eca251fb5747d99cfe9ad3366473ab2571aa2ebba975c85fc2d4a849cb4a427a4515503bbede6d305245fd84b9be11cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\07b8e8f5e5ff414c_0
| MD5 | 6edff4ed902817c4830610076c1f0f85 |
| SHA1 | 93b61c09ffd8b6d2c9668c49d146ef52e3cbce9a |
| SHA256 | 4cc65a247e2d45c3ad3b1d00b392d7623a764af9a49518a9e220908d3a9675fe |
| SHA512 | 0aa98d227efe8668b133ad98c218c7822cdd14faa2ce0b3f1772a49fe4ae742ce7db2bad84db12bba7278ae3d6202bc0863f866ad4515f81dda8d3c7f5826b56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31b3c84c63a86be569f45ed9c083ce4c |
| SHA1 | c20ee82741b191fbae6931844a9d648b665e81af |
| SHA256 | 96b102a84cb182ae284403270263b95e76af5bba6e6e1dafcdedaa0ec879adf8 |
| SHA512 | b43d52a7a90dcba1b58358c2d5c499618421223eb0a02bb5616437e3471fbbe8435333968cc8265b78af0e558120e81d3ff15b2e6e6d8d34c8acd9a79d85ab77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f863fb18ca5fd5c3f7e463201f4998e0 |
| SHA1 | 0c061eb680fe0becd05cd2fdc00179e4caf5dea3 |
| SHA256 | 78150273aead88baee6800c55dfa1c2c51a16a24cb0234bd4d7b3e4c0e709d3a |
| SHA512 | 8c253b2ac08e3672df192d12692134c22e5eab9f2f16488a53ce71143d9061a763cf7d7f84586ace7adacb074c21cd7a09039a1ca1bbe203a1a06e4b6529d3af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 497fb6ccff4a3ea992914d543b72d079 |
| SHA1 | e962f455676a1dcdc547e193cf61e865dd716b5a |
| SHA256 | 444e995233b118ff1560ec7f293be9a48d317beaa18f7c01c206bb28153e1fd8 |
| SHA512 | b42e194dfeb8dd020acd067140a5e2b104e2739418777be90d288bfb6a2f4e56b24d92576d9f45d0a0ad18641363e9083c9c0bfd20b69cb7e5f5b286bd1e97f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3a11237df5d60cb82a360c4651ad51f |
| SHA1 | 5bfbba69f787991553d1ba1bdef3365763a17e9d |
| SHA256 | e5b843ae673703078b37737e4cae09f75c6b30ac560ba2349b06ada18410c759 |
| SHA512 | 9dd9e04917925d46dbf9dbd89065c37a842836bb2d4cb0b0d31a7a1a4451ba0f2d3f4473116d2505d76568a98f2a7eb0b74020d25dd1d1576041942c99a4c5ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | abe16bb1c393c87b95b47d82980d49c2 |
| SHA1 | 56507619ac470d4e8b6a3788ffce9313a5552a45 |
| SHA256 | 980bc0337f27b20b217f5418e33f67b3d201108b2ed4aa3e5ab1e4db2a19092e |
| SHA512 | 01550b67b233ab4feee15fb108c9fccfd3d006b59615c6836738820efaedc1b65cded370fd2e36116982904f0d7e7a5218315481dc7ac1b0fe079478d197ce59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c1115cb82125317df44645d578b99301 |
| SHA1 | 5f9b545a20a1cf6a8fefb45093fbae1fcb6b1a70 |
| SHA256 | 1f628bdae9071284062c8d8aaab901ace34da18a8464bc61541cdf199b59ecae |
| SHA512 | 86bc5735baa6321dbc3b310cc96526ac4418099fbfdafbd9b0e5423f15cd3390077a2b186311e55d019f2f04f64a6198de84580109c5e0f4f7d153462c8ddaf4 |
C:\Windows\Logs\DISM\dism.log
| MD5 | d661c93dd85314f6eaca02e374573e1f |
| SHA1 | b8309d0d6cbc47f27af1a70062ef7d744fe0d8e9 |
| SHA256 | 19727456bc0ac613e35e2be08ffd553f1f73bec931c42ffbd0a09f3f7bb8a3c1 |
| SHA512 | 5899cb85b8847976c516d003d9291c13977e1fd3b864009896284fd1ce21b9e9e0c7d7ea5d225b9b590631cc6cd4b8ee066d27ae16b98707d59b993bced0336c |
memory/7228-21183-0x0000000002EA0000-0x0000000002ED6000-memory.dmp
memory/7228-21184-0x0000000005990000-0x0000000005FBA000-memory.dmp
memory/7228-21185-0x0000000005830000-0x0000000005852000-memory.dmp
memory/7228-21187-0x00000000061A0000-0x0000000006206000-memory.dmp
memory/7228-21186-0x0000000006130000-0x0000000006196000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_voeyzcts.qiw.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/7228-21196-0x0000000006210000-0x0000000006567000-memory.dmp
memory/7228-21199-0x00000000066F0000-0x000000000673C000-memory.dmp
memory/7228-21198-0x00000000066B0000-0x00000000066CE000-memory.dmp
memory/7228-21200-0x0000000006C90000-0x0000000006CC4000-memory.dmp
memory/7228-21210-0x0000000007880000-0x000000000789E000-memory.dmp
memory/7228-21201-0x000000006DC60000-0x000000006DCAC000-memory.dmp
memory/7228-21211-0x00000000078B0000-0x0000000007954000-memory.dmp
memory/7228-21212-0x0000000008050000-0x00000000086CA000-memory.dmp
memory/7228-21213-0x0000000007A00000-0x0000000007A1A000-memory.dmp
memory/7228-21214-0x0000000007A80000-0x0000000007A8A000-memory.dmp
memory/7228-21215-0x0000000007C90000-0x0000000007D26000-memory.dmp
memory/7228-21216-0x0000000007C10000-0x0000000007C21000-memory.dmp
memory/7228-21217-0x0000000007C50000-0x0000000007C5E000-memory.dmp
memory/7228-21218-0x0000000007D30000-0x0000000007D4A000-memory.dmp
memory/7156-21221-0x0000000006220000-0x0000000006577000-memory.dmp
memory/7156-21230-0x000000006DC60000-0x000000006DCAC000-memory.dmp
memory/5716-21252-0x000000006DC60000-0x000000006DCAC000-memory.dmp
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c7e686fb9e367c892b0e02ced29d6fd |
| SHA1 | 139948e72afad1ff5a7299ebf2ba60274f764b05 |
| SHA256 | c27549213e492f98fc210b66fb81c8309f0e76ba6678b74703f3086f55e3ff46 |
| SHA512 | f64bded8cd2e009d90aaf5a22d546309079e20736e3e0dad4e5a4c61633d891071831c5cd7d514a8b06be0f5ef6702ecfe042f69836b2c955b0c018df05e2627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eff3e36bf41f146c_0
| MD5 | cb82ceeeb80b05b91e5122fb8caf3c7c |
| SHA1 | df238ee8851812d40c1849294054ca7e442ddac1 |
| SHA256 | 95b3c2dfcffedb0d60129a6be48768eff50eb1595f725b84828cc178894f55c0 |
| SHA512 | 4b49b97db35bd0714876fcc793b9dce73c6124d38964e90cb7e5c33b626962848863ff1c3a3c3e290c0d569afb6b3fe6a6bda35f7cb8b77e8de9c37a77a84259 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\afae69b7335bcc0b_0
| MD5 | 708c3abc8925ad2aef01950b991f221f |
| SHA1 | 55507dd39bc71ed017431ef9c3e6d321972525f2 |
| SHA256 | 01a4f2f61164e1800303e842caf1f07e27e1e47588dc8ec76e584594c768ec7f |
| SHA512 | 0e52f00d7fa7a75f2ced743357d73ee5075b249b2fdd10c2cfcec71e6c4822116fa028b01a21329cb1a2e3438bde767c70a253b7aa9bd59c2c2d62537d308af7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6a4515880fef6869_0
| MD5 | d45c1e74cae7fd3f34a0f7151f857557 |
| SHA1 | b9f4b25d0483d35c2d11aad188c5e759017cab8e |
| SHA256 | a90afc092c82285c94f6da49d90e8ccecaffb2d09b32d1b84c6411cb24e8b369 |
| SHA512 | a19b72bb0d297b76b91aed3591af3f7e4bfa602394e8b94c2785fc7eac153fab4e3645c50d258a25e1dbf5996200f6c42ecea4d99c634ad8a7df70da294b2ff3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | e8554de6d8f5b8575c797be8f80757e7 |
| SHA1 | 30b5a04233169fb2445eb1b5291bbcd161a796d3 |
| SHA256 | 10332ef462f3bc9820d1db0b7c32ab50d640f860a27c53250a044d765a53922a |
| SHA512 | 8baf11b8faa18bb1419f1c59df276c2003bc33e14ca6d08667900bc972cbe4c4b4527a919061ffff81f8984d237a8e36f3b219c63eba145a186ed9f4a519e968 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7301576d8be84cba_0
| MD5 | b24bb5d067361654fef0ba6ca696d71f |
| SHA1 | 1889c3c3267338bbdd651f5e085933ce6d424eda |
| SHA256 | c9b139e451cf5c8c75ccb66e56cb80e9eeb6148524b10aecc1db8bd2dfb80dab |
| SHA512 | 467027442edc40c78ae3417ba52dec92a135d91192ecb2ef9ba2e12de23ca90b427f6daf774b76d3655a41c87fc631d284052a7e4fbe1e58d8bf6f842499e5f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36c21b9746fa7075ce494f1010cc7daf |
| SHA1 | 8b8b2b1313350373bec19950d7e5c9d542e45c42 |
| SHA256 | 8c519c0c04e4cadf4a6c9bec59b61dacd3583b50d16908c1e9b7c11253169f14 |
| SHA512 | 081b30c98d3002fc1c53f60292f1ad8b21b55da7e9088c3abf660ed7592009bd2eef7fe7ad9644dd3411c157022a54ebcf8d67b9363f23504b7b5eea39beef41 |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | 6fe5ee1daf303963482ffc414b1f4aed |
| SHA1 | 076ebaeeb02853d96e20085fbedaf7e61f3a60d3 |
| SHA256 | 2685e5c1aa3cdead02024f21abadb413c6dc130946f7b44ca01b0cea64bdd2ae |
| SHA512 | 8bc6758c95a53ebcd6b6fd27bdd3165f91bcd8f370d677afb7d599865b57ecad274eb21502235eeb64ad2624046cafa9f14576221b1503e333815df5a6dfe134 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 77138e2662cdeffd61cf6210ae3fb8ca |
| SHA1 | a085b99630efc74cedd0be9a0eeb57eff7b3850f |
| SHA256 | 68c83685da55573ae966db3113ee513dd76ba489024373968e527bd44d814724 |
| SHA512 | a4621910aa3ae4b5dfa558e69d0270717341467cf067d9397e2bbf118f789c87eef8750ecb25ffd9c60f51f35ceb40b211ce9a738116c4dfc06e543ac90d1bcc |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | b2e3ba2084f827f2e46a917983363f0b |
| SHA1 | 41fd27f8688b7a755abc0acc72a2a6a0e1045c78 |
| SHA256 | 7daa3d35584a7e87c3e8e3afeb436d088209966471d6c766328087823f1f3e73 |
| SHA512 | 4aea989bda6efc91836264f04f23fb3760764e3ef7809f618ad949c2e64b5a167fe5d054607535ec22fea4942d9ddc5ea7f70a1f529ee23633c1cd275d90e508 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af5cea84359c02aea2df0b0f312c91ba |
| SHA1 | 88f54e5873f11d3c6b320b946a4b15a4232cbb71 |
| SHA256 | 9d46864e6f5217aac1809296841339f82fa5ffc238df4a39d3c3f0597e1c1841 |
| SHA512 | 4c8fcfe68715b021d7746604e8707aa79a971b01055072cae6b87c91c9f65467c09458c632e3205b3057f06f829ac44c32209704051c2d6ccb8e78144d142522 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ec71aae4acbbfd779f564a14d9470e19 |
| SHA1 | 76f7745ab6024e40b2314ae6f886de3197d9d64c |
| SHA256 | 54180aa99d9d405360ce115e24cacb9315a6701b75cdeb593c08fc91e1bd535d |
| SHA512 | fed0fa74b67d4c357778af69974aec7ef29f69c9e18456f89d03eeacf1b42163f3cdcf04d12c2b4caa9330f23015949947c218cc8e2076fda10fac73ad66e51f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e764191617ae3de34573f2e3d785ff4c |
| SHA1 | d4fa6093112e38824cb8b5f50db4a64d9be3a340 |
| SHA256 | 295ffa56cec58446a468cc2366df1645b43ecc626ae10ce42cac1cd30f5896f9 |
| SHA512 | 548c24200c23ce7d8800fd51300f7baa9ab1de5d39f75f5731a6197b27f9312701408df8604a16425d1af0c0ab8aa33bd121c87497033d3f82c125e0bb11ddd3 |
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c85fb4d4928a2f78cc6c53f5d2dc4d78 |
| SHA1 | 066d839464284250e2756bf4183669bcc651df0e |
| SHA256 | 997acac2de7c5ef4794403e122935b1403ca69e11771a86b1d14dff3b92b4fc1 |
| SHA512 | 88bcf01cec2bc7c65820037155300619e8344c2c967c10ee500a4b2fe1bfee11e229c942a962c785d6edb9391812c2e33338436cabfaaf1adaffd436ed0c8294 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 712cdb6db75bd84cfa00e26385d80525 |
| SHA1 | 3c67cd90039ac98e0d7db6dd1b214b683073cd9f |
| SHA256 | 2b217b51e267df864f8448ff696cce0e030e333fa6b1f7e11c0b11501281de47 |
| SHA512 | 47153252e9d386b20ff3d3626a40600f9c6af8163eb3c69fad7c96be9d4054fa1455344c06bb1239b6612f2592e99be0af923b2214460372eaebff2107f810b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b
| MD5 | fb27a5afc7d344e6c83f807c6d8892dc |
| SHA1 | 4304f79089a599fa89e5ffec15a93d9ebf042285 |
| SHA256 | ef2f8bb51abc91e0640ee8d2d37b912feacb3c558b4da1b719020557408fa24c |
| SHA512 | 90b8e77c45cc92e44d4f1c43e9b2faa99e4834dd1c3cf28a118c5537580a17d1b10c87ce7b731a9c884866a1812fe59196bbd2eaed60b7edcfb59ce7853628fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fb02dd92ecfdf15ded6397a3dc1292f1 |
| SHA1 | 78984437e48fe0cd736bdcacd3326405a572f509 |
| SHA256 | a696706d041ee78e7aa3a274cba34a8f31f938bb34eba2abb5949be26757fc6b |
| SHA512 | 533e994fb8098635272f46cb4d0e03fe181e26c3d347f6281b588ab23a66b27907778f5a2b907d8b88d112753cbe52c72799d7904a3c47e35b4b83dcd6afb821 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a58c6f3410c346834506fa0185600fcc |
| SHA1 | 16518c2ad30c7c6f6e0c56961a0d8fd135c209dd |
| SHA256 | 9a7d60e3dc41c642bc5f75cce1b9dcf6ae318fbf379d693fddd6b4d48925dcc1 |
| SHA512 | 1f84599f7d3a03b995e868ff32bb3b3c26a856250716293e36e33d286eb5160934a068cfcf80e639eca651a4fa81931e92234653847886e8ebc22939e1e5a696 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 814052742c49fc77f8a0333ad2ece3bf |
| SHA1 | 43b7e01ab1aefe59d237797e7ae8943fb9f0f3e6 |
| SHA256 | 0e9f49bf67b4d07c80d9b3b185aa75f6e840c6a94ae842cff3526e0d6d482cbd |
| SHA512 | 4b2106e617aebbddc9a00c1c49328a0735e31e650d61b10453153c8668befb2124cf430b5c1c19693c072de2426850eaeae2f30de4fb0aa6b87c0cd1f8313667 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9e217e14b50dd9c2eeed6861047847dc |
| SHA1 | 53b78a59fc602b5dccf047e31a5e7fc61211f60e |
| SHA256 | 6b850f780bc222b17a73b866d15b8725b11611f4ea5aba7b7d6e04502a634e81 |
| SHA512 | d0e6433319e000b683df92e7d8015b26bfd5e68af4e82a56247cc61fcd1333ed3f4ea3e066bc9d3e884f8386222ddb52e6e88b51706bf830bf1ca9e12387a918 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | bc9e1a55eafea0af0cb26160d8a4898f |
| SHA1 | e316874915f08e01bcda4efc9d49f3f393dca4a2 |
| SHA256 | ee50e01fc45da96f4e20f9f3d55eb679edff4d02fecdbe8b9a8473d03603d819 |
| SHA512 | 0c40890b3a58705c8aacac5a14aa08cae628dabe51f2abd371b5919b16416dd67e2e677ba6004c6e207302844de94ddfe9649dab9800123fe3b2617a4120405a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068
| MD5 | c55dbb2a5e2048f8ac7b88cafbe13ab6 |
| SHA1 | 6629572a0fd059184b4e5c57687fa414fa7283d3 |
| SHA256 | a82abfaf7dd683f673153324de1295a2a952e5b40fbbc581b5fc39603883f5cb |
| SHA512 | 61336d53f5f14636ad0552e92bafec6ab262faea08d28143dbe6f631bd6be86ed1b6b2dd5a2127cde53a1405ee4bc8384c3327521571917dc22c7fd553f108aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
| MD5 | 7820201f0db0c706a0ea5bb7ce018ef2 |
| SHA1 | 6d116650afbb3b25bfd6226c7d5ee00dd1fe4515 |
| SHA256 | 04f262a5cce0399379de17e5635f1e1acaf4371afe981edaaf792625a682c44a |
| SHA512 | bfecb88d8852c413525e1e1bdb3eb69c97a10e4ff67ae3ca5eb97fff5a2ee369a1b80a0d314440a375d0f9e950e0e970a6de6afed09062d8523ca28ac878946f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | cfa2ab4f9278c82c01d2320d480258fe |
| SHA1 | ba1468b2006b74fe48be560d3e87f181e8d8ba77 |
| SHA256 | d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e |
| SHA512 | 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064
| MD5 | 8a42ba5472aa4afa3d3ac12f31d47408 |
| SHA1 | 2add574424ac47c1e83b0b7fae5d040c46ac38a7 |
| SHA256 | 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4 |
| SHA512 | 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d7033535a91b386f7e19621bc3b4aaaa |
| SHA1 | 39f95e68505a27f9b1cc9e7813ee3c778eefed95 |
| SHA256 | c32559d12ab41fdc6dc86a49acc997f419891c01a9825d33d7f3e9b7aa0626ed |
| SHA512 | 358bc5ad5c9141413d69cd443e9a313931870aeffc2a5465404bed68d4882a15bb52d57e7abe27d7bf79cacf9f2d2bf8a90f135c543bd4f0a4614b3ed9b4b5dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c9a85d1c88806aa5e9b59e025ed31750 |
| SHA1 | e09eba05ab31a89a976dd9171931db3b405da3e3 |
| SHA256 | b115bd9614164f3e7e0dbe855d5cc4d364640340bc39f189091ce966978ac6c2 |
| SHA512 | 8e76aa27138434bb155ce376824784451a572953d00b15dfb77c86c074a7b17b9c460aca7f5f7dd06d84bd468e0de3a32bdc443bcb9008a0cad0d08cb54ca08d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076
| MD5 | 2335c53afb1602527663457cc9c69410 |
| SHA1 | 8f5fc5d6c267d93a855106d908eb3e29c6b77d11 |
| SHA256 | 9eace0b1569f237f159f7f0a949ba8c435b994331aea1f5c7f73c88d2383da89 |
| SHA512 | fb5c29cc151f75126a610aa2b81f05f0cc74ae3a115846ae3e0ea2ce5d233b48c3807868ea9043945de64107af790931fd44938ba28e8ceb90c0d549b0834984 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b4bfa1aa6be06b587a8319693738a53a |
| SHA1 | 316eab7aeaf919dffb86c39917c77a765425f018 |
| SHA256 | fc5ff1c7f07b4c4affe2d1c4ed92438d6eca1ee23f3ee577cfc69db04165aa32 |
| SHA512 | aec16e098ec89efde2761cb1af41d95b3fc41db8701f8a1fb9788e8f879d7762edaf3d830cf836ac1bfd7df3f798a761c01f3a4c299813d6d41b2baa79b81d6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 763b0f98d642270f66f4b5be4fc5f5d3 |
| SHA1 | 00350de6c7c556ff40121b1c350dc61e7c25ba27 |
| SHA256 | 26ee4b4d030dcb2ccde82c89d98290162b414f194ff019f9d53214fe60db6ae9 |
| SHA512 | 3e653431d38fa770cc086cee2bce344a8fccef40361764bec847864fd421a5dea850b3b6d1f38e12c66ba6bad7098363eb555ff8f77414ed4a92b007dc2a0d35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b953dbf4921c7eb1_0
| MD5 | 0abbfe5b3e18e5cebc07c5d9b09cc3de |
| SHA1 | 5ce2ee175ba63afbf5e21ffdad6b239abd1c6141 |
| SHA256 | d13a4777ad9d5716aaab838f2fed9385f0d89edd13db61bb88178cd0e68bb249 |
| SHA512 | ea51e8ec56c9ec8ebcb7825e86a158e33a8bd6801d9c0f33e1292e65cf2e514ee00b6575c1ce53bef2796a625add8e17f138c0f84a55168b7238dc298509a24e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | 87f4a2066a7ba3bb60789dc61c0970cd |
| SHA1 | 687efe2ef33a0fba0d8a0d3380c58104136a7836 |
| SHA256 | 15a310395e304995da5a905a89f021d4a62163d92c6c3fa6e379f7913262bc62 |
| SHA512 | 0ad5ef6c631cb15031e6e7d9725cf4c076842dbb5dae2e094218f98957e39210402f79d2b8691525fbb109c500a69fd34112c7c32c3a4a14431d0ea09b509156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | 807b95eaddd7ff6564f547187c5eafe2 |
| SHA1 | ccad1dfd43f2eac70ecbd8ecac540bfad52182ae |
| SHA256 | 9aa19d3388c083b7b5ab0bed96d9c9cdf8dd6a19177fdfd729791a0ded19841f |
| SHA512 | 544d7cee1eabba363b28909a86e9b4f81ad57e510af86baed6d9acc7ff11e4ddebb900481107b5381c73ea2dc80e3d05a20df1c115bfa059b9d2808de2e034ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ce160fc6afecf0279a7181ab9626972a |
| SHA1 | eaf35bc61d577d893f53d1a9f6917ced8ef34c27 |
| SHA256 | aaf431214efca3f98b0df4db28392ccdfbbc24c249b99cf898d4c14a8a4bc849 |
| SHA512 | 6b54907aca2599fb597678fdfbf8aa7984b2b79bb26dda9ef3d9e9e2f6b83ba9083a097230b4660fca65b085b10b8f523176e2d8ded7d1ebeac236611d137de0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae65351aed47cf07072d7377fbb522ae |
| SHA1 | bfa86b50e31a89f9a0a91eec858ac15f30910ed9 |
| SHA256 | f394915fe779250bd79e9a6fb47d23f9e96c70443cfac86deff75ecc61dbdd5d |
| SHA512 | 8da9975f1524c910f752273084f00509df15a192ab3919038c6418077da7b688f423025c3545b30796078099857b725de446366b1061c3141bfab780e870c031 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e
| MD5 | 40695d01e0b35f2bc7ecbd9595f4360a |
| SHA1 | 0898b5a6016b4b442233869342d61144986e3804 |
| SHA256 | f899c78c1600beb6df038d9506cba2f8275e7621ca16ff53d74acfa99f6e46bd |
| SHA512 | 82d4cbf149626025df25d952a35c17727f46fc18076928f5b4721710f19b2cdc09a111a7f9464e3cb7d1c37e0286abdbf3eac26c1e3de5b803f196385fbd3344 |
C:\Users\Admin\Downloads\leomoon-dot-com_leomoon-cpu-v_win.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3722d92a3d3a7747c220deb86b232d46 |
| SHA1 | 44cfbd5317cc83ed32953f9afc012522a7d51cd9 |
| SHA256 | fc653c564a014179177a54a229f376831858227ed363f08b3c7b5d790c6de5fa |
| SHA512 | 289b2edb41bf04c01f9f0065075b51fb4890a659265d724782bba76e4a9ffa9cb01082cb08515eca4673b67c355a94502b57b7003425375a4361532f42a766b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6c18d5bf4b5a7d14c034750b47b6deea |
| SHA1 | 297fd61fbb350887ad3763a21f46e74bdd48b47b |
| SHA256 | 76f457d9472c607ee9e94869a0567c3a443e743c7a453bb331ecc522e2970c75 |
| SHA512 | aafcccc343aa4b7401d202ec0bdede7a4a16c2113892bfa10cf0ef7f1cd3fbbd130df1a8819a84b54e46449c7099b643bb3a082dda5f3ed606f83007478d3bbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9fbcafe45596e52bdfb1a9f8bc9fbdbf |
| SHA1 | 87442dde4b60f9cccaa70f66f9af1cf95e37caa0 |
| SHA256 | 6b53c1d7a785e131f928fd4e5de1f793d210ffed3eb175da2b5f6422604ce3bd |
| SHA512 | b978971aff4affaca96740086c7075838e53ab351dc5f5a9e1c781d4201532e17a7ff12d135b1437c188a5ef2cbb11f9dab93b66f95ebf8f55698d6c97359776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6dad1d591f6e430253a1f0aa149e5c7 |
| SHA1 | 9b764b2c711dcae65c14d3fba72c6942733fbedf |
| SHA256 | 76f9df47ffed6627739a977cedf0825f88edf36379cabaa80d52edde80614100 |
| SHA512 | 3c6852538817dba293221339a4574c4ff25879dc6ae117f7bf3bb8f71be0a1147f7044bc8e29e1e02404db40f75524cfed6bdc246a77ec8e0f1f0430575096d1 |
C:\Users\Admin\AppData\Local\Temp\CPU-V.ini
| MD5 | 71aeb97dda8b98fb3dd0eccde3610b73 |
| SHA1 | 48dbad3303ffc7814a8e1c5962f3058f0b298257 |
| SHA256 | ba2267e8aa29108d63fd826e1fd3481bf905b4f1ec6f5de87ecce49378f8dc5b |
| SHA512 | 317ff8c725a72ed8d9f065b8e78c62193bae3a66d4ac8f7e163f04fb5b26ce98b6343639dd5d91481a9f44fdc49ea350baf7947858425b250c18a4d00c59b3fe |
C:\Users\Admin\AppData\Local\Temp\CPU-V.dll
| MD5 | c324caacf1859269a6d0e7465644891d |
| SHA1 | 3b962eeebdcad3f99d1d74d417186b9e24417d84 |
| SHA256 | 62cce2c15b1b06e3f7cc89c6707b437b010163d93ece7d40c349103d097987fb |
| SHA512 | 51a631092201de03e144e9a7112ae0af095379c9139fc309a043f8b71e593453230ba75d2089be82c59e5a62d353b0dc2294d850d42645d398e9e6ac08c238d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2947284b5259569852dadbf51bcc25af |
| SHA1 | 66a079030759645112fe48e02c78e63e79f07f2b |
| SHA256 | a89480098e1a9e98a921de361db6e1fe53265105e10d78882528511edbd57039 |
| SHA512 | 969c11e76c1f53efdb15bbf2acea3e72875b18f70b741b7347ff0546ead64ea6b0c97356c0bb8ead9423cef36fb3b2d3ff13db67c3840a072b99e84d8b5e8566 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61e778d395b0cbffe17906d20a9457f7 |
| SHA1 | 189d6e63be55e55ad319b9f86814e7e9c22b527b |
| SHA256 | 068d7f3f295f74c72aeaaf024436d41f03d5053053d59bd725b7933a2ca4f6da |
| SHA512 | 2aa486e0f2f341ad4a73bb0eba0176a2e8371187aeb08f5723a1a9e457cca1d176681bc456ee176a0d9661646b8700662f72c210e8de8007ad6ece530b2cab80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d9b5f26b80a590d836728a626ae96d7d |
| SHA1 | 9f5832f338d6ece508c06257ac6b4df6bbc24b40 |
| SHA256 | 58738911b0dc04186e3f5e99b43c1620a2971c73639e516a8ec6689846dfaed9 |
| SHA512 | 15c4ddebec61b3a09011777fff8efe3f602d7cdbcad311b0416c042017374fd7d0ba9ced3558a8ea7d01ce152fdc0ef4775d36be1b06ec5619aa9ea365773f8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ded77eb1dd46f757c0e0ac186cafd10 |
| SHA1 | 7fee3f318fc900a27966be2ab31190dc8a7c063b |
| SHA256 | 1de42b118cd468a89be1743005093ea82b6893aa3f849dfab4559255e64ed98b |
| SHA512 | 160b474622a53f343a63ed6b77195ff018f5cb1f27db95dfb3d3ca124d7b24b02162daf7a9859c3bd8e3c3551b3723f1537f6cd74eb53d651549f8dd8b44567f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | db86956cfa65887dfaf13e0cf6902b8c |
| SHA1 | 535ea89f29c8322a5f4449dd52684a9ad7b8ca9c |
| SHA256 | 6d102d2bcd8cdd187be8f002d9c52272ebd74148216701ce90c03f7281c75dc6 |
| SHA512 | 078dc2fae1441c8a452e2e02a0fb2cfa9b91af0576caee3877385bf114304dc503fcdfa1474ed86245f29ac92bfa6ead3df34892eaf8e8feaeff9ecf470d95a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fcdb801bb2e90d6911bc360855266138 |
| SHA1 | 76452399ea1898b71bfb06c4ca13bd72a9a99b6f |
| SHA256 | a9aff3a200dedd2e33cfd9a0257a695c7b085397bf6527ce04a16d2856e279e9 |
| SHA512 | e36ad3991a82390b45c3c61c8f36b8fe45b73e5d4091a2a18c09e640130d88294af7569428f562b5366aaa681b05d7b437adffcd5055ac8d66cb665436ad1389 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3dacd7778093583e9c1e958c226005f4 |
| SHA1 | 72ec390d5b4c732615cfeb9225da396656af0bd3 |
| SHA256 | c1b74d7df90d227255f6ce6a2fbba004a932c62903eb070a5e1f44dc1a161861 |
| SHA512 | f0531f94f6da7429f62f55cc21d685ce4df50877b25079ec1a1832304b6110c23758cd24cb81ad4e13890f8c0deca1c372b0e72e119ff82dd01f181f17cfc0b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1525eca2b18959c646a62d3c5bada55a |
| SHA1 | 83f7ed11b80d80a3d5f46205f11fce37883cd81e |
| SHA256 | 0f96bf631f5693fa177ef65cae7cb2080136a9cc13338a72b2179e08c396b6ed |
| SHA512 | 2709cb73039b0968e3282e998181ca876295a07a759bdbcbacbfffb6a3503bbded97e038fb664fb4f3d3e1c6a711272af5c5128b70555ae84206c26e8cdcf845 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 68a072e8ac94e02aacf4f7f5f5ecd181 |
| SHA1 | 02a0cd3764513224a6af99743a14f377afdb4209 |
| SHA256 | f2947ae034cf70d9de32d156deb944e9714e956d318ea1dff823e55c9329e953 |
| SHA512 | a79008577a0bc4350bca321f6750fd40a79c529e9baa830893625b5bd1b222af0f9b5ce2c66fb43a19899830aba3ee74d31324033fabebbcd2bcdf7d6d335e8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 224e871dc8a26ab2a3bb46e938428182 |
| SHA1 | 9b78a43877cf040b45d641c95a87701140b29349 |
| SHA256 | 6edb1587839895ecc7459406d9fb7666ff2a97e0cb7bdf868f1b4533eb583ffc |
| SHA512 | 779708c5906546c86fb1601069c3de386e8e2541bd9bb07219bb83aa762f9e04363175c30c7da8bd52917da8449fc70f85046446f5b48eb31947e68c97073212 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee87b3867c3c7570f008b9c90c3f9ad2 |
| SHA1 | d8ef53eaa97298373c5919729c0f1405a5b8c647 |
| SHA256 | 3e1da42f79dad6027c22208c92ed44c3e5c41f69bde69bad706bcb2bc124e91d |
| SHA512 | 2f8123897ee4604af552c3767c0cc561df01552079ea43dd3d366282554ea03da02ebeacacbd712a10c7b6a6c39ba1b44531a23f462681a087cc6a1d5b25586c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 53425483e6f7d3ad667cee6ecbada711 |
| SHA1 | d5f624bcf8a056fd752383912a9f61c40969f23d |
| SHA256 | 2f9cade80ed0a6efb4109cf082b83509acbddefb86fe518d555a4752b1637c3a |
| SHA512 | e9bad875882d683068d1cc95a23546e666e7cb6ce7d3e52f533c282ac0ee6f57a9d6b894c017b5d1273c54eb8e8caa155caadba2409fe4c24e2689c8ab106a74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 203cac603f4d311196534708602b86b6 |
| SHA1 | d8a9ad413e8c7fece99ab41f4f96b291f9eb01e2 |
| SHA256 | 403b4c146091ad4901d06ac93f633de48892a3acb3efbde9e19825277aeaa4e8 |
| SHA512 | 229768526e37c03824a84311f9c016d55b0e19012b097e9026fd2af9d7ad588a67c38318e44fcf9df84c5cc5061ed52c0e61ade5deb5d470bc663596b133d95a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8aa9d25b235d9809abb658b88df9474 |
| SHA1 | 453008f6520e5fd41561a9c839a622189eb8a598 |
| SHA256 | 1e6ff7025f963f04652e641b4d1b14855894114ea0cbc93ab3aa6cf3dff91d3e |
| SHA512 | 00bcc4381b63d082d17b420bee9180e8fbfa5af6eb0900a01061d5bf97980d48ccbead75f935a7022c0c62838ca73b9b21d35bae6a9155a8842cb857f8dfdcae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 308ea8afeee254c284209a3b603f7536 |
| SHA1 | 15ea43b475132478ba9fdabfb07c7135c596cedd |
| SHA256 | 5986d95d205effa02b3157c879a0f1253d05ec56a7d9189cc737e6e97bab6c3b |
| SHA512 | 4dba2bbb7a51aa9a6dd5b59d9e2b048d9e8b6d6b0a146c7d208fd815eb2fb5b89f52085272608a60e0cef7b9d8dd0fc24178ddeefd32e0c93b6d565928a24732 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_1
| MD5 | 2346e161c39784b888b1be6361c83230 |
| SHA1 | c0f1e474e7220281f57742560b46f1ede3ebed3e |
| SHA256 | d6a0cd801f3d67616d1d50cfe19ab3613b664f587aa4e04b3955c7edeeb8a942 |
| SHA512 | 30c885cd2cce98a7a61bf7c7c3ad4c2298ae135430f0d10409be58f05e59863e803e409d469ec6a563cf18108298af24e4b475dce4c0d86b0febc2d94a69c049 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\297ecea5cebb5dfe_1
| MD5 | 65d2477644248b5f1c7b687cd5f747be |
| SHA1 | d222edc5d8b4a6aa76443215e6905b1668252d9b |
| SHA256 | 7f820187860d51bc723b962d09d54eeb4d3ecc339069ba3342769438f01aacb9 |
| SHA512 | ba830b06e018a32155c42625b483c025f1c58b377146a2956a0d5edf9b3ec9b62d2077ae23243e07522d2e83bb54db454f709b9a5bc04a4220ab65d43e8ae744 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a25baeb767e0a5816eecf9192ffcc032 |
| SHA1 | 8a17886c0c4936e09c10ee8875ec6d978f40db08 |
| SHA256 | 95de90c4d03977bd0443f901754baa0507338e341672983aa23769bdc1ba1422 |
| SHA512 | 91dbaa4a0b32d8dc6e387d9d22153a51eb88a226e2854390f4fc0c89699a505d0644c3ddfee0a4cdccfcfb5463deacf8a64a7255b196a55515f871ad5df8ba1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6af4d356b8b49120ca78d04fdaae4c2 |
| SHA1 | 3598355b79d1bd531c0e169bf400f698dc5dd6a2 |
| SHA256 | 35b4f7979b94a46a9ff8899434cc34d609dee81a874cbb99a02d096c9fa1c077 |
| SHA512 | 09ca9ac5df6a0b40aacc31f58a97f1acef1bf8c555570507b7ed5e490c2932154c260a9b4097274ca8940822d2291a6faf37cefa7e411413fe0933e97f93a1e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84174944352604fd756a9c8ec573e807 |
| SHA1 | 43f6377bab308b91d561a2ba64100f261431ff30 |
| SHA256 | 3297183978bd1be2763586141dc13e6815f934725571c05cf4e2e52f1189ed0c |
| SHA512 | 596597076d16b7fbb87af4b79da3c087bd6899355c52a3c1b19f532278946f3be7efa975585829747aec76c2af8122b4fa4e58d7e656d638410034c0f3165dfd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67dbbf3263b0864158307a65c3c85344 |
| SHA1 | 8be9af753a3e4c9860bee4f26543a5ec529a7c98 |
| SHA256 | febef392ff24cce10276865a1e753a177b21bd37eb0571a2bf5492edf127d519 |
| SHA512 | c17bc1575415f1820c09a515466b182a50cca691de220d229f096747cb9ad25cf16b3bd83daeba5d31f6300c0bf90f1e3f98954bfb53a1d3a72c3ccd187ae6cc |
C:\Users\Admin\AppData\Local\BlueStacks X\Log\log.txt
| MD5 | 8f4fcd5b4897269522d5c8c6345eee65 |
| SHA1 | be8cd774e4c23223ac9ad469dee09d8781be0012 |
| SHA256 | 6e87ff5807d812cc929fe7c155b525a598b62718ccc027e892ed2d7cc0d32be7 |
| SHA512 | e8264489b693135c7df08596ba4e28bc1420474198e64a0361a7dc29c98d2468001ce9484b81dd624e536e06ef46e5c1c53ef6393c9fbd2a146fc67040612240 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000010
| MD5 | 6014e3fe89acd7f5591857120a061408 |
| SHA1 | 266bf4b208c997969cd94ebcf644b92d7270d2e7 |
| SHA256 | a02c1c895841cf5651aaa2db0e6e8fd8d6d9e7ea57658a7b74d6ff283244f764 |
| SHA512 | b1aba3f15438f6f77b78ae82d40cfbefbf9b95f8f6b05b9ed558ae907886e360c8eabaae5a361e4886789a74337a2193490bdc11073d41231611b0c5e4fb2f86 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00000e
| MD5 | 762d651b3659b78aaadd643672f395b4 |
| SHA1 | 475f84a6cb0eda14d196ffae0b05ff224aa25ca1 |
| SHA256 | b15960fc83e52326bab2318e7d9966a7e2bb749f909a20ec8c79de9e67136588 |
| SHA512 | a3d62d4841571c5d0a89dc9ca17f3080be8a86e83aa059ba7e2c9e3dd57e7b65ea940f3713fb00f82207914a6a390d138c600a7c8f3cb7c3b1066dee297285df |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00000d
| MD5 | bbc4187abbb2f9a9ae9900c932a5765c |
| SHA1 | 89a3cb9f9c8a0c45405e63b3732c43ba9c144e22 |
| SHA256 | 57e1bdb4cb31bd97a6766042daef89d87ff179f625d0dea038c96351b24b9949 |
| SHA512 | 6860f1f7e776dd8368b5dc6c38485b390b5ceaec4a17c41a4661821f7287a21cd32a8d159c3f0f287c723b83adca5ff930c816d2402e66ddaf2fe52ed59f8e42 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00000f
| MD5 | f15a275b4ec3f10a615a1e12a02f541b |
| SHA1 | bd17fb2b4a765e25f1dda8acfbb6c2e2d0b05b9a |
| SHA256 | 142b52d9f9b633a867d90f51a77fd04860105a6c074d8e29cd79c5f68215759f |
| SHA512 | c48f5196da298a34aabfa9d30b2735e3d88edd6251f06d85e8e6cc1f120e80bfb401edeaf22f15f84a75da0b9238bffa56f44eb835bea9895f253274f05bee12 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000011
| MD5 | b869f8fbdc63577037f79ff2c7ca357c |
| SHA1 | e3a83b8fcbb2bb30f0cb77b91912f1c0538852ab |
| SHA256 | c4d579d2ac32e3a4aaa3fa1f1960c98753e25be27a7c2beb8646d57ef5cc3292 |
| SHA512 | d5c73403bbc2c79ebd7a4943e1ad2b7e12c2e8e6b321a571f05983688e94b0fe93dd6c066d2580b2b9002e32fc7cde17fbaf4e5bf005233c347821281f126ef2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7306d1dea28d256993ea1c80a4ff8c5 |
| SHA1 | b92c3a5755374745c293d5f4e5069d8ade603bac |
| SHA256 | 69a9d2a70855a67ee4e23eb5ea0dce169cc51e37dbb2c08a00574ebc189a9e28 |
| SHA512 | 6113514fb67540ec1256a1aafeee4353edb88920f4c9efcfc437d09142391f38ed9376eef7570d58ad780b9692e0d85bf6fcb43475c5a22245eb91730824e43f |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json.tmp-3195920016b7c091
| MD5 | 42f56e6204ded8d4948cc3abfc956135 |
| SHA1 | a827d7700ddc05acff02c49a315fc7f1aae73446 |
| SHA256 | e3e70a303e3f3d188cd35ab725ab3b8fce81f37fb53170f6bd6bf9875d40807f |
| SHA512 | 7b100264c995486b1b07886f83d3d7cb34d1c07a95cd8ea0d5b52511dda50e1de29ad185f7eac7f791aa37c09ca0f380eac0ee4571b48bf7cef9502b95ac5d59 |
C:\Users\Admin\AppData\Roaming\bluestacks-services\config.json
| MD5 | cbfa06252fc5b58da4f5f033cf2b586f |
| SHA1 | aaf607dde79352e782a28b9c6be5327b6bd44d0d |
| SHA256 | 0e15e48b25c1e8b1af3c466c303cde62e6e1c652c67a9f0f404f38fb221c5f7b |
| SHA512 | 94cbe8116e1d1482249677e9792a59144a304055f41e437ced68f148a008302115b49cb3282cbc4b04ea99776873012cc9c86c7d69175ac9bdb52732905bd84a |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 871fbed713fd84ebe093629ad5aec9a1 |
| SHA1 | 75261a496dcb775d70e39688432ba2649f48c055 |
| SHA256 | ff0854ca0e0cf9c214dc0bf6b7945f480ca0f26638a51250c0718562892d9648 |
| SHA512 | c0af6f8891f82a0169ba8b3af221b2e7efe2cf5b72248e94f110d9f6f26df8e40f2e6d832d4030c4b079f49584b7cb8086189016750d9c7cdb88af2f22370500 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00001a
| MD5 | 69af13eacc8bf3c5905494cfff5f0372 |
| SHA1 | 3ed539a1a5b8db26716443fc304f31044e496594 |
| SHA256 | 48934f377fbbb7287c1053fd99cbe0227b35f87b49f0dce6ed822f0d6995cc8e |
| SHA512 | 0330ffaa0bce8bc0932057d9a970053541b376f2f363311f4db350a6c4f66e392b6037266deb687ce339eb7e6853857cf7aa8dae7559cb0dd3e7a1dc68c5460f |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity
| MD5 | e6bd12a51b0f50c01fe7fa6de4d388ea |
| SHA1 | f6b0a6dc9d6601dd606e906c7dacc3728cf4af54 |
| SHA256 | 0488eb15d7dc5edb23e42f7922ef6178c770d9755823d2f7a65cd3464a3ee466 |
| SHA512 | 419cb518c77b621e43ccbbf47c49b3a90ace169dbd23b7ddb87f52db0774ce4e8ddd4bf9d7611f15c943c51e1a42d948042853ed01a2c75f082da9f57faaa82d |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity~RFe762583.TMP
| MD5 | 1890fb7b784a61ad129f5ea339b9ae16 |
| SHA1 | 5d9d1bfc9607149691a4ee569319bd0b846999cc |
| SHA256 | 48a79a4106199a2533562b14baebe679fb440b353fbc36cbc6609f1875dc1e18 |
| SHA512 | 0413e55a3c5bd40d2f6c34b97913e7d4061276ddc95bec8557df2480960ac5b7382ea776949dd49159b82d942a54634d6e6fce48cc17dd5b89cc25681cfee931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1629b48b89ad230e13b42c054a2f6118 |
| SHA1 | 5131ef0b8312d39c086acf54041f98f68b70c62c |
| SHA256 | d6a3156ea7a1a24d0260395f3c49b162ba91b7de102abbbec6c62d88087774d0 |
| SHA512 | 4ca0b0b5f73ed67c9ecdd4780e246d4bbf27177f51a3006681b10764dcfd05bf039a2ac6d49241c3f8666ea6a2b8af771ea64313747e6d980e202c4453a45bc0 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000027
| MD5 | b1cfc4975df0215fc2c91a9c4ff559dc |
| SHA1 | cda91dccc7f60e110beea177bd82b7bad05cb0ab |
| SHA256 | c128add461cc943a57541b90b23bca2bd8b02d8540f521616f4cba5516eb976b |
| SHA512 | ce24def1d10ab6fc717d6ce4d49e982cddc855818d0b86e52d829b7d25f0ddcd57820d34ffae715e12809cb7a18e3d0c7afb8ac4d97da7d32af1dd80e87d530f |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 27c8ddce0cb613131a02b7a89cddaf70 |
| SHA1 | 6675f8d8062a23b51ec2df842054b59e89bb353f |
| SHA256 | ec98d437d1f31abacf1e0a849d8492d62d85ab69c3f7f9918cd15cfbcc959387 |
| SHA512 | a95e6e81a41fe34521139742f9ea62771b7f84eef0429b6b869deb7d75d956349c5259e94cb06797d881a494a7cabfcc991227079232bc7b85507dc35fb2d78b |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_000028
| MD5 | a95b05571b35a4f50e79e1ab396362c4 |
| SHA1 | 7fe7d5cde5e88cf0f55498ed6983f34f35548aa0 |
| SHA256 | 82e3823289314ac0de95611496eb3b2bb47b7e3fb56938285bef7278aab8ff68 |
| SHA512 | dfa5b1d36deaacb27245b8390eb4ce0a7d312fd1e238504c0d5dc9a6cdb6c74aff466adba303ec05e55f9a0fc261cd185127dc848b77ebb50d6cce9c41266a54 |
C:\Users\Admin\AppData\Local\BlueStacks X\cache\QtWebEngine\Default\Cache\f_00002a
| MD5 | e64addb1bfb0f535d2ee9b11b4649546 |
| SHA1 | 18d356b258a01cfb946801a289fa325a6084af9b |
| SHA256 | 59fe9e5ee377e0d5a7d1f6f898133ea8fc125ce36782f3f364122720a2ddfe8d |
| SHA512 | 93b78f5b5b08903577d589f7abef2ba07eb3f36ff7ed0a2755aa2f4fe71925ae4958c6eea2dc80dd3db552f007366d6b904c25214925b38494cede442e048dbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d3024a8baa9aa2f41d5964b7a22315ef |
| SHA1 | 59619129f421e48831e72dced99022d8e4ebb0de |
| SHA256 | 5cb819260e6d1b0d93afa53f1ac16a216077cc01d67ad7868305b40276303b4c |
| SHA512 | be368d565e2c9f284b696baf08f9ba27eb4c3e87ba6d76b86ded368d101f47656bcc35a50b29b0e8b73348e6d3a27e475f71d8ff53aed1cf1d5fb2811a3462af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | caaaf5b370f2a27fb182734b3aefd508 |
| SHA1 | 1fef754f08d6737a5073c0f33fc08c4ac5e580e6 |
| SHA256 | 7ab3ed1a80cca46912f83d6bcac6a48b711ccd8629ef7eb3b647666c066e4dec |
| SHA512 | 3bef2a97669339a9748e42959a049dfac9b87058e39730d785d498bdefb39606dde02e1cc2c05a0e5c321eec08ee999a9dd8a809ff1138585ed01110698e8869 |
C:\Users\Admin\AppData\Local\BlueStacks X\Banner\https___cdn.now.gg_apps-content_com.dts.freefireth_videos_desktop_free-fire.mp4
| MD5 | 8c88c1e8e0b145592d15159ae97bb9f1 |
| SHA1 | 63e8083cc915f52411ef084414e52d9e033ef0bb |
| SHA256 | e3cbe94ea783c7bd46e764d361ee508f5f943e591d186c854c1a9fbfaf511dbc |
| SHA512 | 1a99d8f478325d32e433c7fc005f1dbcd0cc18d1da7fdc6de262cca26e7237545e5e6e36a8f98eccd4a486458107a55f13a557401a232b822b8015d25b08a873 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03d0e559c8a5ace4f0b09892a2408502 |
| SHA1 | 9d633db764bfd340eb421dfafa9a55ef52e86314 |
| SHA256 | 8ce96b14902e52aad07858fd068fd6c52fdf2465b94b42b2bdd08a8c21e3baab |
| SHA512 | 9ffc58f1b90c94838fd781769dad65a71b1fc24a2c0e08ce0db784073a16ece561621f1c1fa69575637469b7c5422cc6942db4da643ac3b020fdafff5025088b |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\TransportSecurity
| MD5 | f8bac59063d2d95cbad9e93e3408d0f6 |
| SHA1 | ec185080ffdd7e1f55cd5b88f55af04350746c7b |
| SHA256 | f2cfae3d9ddd3912f7c52396f84f53a8fe904d151ff2095f6297e65c97af1f08 |
| SHA512 | 39c3908d021528cb9dac291c598ea05685527037fc6cf57d2e6fa54543fe0114363644b1fe2f16d71db1c8b62f870b181d8fc0f07709884721ad9e50366feab1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086
| MD5 | fb297973f02a944e9e4cd1a6801065fd |
| SHA1 | b2bf013f3ca78dfacd7ba797400c1b3d5bcdeaa2 |
| SHA256 | 73835e4a9b838c837973eb2a302b0cce04eb098f5a175caeb146761e4fb75bf6 |
| SHA512 | 3eec52d882a6b808fa3d6736f8c4a6718aa803bda6a4ea404f49a86adef445d5a0a245cfdf2c5b6efb37c1b0d4bbb358d65c3ceacb025cc03e530de264d5e4f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082
| MD5 | db6d94096510a63a163dc3a89fb482d1 |
| SHA1 | b87304653024b01bc59b2d2f74386bfbe86b1fd3 |
| SHA256 | 2d6d20583e69370baedeb772d5529554b680daf27322648b1a6d334efd0e24c0 |
| SHA512 | b7e7355aa0b928c8270419dd510654b7d476339553536c4da949ec276711e9b78362c0e621a324dd27d7187303d610332286a3179ff691f212d3b3b75c02840a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085
| MD5 | 93e654d6ce23aa89eab05353e0667a71 |
| SHA1 | 02d055a16c543905ab1512c428d1456f2ab7fe12 |
| SHA256 | 1070140325aacd711b837dc6c12b8f151e1279e7badf52989e6fac8506aa9f3b |
| SHA512 | bd410430f761d952114428ce3f4fd214addd6a72d46d83cada8627ae860234e7598331afa201d23b9c30b98bda54e8d19306e69444717faabdfb49d546c5d9f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ce2cc4326a40380f22c2c4aac470cb5b |
| SHA1 | be8d62985979319e0b4c8d7c3f3720ecaa1e585c |
| SHA256 | 8806020b0a7ac51b1615fa69980286b20c6ee3a81bc7da58838f3c21af71f566 |
| SHA512 | 1933a336768cedfccf3617a7df29dd04aef5f520f52f9b95738ad798f2adfc6a0f67c34c6614d6a796345d4abbcc43ff814082be27bf9df2f162c34ed407e99a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5f78bb00ff489bae05dba4e3c5337792 |
| SHA1 | bcf398ce0f513094af02f2a1bd35eaac6a7046cc |
| SHA256 | 439cc61c9dd599d2abb99ebcbed6f468d87f872e61eb425bd22e6647ce4cc09f |
| SHA512 | 7f58cffb2187aad25687a2a33ca1e6cc4eb945730cb9cfff8fe7a2336aa9ec43a75f542ae641d6d4efdd74387a2aa7e3ac5d9e38f762145c610b3b597bc49094 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a30b59c39b196c4dc26f80a9eceac48c |
| SHA1 | 6b8affc4b3381e0306dbfb40950fceedc434e1e6 |
| SHA256 | ba7a9e5aae099470dafee6a54a227b3c2b812bc3aab4aedfb2581cc9bbcd0ab1 |
| SHA512 | 42f628011f9a22bc35d8ef5e2e4b14a2673ccfdbe0fa47a11962e100e856531b4a4f769a93ee90f7e89f71b31ae4ffc9da490c26114cd1771362d38d9fd8d8b0 |
C:\Users\Admin\AppData\Local\BlueStacks X\QtWebEngine\Default\Network Persistent State
| MD5 | ec980fbadffaca092401ba8700fff894 |
| SHA1 | ebe647751bc4b9e5433efd31b512cd77b312cb01 |
| SHA256 | 1c4186f03f265bdde11acafa41bf95d4c15c5f9426e326973e4876539b602979 |
| SHA512 | 2508e182415295f1be67c9b952c82f012aad4a74a9136fce797028e20ebd0b98d501fad2854969bf14b7776d27c7308a6a0fb1d5b12acda63c7252aa55c0ca65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | facc29017e792dff5d0477ee1d75d764 |
| SHA1 | 462a6ada4bba4f7604a3fa5c46ae66aca34c0c40 |
| SHA256 | f241fc80a1c060f191b98004f798cfb28363d1a7cb02f82f3a9b3edc5399072e |
| SHA512 | 578409561e6a5552ac39f6565b68a13774ef3e5e2c47f46746143ee1414313664983245ac4e41390abfa89a4efe3a357b694d8468308fbc27c1c85d4f18825fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90c098f05409537024c5df3ff1ef4f89 |
| SHA1 | 4262172670c8cc733f9623b06efa84d21447773a |
| SHA256 | 49c1495e7315f55b7027938905b5a24b83dc8572c790a3e527486bd12b6d3f6a |
| SHA512 | 62ae443fbeb89aaefbdd18e04917c64ba1a83d0e9e357dab8ee1b166876cb78f017e8afaad16d323e7a2b35b1a050f7d991dfe8be694f79e2c0d1fb63e6ed8a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07a9ccf45995fc18b55adf6e94903985 |
| SHA1 | dc39319ce1afb2672a33107eea87588b7708722d |
| SHA256 | 95a201afe435c1cf2e6bfabeee51ac2214fc4590269df277bd111244be813f05 |
| SHA512 | 8d8412ad656cd497c821617937c30834e27a18e59bac5d0325e7af41ebb89c384073aca43afc00dbcab543fb72958f1872c741bd2334391c3b32677549bed553 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60776c9492b88eabf5a031891bb6706e |
| SHA1 | 5c6d665503d8b5fa84fa8b67e453c6331cde860e |
| SHA256 | fa0a60e861186562a0cfb699160f0a1e008d5f52fb07af5b1fff1a35deae5a9a |
| SHA512 | 2e0df2d5022c8995101f33eeff19447293012997a595869ee952db20773ce3a542c752298aabd6c42574da03e7455d9250edaf4216914458f682b9b1cc23e0a1 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 2f1e833500eac494fb5b7888c1910644 |
| SHA1 | 97ed0ceda185e6cc86348474bf7f527b45ceb4e7 |
| SHA256 | 7f9218db2a71d8934b72ede88ebf5ffb2fc79cfa5d82523d2578ca3855dcb0f3 |
| SHA512 | 3f175d1a4e5c4c8ea78d2cbba5690975d15034569e6abea08bcb1b32074247489fcb4ccb1a841efaa341c5bcb4b0205279a45759ee66112416be2b0c1bf258e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfdd46b8c5917449d933b1b2ec19b3cd |
| SHA1 | 2c97bc279dab701f5184ddb7a874d83075a578e2 |
| SHA256 | a7eb5f072c812f514b17c7385a5eee3178c8d04fde75f8dcde7024fbdffe5351 |
| SHA512 | 04f940c240ac538897bf53801ff89c35c7dfb117c73cbc9f5674195d300dc7b256868188afa7bd7be8732be1978ff32dd77bfe75a18332f97d6d0767c36ac318 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 962c379cb64d5eeb19f5af824c4db65a |
| SHA1 | 782a60805e871f082c67d3755def68e01a131084 |
| SHA256 | ba6ef35d5ca8d5c0fe28398c304f015181a8e1198c681682e47cc1d06afa8bdb |
| SHA512 | 0ef3c035638f6942c3b66314fc2ce7e8364df6d04c9a479d1408314f520f81d6ec266d1dce1bd929878bf7f8204bd0c5cf733ba78d8e4dc6c8e4d321be193b36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 37b4f7d71c24e75df6664b7cc57ab29f |
| SHA1 | 3c78712c0dd2b1fe679c7e02e940b3c5f4c3c879 |
| SHA256 | e5d000b4e86c04694fdd49577f2a34d11d76c51fdaa255af8d0ba5e521d801af |
| SHA512 | fd9defacc0f42e6d67acde2509a7759b51115d0db6e8e64d73bb72d4462763e44f4bf3d9e6c126490ca781d468274ca6679840e06da0a26a5fd60570d4f338d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | b6eda8305d3976cdb62fd45d4a07823f |
| SHA1 | b3db43c1857022c2e29fbc5c55411c192ae5ce2b |
| SHA256 | 15de111f63d12ec228b90489323d498caead641f3e056d4487c29121f0ab7915 |
| SHA512 | 27e8feb610bba8ed64c1ae9938b7d6d88e2b9e89ab555665ecd374c869c1c6e21aa709641c19f2409e198f656690bd18eef92d16bc51f030c24730cad55cabb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d43ef50d3784c3eae842e8d6822117c1 |
| SHA1 | 21f4c6868ab424d5f3a886fa1c6a24100ad330a9 |
| SHA256 | 5c5237ca75c0526a7d9615e63321a3f08cce1b61293ee5464ea91b0194271eb3 |
| SHA512 | bc1a5170cb177c568846219a9ea829387a347a32b0d341f5287040b519172567128552dd9175d8a6f708a2e30ed49cc1be69f8a5879bf1eaa5e99d19460a632c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c46747ea0474142039d6ed79e3ea9bff |
| SHA1 | f384c0417bd0f07e56241df2b9a3c598817e8fdd |
| SHA256 | 5b275a85a3162bc413dc0eb51ab19442194979f1d19b4537d3bff5f7a102b39f |
| SHA512 | 6624debeab2fce7bfa443f7136b8b50e112eeb1fef8e2cc0673fe5584ea8687095fcb344a76f1e5c576640da926f636ebfce575ad8c9b710c9297cc2ce37fb7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | de745451e3e283a94e3f317ec5471072 |
| SHA1 | 19b114c08ea726c9851a35c48d47431cd707dc90 |
| SHA256 | f05a109790c3a1874cdab12c14b434da1aca455da57db6f0261583622b21b0f5 |
| SHA512 | f878da2521d9e88aff14b93b3b669fcf38f82e90fdfb22a86a3c19f1a2dcb4065e681017b6bfdd5681f3b0ecb066ee8690a59aebb7a8a99f98cb908044942882 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2e5300d49b188b272948c0d1e000a3ed |
| SHA1 | c1ddc193de90a254a41c2042f03c847dc75ff732 |
| SHA256 | 30588d19b1a8495f75fca20d19d878a6620d2a23f6ea7f0557b27f251f959565 |
| SHA512 | 51441b393468902aec0e777f49f7b7e28983f0911c46468ae5b9ea12f0395dd411556fb18a1b265fdcbd53a21e18b0857ac302c92bb9985274876ef0db3c44e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5fae45615427704cb45c083b2ea3e81d |
| SHA1 | 7bfd28f0be9db539feaf0d4dd5a0053b2b5d4aca |
| SHA256 | 5af50fcad00516022f23dc7ebc8b59f833cfd2c4f1333eb59c3cb4bded5d4365 |
| SHA512 | c19821f1cb60f5fc3f93fe9109feab64e01168da121201f7a24f2da3321577458d1db139a9ab2dbf82f482d6e0338012a4b2270fd7c43c92a149a8757fbd96e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ba6535d8ce936be6916488e630f9f26 |
| SHA1 | 1909e916cd5b655cc7b03cdcde90ed26b0bf1fd2 |
| SHA256 | f51ee3e15cdfd743bac9ee70f7c052ca7aa8a70248cb4d9c7f9e99cb86602e61 |
| SHA512 | 4b9f0358e6b8651e2bb8be15a7d9ff54fab4858f7c8661c3902e1c3be98c8b5df0fcd9ed5f9d7511f1b56283898af227c7109c41fb99492616d95c0e49c69659 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2330c887fd5c29af2af2d398d33c02e |
| SHA1 | 4afff132eddac12f3c7ad906013cb7724445a609 |
| SHA256 | 4c6a9873c81edf538a060aff4e3e156f8596bfd9020ea619993039e07e86d626 |
| SHA512 | 1d5c0d487206709c77ba18c2b64607a28e671e303f633f82d3f90340c8e7aefa7db7df8c5b5208e155791dd6f5c2b08dded15d5f4ebaef1b6b7bbf78f02576fc |
C:\Users\Admin\AppData\Local\BlueStacks X\Banner\https___cdn-bgp.bluestacks.com_bgp_fle_images_boot_promo_com.dts.freefireth_1.jpg.tmp
| MD5 | 57c1f945e1d8d4c27f7c3745afe34902 |
| SHA1 | c293a5e6e7a1b9889c5828f6dc248ca8610f7f28 |
| SHA256 | 3cb13979e72c8d692a1ebadc7f902b9d2ab9eb83c8d72f875e4014383db547df |
| SHA512 | de66fdd898edab551ac82a27277c69bd322bab377eac54fbbc60253654ee40a9bb1ec2df6c6c87f0ff52792fbd6de45064a3e9d9532c736a8cbb1c75a7a4085c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7384fae6ec145306753b1108996fb9fa |
| SHA1 | 4c19766ef763d24ba789917dfc8a502fabfb9952 |
| SHA256 | 9a030f56a2a5be3dd3e2ea1a45514aaaa96fefc98983a96277d4e78627b3cfeb |
| SHA512 | 6910e9c42cbe99e3020e161c42f71856550023f4de70cd6cdf81e5cbb2af0e3f1a6853b13d5efe608ad6066d0dc6fc49946473dd3ae5d8e6e44afbe78481c609 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\error_icon_72.png
| MD5 | 4aaf83d2b3fd56ad806708e60474df39 |
| SHA1 | 144777a265879b69fadea3eb3ac6939458918578 |
| SHA256 | 84e59d14d9433e6c3d92daeb8c443063b5e3be6c0b297f0403dbde473a05cb3f |
| SHA512 | 3b8485f054fe6ed2374bc81cb1786f09741219fbfcb22503707b11cf5db1ab262ba4349633597d5d9ddabc3415b170fa8eebc932f58d211d7092b8fb96fa1304 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\installer_minimize.png
| MD5 | 38b539a1e4229738e5c196eedb4eb225 |
| SHA1 | f027b08dce77c47aaed75a28a2fce218ff8c936c |
| SHA256 | a064f417e3c2b8f3121a14bbded268b2cdf635706880b7006f931de31476bbc2 |
| SHA512 | 2ce433689a94fae454ef65e0e9ec33657b89718bbb5a038bf32950f6d68722803922f3a427278bad432395a1716523e589463fcce4279dc2a895fd77434821cc |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\setpath_hover.png
| MD5 | b1e53a76b6ddb3ecff52bfc1a8e5b09d |
| SHA1 | 012b5879e879fa25bf48e4bb62c35ee829eea571 |
| SHA256 | 2da3f9367c847e47131370dd163f611c4639287512a47f487e0025c5665830e0 |
| SHA512 | 4369891858b4adaf9144636c44b55979290177bcff57f67f341071e42e90f992531024e122c0bc5436ddb8c55e994e7b913ec37137a642dc0164e6e2516f0b68 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\setpath_click.png
| MD5 | 624e84e9b49bc150043aa9fb0eed2822 |
| SHA1 | f23f2a4ec609e3e9cff9319533e561968ccabb22 |
| SHA256 | c94924e95a49b175c8fc00bdc2821bb70a85b864cc193becc553b32f0024dde1 |
| SHA512 | 288e1954d29bd3d22b56fadb2e0d3d10580a540fa1f2bab1284d957708bad96df5e38b67c6dc14784e1e275b89082c57370b786c0d0c4307601c0d2bf3704460 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\oem.cfg
| MD5 | 880dbbc36b6f1d4a6ca9a73419564776 |
| SHA1 | 1b4eaca846ca50a9fecb6a741dd19973eee9e557 |
| SHA256 | 0d111e0260b3c11e1dae2b5328bcfd2d1fb21f15f5b49064bd07e272a8bb0822 |
| SHA512 | 19980cae5bd279216d737cdabc9e9980c74f8918234879b9d5fe9aef1e265cf426931e9db798e2582399272258e18dc04d817b0dad6557010d04b6ff7a715322 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Newtonsoft.Json.dll
| MD5 | 3aaba077f88029f346cb16e35b83c06f |
| SHA1 | 1497eabbac624d4c46e18c9b94b95377e3924b41 |
| SHA256 | bbe9ae0b3f451cb885a8a91c096713bfeefd5fd17bb52ab1f70f61d6220b64c1 |
| SHA512 | 11622634b96c7696854d44b3898bb6739145ae2440d112e46e94d11d7f4a8ca7ca04d701ebc561670c325e248176b04c5d7aaed0dbda397a0483796a596934a8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Microsoft.WindowsAPICodePack.Shell.dll
| MD5 | 46fa58ad3cadfca4307ab048a7002cf9 |
| SHA1 | b4ecb62b57cfdaee0da8bd67ed9252669dc88bc3 |
| SHA256 | a64bcae4784ffd95541f7ebc72cd7e52c00ef7545a8f743071192ab73735c573 |
| SHA512 | b137070b9733901d39eb41f326faeac853ddd2af3720c39b0657811860742fc4b9d8266bdf5417889493f62b3c7c19930e6bd3e38d28a26babda9aa36b685f68 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Microsoft.WindowsAPICodePack.dll
| MD5 | 2f47d71fc14c6f4d8aa7c09be7a224c4 |
| SHA1 | 7917dbebaac77ff55691d791735d2f03ebf0f0b2 |
| SHA256 | 7114040ec7f4afd81955eea1a4f506e5effb52a015df6c11c68081e48f86e80c |
| SHA512 | 699f6c4bfdfcf78e45561ecdeb1c0c72e1890dce06729ce62fc1fdc5ef25e7f6bee62c2f90acf929ea855de8324d69cc2418f141442e29005d849b0b72387d7e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-Common.dll
| MD5 | 94a049c3275e3af7031582e2aa9a412f |
| SHA1 | 0c488da4104ab782cd807470cb157b5977fa34c7 |
| SHA256 | f2c482281cd571b4eedafc6f8f05ff1a7fb4218ac63a2e467a0e2c070930bba4 |
| SHA512 | 6387657e4f28ffcc1f164d8737baaa1c9997318f1075e86a42f57e2ece8c805b9f48bf255d5f839e567bc8d9ad185d7efb3e1787603d38b409b7baa89a5bda9b |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-Bridge-Native.dll
| MD5 | 5728e88228143295931dcb11cd02ea73 |
| SHA1 | 9b66872803f6692e38bd42d55e0597b586975202 |
| SHA256 | e2c6cb6213d0993a8e19aea8828049ebc08393b1944abc632cf405d53de86723 |
| SHA512 | 8b5fcb3eb86380c17b9e2db7d336138553edcfe27208511f976906202e31ef88f02c3b18c76f8b0d2358036412fed498de2c156456cd5857b4bc06c094f69683 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\setpath.png
| MD5 | b2e7f40179744c74fded932e829cb12a |
| SHA1 | a0059ab8158a497d2cf583a292b13f87326ec3f0 |
| SHA256 | 5bbb2f41f9f3a805986c3c88a639bcc22d90067d4b8de9f1e21e3cf9e5c1766b |
| SHA512 | b95b7ebdb4a74639276eaa5c055fd8d9431e2f58a5f7c57303f7cf22e8b599f6f2a7852074cf71b19b49eb31cc9bf2509aedf41d608981d116e49a00030c797c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\minimize_progress_hover.png
| MD5 | fc2a0361a751177d3aacdba9c31b2682 |
| SHA1 | 0a8f672d7a8777d1106e3b8ee36bd6e45bd322ab |
| SHA256 | 1a4aaa46893e2a9b011c478fbb0cd0e84c199f9f3520703189640088969ef5cd |
| SHA512 | a15542c90972387133d86f6a94c17435432b1493b02502533c4d7978428ed7d44a7d3c5564fe08946561638f8a5a3dd0b35b81979c2929dcc386ee5f6f7ecccb |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\loader.png
| MD5 | 03903fd42ed2ee3cb014f0f3b410bcb4 |
| SHA1 | 762a95240607fe8a304867a46bc2d677f494f5c2 |
| SHA256 | 076263cc65f9824f4f82eb6beaa594d1df90218a2ee21664cf209181557e04b1 |
| SHA512 | 8b0e717268590e5287c07598a06d89220c5e9a33cd1c29c55f8720321f4b3efc869d20c61fcc892e13188d77f0fdc4c73a2ee6dece174bf876fcc3a6c5683857 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\link.png
| MD5 | ae2c73ee43d722c327c7fb6fdbee905c |
| SHA1 | 96f238bf53ac80f5b7a9ad6ef2531e8e3f274628 |
| SHA256 | 28c0abc6bfe7a155815104883a37a53dd783d142300471064c95eddf3cae0eaf |
| SHA512 | 5a1e341f727cf1cb4832cced8e96c5a74971451629603c48bfb91ceb4561d0122ab9ae701f8b34681d5f13115a384467d430ccb8282494b40f4577ebc3ad825b |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\installer_upgrade_image_bg.jpg
| MD5 | 3bb85d2c8cef28c89a2d07adf931e955 |
| SHA1 | 596d13e7742455afce8a534382b28cfd2f6aa185 |
| SHA256 | b7f75233e633107d50f24ca82099225c83a832571cd2ce92901f2db3897f058b |
| SHA512 | 7075fe989d69ad5f0f4cca5fbbbabad16e0949c2ab8538f3f96020b831a4ec1cc3a701dcb7332e577b5eceba230449efbbf8e288dad47a53d76e40c2337dc730 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\installer_minimize_hover.png
| MD5 | 18fb6465b029206477d0222e8da6fdf9 |
| SHA1 | b7f91e5e3002a5d3c84a30ca6cebe1a89a65ba7b |
| SHA256 | 57aae4bf49dcbb0ad6cff6263200015c89d7752dc75c2ad918bf846e1ce9646d |
| SHA512 | f045dfed35ea9ff31336cd354a0dd2e9a7ac2582cea1d25a444fffa3bd01e03d73611f786873a81a27a370e5ddb3a6043713e29f064d274088df1c925eb6785f |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\installer_minimize_click.png
| MD5 | 08fc39a69fa17e0f529915919cea1633 |
| SHA1 | 2966a3f739698e2ce368585fb7f6ac4eae4497b1 |
| SHA256 | 2599d6a55a8e12b1f05a6e8982d55559151a25ae3690e6637510b6283622dd95 |
| SHA512 | f5eae902f9b631410b03b6d4f9be1b4cf6547a94f1a2eee6bf70b0f3036499c01a42c9d58cf98ffbe10edbe79577a01e64faf0e527a70bc9470a1c3d9263b805 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\exit_close_hover.png
| MD5 | 92c2bf222d6ab81fe7a0c072bf31c107 |
| SHA1 | 8853eb08a2aa3e99fae6dabb9cff6461704f2a2e |
| SHA256 | bcc053a9a087e077d58114106d29701a34f7851f4052f3157102811355d3e709 |
| SHA512 | 6548d0038f4bda1db69de0729cc9648725d744953649a396b9147afb16abf018a5aef7ff7d3bb019031863f20c81bc202d6e37d171027ab9fde3b37402e179c7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\error_icon.png
| MD5 | dab2c4538a83422b5deae0e0de9b7a30 |
| SHA1 | 78c2ab2271aa4020df1e0289bc3c1ba9a43fd424 |
| SHA256 | 666ad4fe456216ddc06618967846ed31f81d8db5be97da6531842c0667352b89 |
| SHA512 | 24cb30a68ce117ba16edd1e94c7d066343eb265c874cd55467db2f913c01b9d776b2ad846e3414cd820c0ba10d93f132aea27739d16165b6e9dd5fbc8890bfdc |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\custom_hover.png
| MD5 | f3e05f142e742e25a98d4f5af3ae0623 |
| SHA1 | 88363e81ddef700803f4859d2f3f0b4af516bbf3 |
| SHA256 | d588ef0eaa334ed8482f32e5839a7ee0d0b544d5b8d5f7720b8c57010e080424 |
| SHA512 | 5f07a7163c9834564dc4de5a1a484ac8208151bc244f8e72d64556abf88c35f6a81dd6718a3e6f681265c10e2dbbadb07570fa64c31113342a88fd605019496a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\custom_click.png
| MD5 | ced07c9db242115400e159d9a02bb7b7 |
| SHA1 | 6f2bebd1714dd7522479b5f3e3f2b3f0d18e8c77 |
| SHA256 | 1318e0f34a551edae1e82818fdf7de5ac627493db5b24556d919f525052d5b90 |
| SHA512 | d52e63792a5b4172d4ac4e2d369b22b170578616d04de5a40be15b260a2741bf8158b3aed9509760c334283360dd13a4fa21538fc4547ba464be5dd700a22b70 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\custom.png
| MD5 | 03b17f0b1c067826b0fcc6746cced2cb |
| SHA1 | e07e4434e10df4d6c81b55fceb6eca2281362477 |
| SHA256 | fbece8bb5f4dfa55dcfbf41151b10608af807b9477e99acf0940954a11e68f7b |
| SHA512 | 67c78ec01e20e9c8d9cdbba665bb2fd2bb150356f30b88d3d400bbdb0ae92010f5d7bcb683dcf6f895722a9151d8e669d8bef913eb6e728ba56bb02f264573b2 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Assets\backicon.png
| MD5 | 7ff5dc8270b5fa7ef6c4a1420bd67a7f |
| SHA1 | b224300372feaa97d882ca2552b227c0f2ef4e3e |
| SHA256 | fa64884054171515e97b78aaa1aad1ec5baa9d1daf9c682e0b3fb4a41a9cb1c1 |
| SHA512 | f0d5a842a01b99f189f3d46ab59d2c388a974951b042b25bbce54a15f5a3f386984d19cfca22ba1440eebd79260066a37dfeff6cb0d1332fca136add14488eef |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\concrt140.dll
| MD5 | c4fe3f03efd3188252caa101f954ffeb |
| SHA1 | 98b613aee45c71aed9d2be0d61d7ace323929e9c |
| SHA256 | 95bb425be3d515a6a58f7399d44dd9e032baea11667dfdba29517c460171880a |
| SHA512 | 80018e0bddf079367d3568433a5f89f0144aa0a75286b0105fe32aeeb5d80876c9b2e1ecaafb70fb041271e27a234a2cb88a2d3d160a4aa3768ccfcfc574704a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BstkTypeLib.dll
| MD5 | 14eaeddcdf2c09f7fb65ded924189684 |
| SHA1 | 479e6d68e8498d841089b6e16b0492a0a54b570b |
| SHA256 | a21e6b63ae0beb3e3e83fd0d845736f971375107278028a6c1b4ebad56483552 |
| SHA512 | 8c438ed3313e18edbcc597ec0ca85a48c521f2fc9cc59102d3401f385f0a4cb88c1b31a9427fb6fac494cc55fb7eb52078fdcfe43c678c7d372c06afc4b79639 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-Astcdecoder.dll
| MD5 | d557e5bef30f583512029a1668b68a71 |
| SHA1 | d91837c90d208e61ec78e9d783f14b1ce2412bc8 |
| SHA256 | 92ce421b8c23faba144c0923c41f45051c2d8ca3c9835f0fe7242ba7881341d6 |
| SHA512 | a0b1636748e394908bf72a7325e0d71cda1fe79f1d36be570de863b1e7f12e73917d259e17676bfbb469b2d8b5813657d465131c17e25c9cb5dad5d33e354e46 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\d3dcompiler_47.dll
| MD5 | 5faba8b020b313253703b07591d00379 |
| SHA1 | f5ea546901c3faf60122a4ec2d15a86b916d5d10 |
| SHA256 | bef3c125122bb459434bb02e763454cc21454257a78e63ceabfb5b347d46efd2 |
| SHA512 | b23f0df210b25996953e51ceb2304bd85aaed33c41c75ee1577f6d76f37bbd2a2e96be0ba7561270e23b26cf0db2c8ae60567cdf91fbbd2d0577ae88e9ce3939 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\libEGL.dll
| MD5 | be6ff0ec680921380c04331351a1ca2f |
| SHA1 | 164a58758bd929d3f61f5193494dc4ea188c34c2 |
| SHA256 | 5e287e7e884504b524dc4610bebe79e013f0bc6f87fe788dd1f5562b70a6dd65 |
| SHA512 | 8603d539b08c32a9777eb5749ea9707a26a025dee72e8b44a34bc7e5270d8d88004a3dc0625986b4814402a3891ce32d815a27c6ec7e0079638a36b68d13890a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\libGLESv2.dll
| MD5 | 35b10fb121ff7c4f85636c4ac075307c |
| SHA1 | ced4a1b68ec66eb8bad69651e8d2d7ea63028f8f |
| SHA256 | 5b0acf994cd091c5c07d707219a33de7d5d9ce2038bf93644a7c3d8d64de48d5 |
| SHA512 | 14fad63bbe5bc296206656b1b6075167d4d86278e2db7afe5ec68144e7896227a07ea07d93e3a5b042deae6089984ab1ff9f38f80c9c9b128787871d13f28d71 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\HD-Opengl-Native.dll
| MD5 | c0616b751eb8f1c52de8427b55cc754a |
| SHA1 | d4121e9f308380c81bf621adf9968672ed367214 |
| SHA256 | 6238e5f6379127466162a13dce89805c02cacb302f099ab26be2f460c274586d |
| SHA512 | 4b99b9e38858b69df13f754609b18be4a19153f7062068fa66637e76b1f1ba8238c28a5d10de24c489c6e13b06b41a1b30ba751ed734bed39da56c258af4d3d5 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\msvcp140_codecvt_ids.dll
| MD5 | 4266e7bb9bfce998083d2f4f938b11c9 |
| SHA1 | 23fc9c4c9de9fd3e71941df86e26c4dd44f2a95b |
| SHA256 | e1ee6d29e30708ad5812035626bbc1058ea12fd5503d5a79d28c9cb67fab4a14 |
| SHA512 | 5dc1e769f973aec3f0f766ad7c2364a184b9f71c1266f5e5a874c3e63ca7082e9a2c38346d387aa516e2f23acaaf62979434819697b2695644883ce07bbfd867 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\vcruntime140_1.dll
| MD5 | 7667b0883de4667ec87c3b75bed84d84 |
| SHA1 | e6f6df83e813ed8252614a46a5892c4856df1f58 |
| SHA256 | 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d |
| SHA512 | 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\vcruntime140.dll
| MD5 | 11d9ac94e8cb17bd23dea89f8e757f18 |
| SHA1 | d4fb80a512486821ad320c4fd67abcae63005158 |
| SHA256 | e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e |
| SHA512 | aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\vccorlib140.dll
| MD5 | 7ef7eab654df53e087ac4703c9ea0b16 |
| SHA1 | 743dc76d168326b60f09347945fe1342a6effc4c |
| SHA256 | 13e568fdcde1b7b7f2d1c97a474bdb8858f5ab761157f0fea7201ccecf84b9b8 |
| SHA512 | 0b860f10c03acb3866e82fd6044c29d63a2c6a1d5f6628f3d31f1cd1e44d7144e3660df3446b7a0b76b7811b261675e5aa39fb27efeec060d287fde3e630edd2 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\msvcp140_atomic_wait.dll
| MD5 | 1d2a0d23e35b93464bb5b09e5e4c02b2 |
| SHA1 | 04d1a1eed3868433c5b7652ecae0fdcd29e1ef39 |
| SHA256 | a577b5fc4e3a14ae141657c30a38d11ff8593135e51e55485b252eb821d47e75 |
| SHA512 | 18a0db760e4c4d9c4e014cff5ee0f433b298b65fdeca95b8f5f172b9bc534a1c7f64a1b2751b90e89cf76f41ee1ab468415466d2a657905eca9835e41cae264e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\avcodec-60.dll
| MD5 | 5c9a91c44c5646c0d7d2ee4cf990cb5f |
| SHA1 | 65c34751b36fab3d4bdf6e79e34d1e9ad50c3291 |
| SHA256 | 639f445c807dfef8a42a5e1bc0b1a19f82fcf2523b46820c60465bd47d8e47a5 |
| SHA512 | 11f227a0431451e15426e5fd34fcdb69096f50d589762e2f17ff834b32f70d5305c5e707eb61efe07740f2f001405c905a7ebaf5b0e91b4b040a8b14062ede3d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\libOpenglRender.dll
| MD5 | 9cf4a61fc72929fe7aebf070ea3d28ad |
| SHA1 | 682a7f09a4dc0964e8063d45209321cb0ca2cf2d |
| SHA256 | 68321dc5898f921a21e536ad8a46f208c18c63d30611d14f2e39fe50bea1c99e |
| SHA512 | f9fb81089ab943f1ef873b69d9979d12041faaf14dab57177bfcdf909da00274ba695b94fd01a64e51b2504444d0fb2d5295b9a64df2307a0e65e7877fa0510a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\avformat-60.dll
| MD5 | aaf5e285e8e8ed6a6e428b52728ed18e |
| SHA1 | 89794b8e834a617724f24aa18de745f413221045 |
| SHA256 | 17e49a141502a26655cb3adec68c45ea19491e713eea13b1c3c35e458e77cc1d |
| SHA512 | 67cb2a03ab2740ed4f10955be1c2b7025f5e16e1eff7814fa6176458cc676dc892dc4b6d53ab0ac94be1c6176916f29b49d9dd3e1dd8e08c002d968c90eaf051 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\imageformats\qsvg.dll
| MD5 | b90e88e9952dc0a930895feab50348c0 |
| SHA1 | 768a2797e6d0732faf54ba3994a804374dc9bf98 |
| SHA256 | f04ec129d462e1bbf3fa4b8fefacab7fdaceafd4a2ecfc50a677e8c85f7238ea |
| SHA512 | 3d573d87bab03edf59dad9c30381e1f6da140c016967cfec801ae335cd6eb4d8bc169c03602d457974ce1d61667c13973f7c6ff57881c7ef416b20ece7039f15 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\multimedia\windowsmediaplugin.dll
| MD5 | ecbfa8c49ca2fa398553fb71dbc3f2f0 |
| SHA1 | c20cf6528683d7d85d2498bdcb99816466b92c33 |
| SHA256 | d1ac17c7c60869dd6c974a443084e7b5956e8d3d15b36327d9ded665118577cd |
| SHA512 | 8f1604ea33b8a6363af531a4b8ce4ce8564a4e18e9c796f9a311181ab970aaa8339c286e924671b69b06fddcbd5580f40faa6f63b21e91124694fcf422b929d4 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt5Compat\GraphicalEffects\qtgraphicaleffectsplugin.dll
| MD5 | 40a9f3952037a83b01bfed728be9b2de |
| SHA1 | 61c643498ff17937e3e42925733220e88e207551 |
| SHA256 | 34e10130fb528670c01c03c3ab9e1ae7171df0de477211a050e797bf9b0eaf2f |
| SHA512 | 76d8b87dbb1ef249f9b46ccc57014a8d88b29c9603d2502993c30bfc8d394bfaa4caa2b7e1bc05de28ce65a1e82aa71e3ee493426b929ca1218f0d6cc9e77e66 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt5Compat\GraphicalEffects\qmldir
| MD5 | dff2761c6a369bb68fb64757f2ce7a1b |
| SHA1 | 1b8f6975a6ace9a806aa332af0f90a92d4cd3b38 |
| SHA256 | 746e523c5ab620100ae9331b0736a7b76013b432982c9aa68c10cf67fba0aa89 |
| SHA512 | fae63c67b220913fc81f385e9de05f55377eb3bbc1ca3c5d3f51a2aef05532631c1c9d34013eda3a4bd88b98cb86d5e5f78ebde6ed48f0737a16b670daf202c2 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt5Compat\GraphicalEffects\private\qtgraphicaleffectsprivateplugin.dll
| MD5 | 329586d78bd77e76e91c50602fd2c956 |
| SHA1 | 0a9aa198a6b1cb7dae7dc6d9faf8242f4e1acd7f |
| SHA256 | 19922327ad13710715304f6734ada287f6ca3fcd5921e27d5daa155381d03cb6 |
| SHA512 | f99747692ca92a1e5df9367d77ff20164e81fd0a3a986868555f935667bcffe290374a4b90c22a0cff6fb4e56e5d30da7a717f1e41d91fd66f94cdae7e9023df |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Core.dll
| MD5 | b5fdc51aaabe8c0f1b611e003817b3e0 |
| SHA1 | e856cfb754a1f753c85f10e3e51914b76c916f5c |
| SHA256 | 8a1af6b5ea341ef0d01573a9005e5c68206cfef6853b5584e8a737c26c9d9ee7 |
| SHA512 | b9d9973d34087dad86a0b6fdaa0a8ffcb1261c73782459cdd16675001bea9333039e9a75da98c4f2f24891931fd4ce7dfdb090dfe046d47ece6b5ada99368afd |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt5Compat\GraphicalEffects\private\qmldir
| MD5 | f1a067104d9bd191b0f3d848a0fa6d64 |
| SHA1 | 53b15433f57c61c540c493963aff6a77f9fdff45 |
| SHA256 | bb9481e3e26069623c4dfaa9cb9c415529d084edd67edda1595854421bfac5ce |
| SHA512 | 71ec428d3ba43ea5c544f25dea40e58cc3f8605b6a15ea4312427003227637a99e74cb0e8f04a4a95a726026a65c2c02a31c1204db00dfac259298b3cf91b381 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt\labs\platform\qtlabsplatformplugin.dll
| MD5 | 5995705b62f1ca954f74b0a59dcc99d5 |
| SHA1 | 342077d1b46d5bba36e4f0333dd7258f55ade651 |
| SHA256 | 8df3e0528be697ca08e5c82cb2e77131bacdc8f2ed9324d14a3ce7fb8d2c7b25 |
| SHA512 | 5d391cfaa898a0501f54b5a6248b111f63950731427944d4d40341e4c0552692e8178297bc31e63fab4106d30099defa50785565eba01e23bee8215b0fe7f493 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Network.dll
| MD5 | 794760c25a8de30dcb152808dd5b7416 |
| SHA1 | 8a4fbca5e2a29e56e5d25db6912a23784fe1a644 |
| SHA256 | f6702966e341d9a2f1707df5833db984205b3717fb5ce3cd2a37383ac347905d |
| SHA512 | 7d03a3077644e394aaf0e9ebbb1dcb28c4394139a508006c4134891670541d599216a8fcc1e229debb84ddfd0c2248392510597e2fa1073675e01728a0d8dfd8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6MultimediaQuick.dll
| MD5 | b5a48a332e16e6728a2d26714c126c49 |
| SHA1 | 5f6b55c7a2eb5afe58b5c09185d2ce1eb97e4518 |
| SHA256 | c87fa93fd57a6fb2f7d10e9c45ec09c9cbe1298ddd5f4d7458ff896e99b17b85 |
| SHA512 | 4a5f92f87c6eeade882d088ef6c46cc93a57786fb740422806e6a603db4dadfc9ddd018829add5c59db40ed86a4d5d25c933d97b712cb2b757a32a7c8771037c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QmlWorkerScript.dll
| MD5 | 48f041709a6b31471d6eeaa090232d19 |
| SHA1 | feb934bde6bc8d4042e96b579b7b8a2b01af3679 |
| SHA256 | c52c62b7feb5491d2d914ae10478f3a0bfa3fb58cb75189932f5dd5ffad31b1a |
| SHA512 | efd6169527836c8088d78741b2d813176ffd6050536187323d19e41ec1ee58eaf28ef51412665fab2425709955d046dce370f5d7613c64d2713e81111140482e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QmlModels.dll
| MD5 | 3d185167828e5b21ba37d2f7a366aa6c |
| SHA1 | a865604239a8c960695512e494b6a876ba052720 |
| SHA256 | 846d37da5d81570c08824fccc2a1fa7b10b40dc15bcb2a71b9da553b87680992 |
| SHA512 | 8d41b405fe4c1881b2f6aed9a4d655ed9a3041a92b977ef7e48ab7f27af1e61f6b8c97b48946a15ba7ac3b99ef06186670d42bc9f0f68b7f8e02ae79e0de8f55 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6RemoteObjects.dll
| MD5 | d1996fa4136cd8c2f643a3770ecf5f5c |
| SHA1 | 74cf4b91731a518ee3124ce649884a2757d9c615 |
| SHA256 | f3e3ae32eddd2290021c4e55ce3b519f2000d20e7e648102a1d0a3976e718e47 |
| SHA512 | a9f6af09fef0f94fe7cc50a2f98e28a8148d91dbbef081ca73011f8335bc9a746e74d55b7a94d879a10ce7a3cf50e69113a9296d29beb8f5366f5be8c9d788c4 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6WebChannelQuick.dll
| MD5 | ddfd4bea4e325844d083ca06be370a61 |
| SHA1 | 85ac85fce3ed43db9cb8286b74a33e01b4b48b65 |
| SHA256 | e842737a7a88fd6e7822d85a93a8eb0b7873f09cf1c5ff7bef21b53d2c4dbf41 |
| SHA512 | e462089d9f01b93efb769bf75dc64fa8fb275aa3a37fe48e1a3d1bdd33a9f7ac9125f8fce538d39ec05f493a673611a69cc126d10e7e55212472d9a7c4c9e37d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6WebChannel.dll
| MD5 | e1c366b3a51c734adecc49be9a0142ba |
| SHA1 | 342d3d3f03f3b56135b0f59a6f2b5191e3900b20 |
| SHA256 | 52653500fd113610125240f5d18b64c5373eb0b75c8fdcb2718eb68ba02acb70 |
| SHA512 | b84b4e3c1335277f8e94e297ea827cc1ea787a6d4508435b77d7c93aa093ee3aa81b2e6b6b1d87058acca4adbc42b3182e08db5d9ffebc4e683e70cec106dbfb |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Svg.dll
| MD5 | 3b75cf39102e5152a34bab94edf82167 |
| SHA1 | ff99d035fba6f8e20e7ea5fecaa3435dec919cde |
| SHA256 | cc8fefc7bff06fe18e7994039b0943a26b3fed4d5c9b09845e464bad3adf4f66 |
| SHA512 | ff46d4a54e4b4c7915ee5172dc8e6b176039fc6c180cd49aba2308fd7143f49529f96471d0c7e7a0f9abf101600d4414a765fd0b9b7b80c5698918b1a62cefae |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickLayouts.dll
| MD5 | 8a386180bd4c11a96a1ff7b2a9b47320 |
| SHA1 | 3a25f58ac2dd640469730045f77a1c8d36349c84 |
| SHA256 | ba807b732f8b380118a0dcab28aa75c2df3bbbe1952f0b14164430a7d348bf30 |
| SHA512 | 6d0ccec63889f4d7b54aac8ed97e11b5ca2179ddc0174b0fdc111ef670497f349e81e4a5961abd1d4b260ad9cebd25a1ee2c5ad8dde7a9a06192c52152498e4c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickDialogs2QuickImpl.dll
| MD5 | 1fed3fe9d304c1083e54ea30b383635b |
| SHA1 | aad2eb155460089e8d6d3cb00821bac8c5d00e7c |
| SHA256 | 2560952163e1de8d982e669dd271bde723e32b2c93de6721e3ac6174fee91cbf |
| SHA512 | 1121193477e8218e9aee2fdbdabf5b43f42f922b2af72143240e013268b6ba1fa4a42bb13099c7ba6e190715854798488706c44158408e2ebabc4c0983f7b099 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickDialogs2Utils.dll
| MD5 | 0206f58a2b914da1ac21bec6858cd61b |
| SHA1 | b0169cdba3e35229d29809e7da759b1fe198707f |
| SHA256 | e54f5c10133e2b331c5da0095dbee0b3df4c0f29f2341db9d3878ff5a825209e |
| SHA512 | 98e390617a5cc898d45ab3cb204a9c9a688158487e1bf55f47f3e492d9a66edc9e47a99d4610c39834b2488d06a8c0edb634a703f0188293eec6094fcb77c9bb |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickControls2BasicStyleImpl.dll
| MD5 | 8a6e9a37ba9e1b09c20db8e36ceca0b5 |
| SHA1 | fd2ab3d9e63dfdaaad1c5e0913e8b8988920fbd2 |
| SHA256 | e584ad5196ba39477c82b53c4494e2634f1d680662366e13e9d196974f4b09d9 |
| SHA512 | 462e37a8d7f49f15c62c495e4bef728603b37e3d521637c04c1f009b55acfeeb9b3f782f43795ead5a280663f086018a2197b665d82bafc275b3617b17e9e1ff |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickControls2Basic.dll
| MD5 | 0efd67dea0c545954384c802b361830a |
| SHA1 | fbc6f799b9d048957dd58975a358f0c5706af5bb |
| SHA256 | 241f93951bd5354b645dc85db5fb4f886e7486f624bf007ba7d233a89e5e4f0e |
| SHA512 | ede83a52bcc79014fc752360f2cc72d7c82cc2a4a3daf5764758b5a200c434cedeafa299012b4f47f84a38004f449493010faa7e5dfb734327041d42cdf2e0b7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Qml.dll
| MD5 | 903ee7dcbc454a86d6eb9827ea627966 |
| SHA1 | 2fd693ba9ea121e2055f12a966028f2264ce9275 |
| SHA256 | 578afdb3822eac599b48f6e101a35d40744afcbdea8f35bf3c69b57004c8ad51 |
| SHA512 | 042bdd2283578faeee87d8f338e47db5b138e0118de24fb4533c353e8a4c7f5d99c7dd6ff699a8d9da706dfc56e5d712d285e17e2088a0c56b531206cfef03ae |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickControls2Impl.dll
| MD5 | cd9c82e899b96d90664d0fdbd3b9b328 |
| SHA1 | 533d7cbd433d88aa815e530c1898d2436c5cf26e |
| SHA256 | b1f431714c90b70c990378f4ed8d598f333125803a8f891b5f5d49d62f37045f |
| SHA512 | 539e7f6ba69be8d86187aca70af18e59104098a7979b2258e6a6b6459d3a40b34c70ea26af524d4961b0de3da6766ec672d36d6f8766b2c17758661e5d448b9b |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Positioning.dll
| MD5 | 5918eade11bcca3d515081fa588d8483 |
| SHA1 | a83686f6612786a3749431a810b90cbbea6e4926 |
| SHA256 | ed4660c36afabf34e5ac18430c94ef82122e770c28a3f71b88a09fff0cbe7a69 |
| SHA512 | 78167e577f241d0ebf2fdae86bf4d89410c36043ff8bfea7544942d779297434e738db5c8d8f928d13244515d9fbf3535c8e8adbe99d351bb95242cf9cf73bee |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6OpenGL.dll
| MD5 | 7e0773c305ab95833cb14884766fdad1 |
| SHA1 | 566c5942e445e42ccda7766bbb2c7a5ec7219948 |
| SHA256 | 5180dc9d9394d8c4de756d6e97e6f12e4f27639578124236589e08ba837f0d3f |
| SHA512 | 809599445c48b9fe486ad157891ba0459d446cc268374419f64650dbe2b11d3848d917811115aa11ad613761da9ff556a788a81cb2c5f390cf7150fd2fb75c39 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickTemplates2.dll
| MD5 | ac8c3b6ea0500c236b1f78f7084bfa2e |
| SHA1 | 3d93090b8d5b4023287fad1834413cf9ea838ae8 |
| SHA256 | 9ce15041acffb2a9c2967cfc8144f4353f26b70113ee7e0f12ce582fb6cf4a74 |
| SHA512 | 269d7fabf3dd5819402a0dd7fb2b7ac81abeb775ffaf4995f00acade78cfca81613d89476638c110898e9e1522ef3c2a477f410efc33860ccd6907b27e1dac4a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickShapes.dll
| MD5 | 70b3be941970285ab6c5df7da09c7995 |
| SHA1 | 9e9cf814123537cd6b4c2c78821d639457172e04 |
| SHA256 | 96c7d04941ce1e2aa053756c24cf770eb21d5d87488d12e0e52ff1aa23f2120b |
| SHA512 | 6a0094d53fd076e45ab445435590e3c36243517d97e31b054180298d9873d67986554be182e07a4c87f7ec03346c567ee2288e12d0c8bf7f9ffa2bebe21983e5 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickDialogs2.dll
| MD5 | 8edd41e58cc4203d53ff49d823afef39 |
| SHA1 | 38dfd9301113737d4d6fe3444e048d1bf4dd3dc6 |
| SHA256 | bfb0dc7f2d715f203b19a0a39f16542f00892c7c7d2c9789d878f97b8e646b2d |
| SHA512 | 5f68ef40292ba9133d43b259fd1441813ec130b935fc6a664a892fda75fadef38cd332b4175dc038ff75e60b4285c4992c0e61f6267e2961a2e0b1dd32045932 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6QuickControls2.dll
| MD5 | c6a5d1d04232d1f649ecec45b6a3f01b |
| SHA1 | 3a11301f621170b0aada088753f83b1c917edfbd |
| SHA256 | 3e8892f343a7850884d88935cf67c28a97e186271c34d33dda7e5d0c83ab22ea |
| SHA512 | 39ca3971179a6b11b1293d473f82cd22f8bbe0819773c96d9c952a42c93cff12e6050eab6b5b8b618c66ee93f72fa0862d271c1318e30c305e1a8cb828a2303a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Quick.dll
| MD5 | 59511eaa8c0fcb1af74123efd644e849 |
| SHA1 | 3538e0948e97f898745b0abd268ce15c97d00715 |
| SHA256 | 5deee180c5947e3370cbde40ca5151367d8cf48879fdae1d748fb1ee995744f5 |
| SHA512 | e2373982457febcb021e9eff401df3092d9edad7134e87f2ee6d0717da2df8ca47d7d089279c396502235a9ec4cbe748ac53a6613ee088f1fbd0814e49f63bf0 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Multimedia.dll
| MD5 | bdd2401c24e694769007d290744fa00b |
| SHA1 | b1d5b2333a643fa3010fd4d1de8a403f6a42f033 |
| SHA256 | d65d749813c1778264115ebd03ecccd87628dd1432a03560f13b009330459306 |
| SHA512 | 922ebff563f4c9a2c04526ae9b3d0eb63a4a3e2a60bb3843c08aeded55f6cce4dff247ddb70b44ff31de9c6e49fd9af78cbee45b4b05b2b8e6264fcb86ae134d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Gui.dll
| MD5 | 817b182e009f388672445e69144f8543 |
| SHA1 | a66cf9f9909bc2c4306dd7a6382965eedebbcde1 |
| SHA256 | cfce665b7c477ebff815fb27a9b55d0b629183c0cecb5282a87bad666d76daa8 |
| SHA512 | 3e7ac5cf005a11d0d0e23084efce3256a342fa559c393f40bb81ced616898e03ebdf265fbbc855864d402665471010210d6ed12a2688f9fdb4383a0c659043b6 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt\labs\platform\qmldir
| MD5 | e49a668b90132546b4d746fde6428b49 |
| SHA1 | 46870297a9a52118a50b846db083215b3233b2a7 |
| SHA256 | a56a9f3e36f099d7ecdc2d0f12bb1e4bca34f0c9b6218850a8dc676c29280e83 |
| SHA512 | 1da70221873392cf25856a76f2810a0290c4ffd490cae22bc8183a3b165f645a10a2e47eacf373ff34bd1f4ec7d9352fbb814e52bc84c1bb514bc905c39134cf |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\platforms\qwindows.dll
| MD5 | b3c0fdf5e0c90b2b11ea47ac30d00dcb |
| SHA1 | f0e77ea6359b825483807c4791cc802afe584839 |
| SHA256 | 82886475a18ea367f9d409946c8d1ad99a6d926e20a40a6e2ff8edbff0dd3b4b |
| SHA512 | 70815fbdd030c0b174b186bb59ccb2705c4a9d5e04621c24f9c1e6908d0e223e7f5a3284c874ba9c3a34be92779ca3480eb6cfede5f4e2e40fbae59fb00432b0 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQml\qmldir
| MD5 | d23134f3e810ba1311f1526c8e784685 |
| SHA1 | 409d8050b045777b22529a814be8fc7daddda2db |
| SHA256 | 872dd0ad9c23701f8e551ca98f6b15b1551b3af0d4fafd2ceca61b328d45df60 |
| SHA512 | 3b113ace75caee2268f196aef8c636482b3ec84de6055fccda50eb518bec03f9b4db2f4930177ee3d4e6ac896069a3bf27d596d9c45475428c2fcdb1e3f3afd8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\resources\icudtl.dat
| MD5 | e0f1ad85c0933ecce2e003a2c59ae726 |
| SHA1 | a8539fc5a233558edfa264a34f7af6187c3f0d4f |
| SHA256 | f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb |
| SHA512 | 714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtMultimedia\quickmultimediaplugin.dll
| MD5 | 006ce437705bb2b7b296dec8d971fe51 |
| SHA1 | e0f334a24c8710c044f5752b8d958885a49dbac4 |
| SHA256 | 46af14e6e6873f6c878ee68def05934a30d1ae4328bdf1904cba00d354322c5d |
| SHA512 | a0ea63d3bbc4f072449d9a5390f8a4e2394ec927ba390084c786446a72c8ba4cce94f50caa910a2ebca8b70d8ed5148542b08aac746db2f18f2902c4b2ddfcb2 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\swresample-4.dll
| MD5 | 7eeba1942a05fe865cf997fc90430093 |
| SHA1 | b63c26c162b77f80bff2fad565d07b34c8051310 |
| SHA256 | baa987629e36f324a77a8922ddbdea7652a3ae8b5eb55a0f03b475facdda8293 |
| SHA512 | e466a02df89336002f2f2cabdc1b9f208c150702c5e1b1679d5012fa791631b99443e25867940e5d60e812c64874a5fb2847716e6712ea6743b6ff8a36cb8ea6 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\am.pak
| MD5 | bc4c700b7c415ad4c92e3bef4ae7c4a8 |
| SHA1 | 345931d353f78872bd3b516e2252acfd72c534da |
| SHA256 | ee3bcc0a396a18e14e6ac1b4f2310cd6118c7fa9a317e67e273d5e2b8ca01d6d |
| SHA512 | fd0ca4632c6a7c166c226c8f84f3a39448b3e21e7dc1404ba912470eaaafe2c891e435d5b2c3347a7017aa5bf34fb45cb74abaf1bcb8a2a02946681ec49070fc |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\el.pak
| MD5 | 800026f5d9237f49835886db2c53b295 |
| SHA1 | 8a957b90218585fefb8c11a7d7fbc1e0dab02cc1 |
| SHA256 | b5e5c07f0a8837eee32bdb0954c1bfd5ea48e069a7fb50a97610457bb2d96de8 |
| SHA512 | c75df40d4e5be9c56fc3c5d1b6a0c2accf08ff714c62091165ff892655fc8dcfa28f3ce5129adc004b270c04fa3f63188f40320f1f235e90cbc720651b730e3d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\es.pak
| MD5 | 7d3755aa3480aa469e6172b451ebd0d4 |
| SHA1 | f91b913cd06aac123678ccdaadcbb4f0cca4a5da |
| SHA256 | 97ed628a013d27736ab03547e5e68e25392e6b47d5b531d4fa8abbf1544a65c6 |
| SHA512 | 8613d17f6234ab5cc96cbf870e63a6622994b10ab4d135255131ee57b1757b1abdcf26678b978faf49175db183300cbb09613eabac82c6691179479c1bf1bf4d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ja.pak
| MD5 | 286a4d7ee7e011a524e8f4c70592d1ff |
| SHA1 | f62452ecbbc5633bca65c6485dbfe9467333c290 |
| SHA256 | 87831c3227dad088afaf94a2dd03dc66fe14aee7c2e031c7b7798ff4b11b30d7 |
| SHA512 | 86bc78f53175372dba41be8ac4867f45e2d962eb3dab5798d9a71a22e450f6876d335fe347d07a86621d1560aa0538aa3c2180452f72076983d57d9db48d4c1c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\sl.pak
| MD5 | 790d7c9113c73b8a0274a1b5a43fd7cb |
| SHA1 | e1ed463fbd33e0731bd0c27acbe6a72841643e23 |
| SHA256 | d56f8cc78078bc7904203c078425d7e5ca943509e6ccc87947eb866671e5be7a |
| SHA512 | 177903a73763eca159cddd45a7b24b01f8a8867d4edc2befcdfbffc69af8191f6f476b8d6ebe0b0ff330343f005478fd375bb083288635c1849bee01ec12edb9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\tr.pak
| MD5 | 0b215cb173e45ca6b3c5b117380249c3 |
| SHA1 | 54713fc7a589a39fa51b0b724e3b79f6af82846c |
| SHA256 | c85fc7d5f699150c5643702e694ba82f94f0e630730441223a214a9d9437242d |
| SHA512 | 7a62fdc6e19613192d4d80f7e59aacd8250181f92766603eb92320a1b9391781a7ed4f058094ef5b91aa42cb92a802b37bbcce95ffd67f654d9ff690a513a497 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\uk.pak
| MD5 | 42f48e833a462cacf030bb0a0e9f9439 |
| SHA1 | 31f08d6fec67b2c296ebf2dd2193fb8d4ecaf7f4 |
| SHA256 | dee2afb40fa3b7c6788b6d8e3a775953b9b0589a131841ad9b520f580cf92881 |
| SHA512 | e24ece15476c9fd77aa84c7139823bce7216fe06e7f8040db94cf46220cbe431dfd634696165950621961bdd045c0365287693b807f54bdfe5f28d56b6365f64 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\vi.pak
| MD5 | 844b68e44ccbaac773f36d442e59a339 |
| SHA1 | 915354dc412fd0d2a60f99520462720e7796b6c6 |
| SHA256 | 8b98769b3b97df10ebed4f25a0b115f2e0b059e9adedebb96c444a71e2eadf17 |
| SHA512 | 2107bf5ee8317c7c7e9b279255df376e53eeba56185071168a8246bfc50aa738329b2886711164eacd877c7f0bc0fda7137f766be03e7fd5d3fc3e93f7df60bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b7742262728f4c5ac1a25423f2ad2ff1 |
| SHA1 | d3fce9d65edc89913dfa7f31cc00c12f57ed5c6f |
| SHA256 | 9ba83d5e211e36d018e606b38ee9b7116b26f2715458059a0bb636c4e4047491 |
| SHA512 | 8a4591167dcd1fad9b9e26857298c12be00c354456794d3d43fb79372d3e7fbbb223be292bab5e6d2f0eb638841fa706f26652362adb1b3585b62798b674ffba |
C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe.config
| MD5 | 1b456d88546e29f4f007cd0bf1025703 |
| SHA1 | e5c444fcfe5baf2ef71c1813afc3f2c1100cab86 |
| SHA256 | d6d316584b63bb0d670a42f88b8f84e0de0db4275f1a342084dc383ebeb278eb |
| SHA512 | c545e416c841b8786e4589fc9ca2b732b16cdd759813ec03f558332f2436f165ec1ad2fbc65012b5709fa19ff1e8396639c17bfad150cabeb51328a39ea556e6 |
C:\Program Files\BlueStacks_nxt\Assets\installer_bg.png
| MD5 | 08d091faf58df0ea8218d7e08140bbeb |
| SHA1 | 38ebf2763bd2082635a5971c4302021ecaddc0d1 |
| SHA256 | 7e5f6998d34d56aeca87f676c12a42c6c4362ae16a753dc567aae00e253b0817 |
| SHA512 | 5cfede2ea2ade7bbc4b63475af5eb52f78af567fa7096a2ead396056271b8745df4dc6e11e4328151ce59ab74c6c48fd49cd13e30f7f4b86c566757e310fd5e8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\zh-CN.pak
| MD5 | 917ab791cb4d24be5f369956cd059e21 |
| SHA1 | 433a3aeaa06d6066ed55718564f5980e8c6d3ce8 |
| SHA256 | 331e9240251d1191c599b09230d7ca9f8b11e51e5d94ff8bd63108512c0ddc58 |
| SHA512 | 969f4662eaec6e3788fcc5823446135657b6816cd2419d8a3839acb07bee629d3c9ef69b2bef48856e16975fe31b7ee5d0d390ce4fd121a700d096348500b2fc |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\zh-TW.pak
| MD5 | ba9709f6d6363aa06a4838ac8344e262 |
| SHA1 | 3544dd9c7ec8720c3d135b5df32e71f4b1c88983 |
| SHA256 | b81e24415243f7470f714379363157f2bd7b2d22e203ec5966878ed4b68140d3 |
| SHA512 | 9ceb5e9340a3a38507419972754563823f0b3f808b39e17d78d8a18a171231100ed2bc0c677a75da16237219071996702dd7fb8a6a6dec098e69bdad0b3dbf40 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ru.pak
| MD5 | 7cde65967d57746972a785d73223a7f0 |
| SHA1 | 16bddf07f603fa4281335a9f6c60e543aeefc0de |
| SHA256 | 2d4583e3bbe119224a4dbd80ece065a978890d294d0bc1f3948a10c33ea7f06d |
| SHA512 | c4e9a364bb1b36685d03ee7e5f1e847d99fb875151023c7ab2da446ad5d91bb73fe84622cb46da3b544854cda755912262260b445667da1d018f597f52653bf6 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ro.pak
| MD5 | 3f570679307286594588bcad66a13f8c |
| SHA1 | dd3d0a1d51ed81e8620b9625ea5d43ad513d58e4 |
| SHA256 | f916fe52080eaccab979a8b527596e7196acde3aa90b1f836801d9f7b90df1fd |
| SHA512 | 11eac14c5a26810ecfe9130ddf96732dd567f222499ca4c7a5cc363ba4e29683569e9abf37f4fe695553fece3dd9a97c57a84376340f33ac7b463c03f14a3fa8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\pt-PT.pak
| MD5 | c21418f325ad1b9d86b7957b41ecbeef |
| SHA1 | 27fef99b33f81f53cbb63c326aa386957db177a8 |
| SHA256 | 98e2b6e8c3e67da3a2069040330461f0a4b6feb05c6d3981d07b748ac191182e |
| SHA512 | 55c340510d92b938d2c696ed5c73ee3d54e9d931cc97ac2f425a83e4a25b2ebf48aadd8a06fd24902365da3ca2376f36c5339d8fd4c099aa3da8cd150a8328fb |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\pt-BR.pak
| MD5 | fc5c376e32878058c7fb3dd691de3338 |
| SHA1 | 4791055d548d678c76fdbdd50c412273cf935630 |
| SHA256 | e2a95144584d124e754f20c743ea91ed31f96d375bd24df8b0df3c411c6e08b9 |
| SHA512 | ebd545258e4c4d1448bed9a94c5e0527df06527717b0f19edf83866673705859dcf13c53af8e5151bf50da024128da28f1d697a51ae4fc4293c9d9e55dae3004 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\mr.pak
| MD5 | 69217e4bad9444e0b36b9dec6d13587a |
| SHA1 | 21d7c31c656add29346bf61cc5f01b99cac4c24a |
| SHA256 | ec720a494da509c7f6d6581bf83a7194d20a4da8fd260c4cd5590399506fe89a |
| SHA512 | 7821f7291cd3fc1fcdd5a92cd189c5238fe2bd0806f58c2e6786b253d4f67924bfa63542511a40d88edc29418fc70db64206edbcaddd5bee0c0978200397123e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ms.pak
| MD5 | 7321194b6267c9cdd0bda30e4203b859 |
| SHA1 | 86a4f9299ed0ddcf70b44aa65427a752af2dae35 |
| SHA256 | 47f77f32d6f18d95c15c0e4c04df8ba1a05784c8c671360aaf2db487520ddcf8 |
| SHA512 | 6a831e9afd3d50c698b1e6ddd18f6ec95bd07bb8d3f4d6cfa9a19b65371a430c5c63adb5276f44d3e9a7c2b4e1502f239ee793ee5035f60f57988685a918c110 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\fi.pak
| MD5 | 1fe6aff5d58a2e9078125a3eba51310d |
| SHA1 | bcd0b0afa94a51281558abe598ecd6916def3600 |
| SHA256 | 55fcad7f30965e07a749a79d4e304cb8aff79afc367c6870738b8dbe78ae3ced |
| SHA512 | f6dcaa2890347f05096de8f70e0c657b6c4c8bb1e428f3ed4d31c942f214949745afd5216c44a7f5cfa875825dd41c683f1156583646eeb1efab570ea3ae1dfa |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\fa.pak
| MD5 | 4003031412d00fd89eb2700e6be45b66 |
| SHA1 | e903cacbbcaeecf37773f1491db4be0c727462f9 |
| SHA256 | 9915278c25a19420b400f28859c504e3f82fc8d44046d769e586d6b97deb44c0 |
| SHA512 | 8e72aaa570652d3f95ec5b963a5fb534826c3b32b0ef88627bd099934ec849516bffa43e3e3cd074eefb53f63ae9c1a9fbc9df533da82f62dd099dea63cd10fa |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\th.pak
| MD5 | 3c92d82202b5169d4de9dcee45708772 |
| SHA1 | 4a7025840bcb20955c655528d23d41c155ba8fc3 |
| SHA256 | 719d26daf93fb83bd66e97984cc907a55210e0cb0af3a226bec535451d38fdb7 |
| SHA512 | 94c832de7b33e69ca8606d79ebc6a0b0b37bc61ea5e5be223bd639b9295300a9b1ba2b75860949fa7d452122bdc81f402bb8091035e79d5b2761566432ddeef7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\te.pak
| MD5 | ca628239fb9568e6badcdb848bf764de |
| SHA1 | c2d6324d2605a9e6186cc7e8dd7e341bd08010eb |
| SHA256 | 294f64705018a555ef7d76f82dfd783fd81d2bcd99d521841be0f2d887e4d3b9 |
| SHA512 | 859d07b604081925f3277d49586af78299313ddda6abe280dcf3f7be4d10a1ac65ab23db61d9babb35850fa48ef27b9aec942b049701cb251bd7c0149dc655f9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ta.pak
| MD5 | 984e4341b5b8077e4d0c76fdfd14785f |
| SHA1 | 2c41c6f0844c8e321120b8bd5808594ca686c03a |
| SHA256 | 3683217dba2149b98f418cbe50920561c6dc7d702a85dda98efe8981da669585 |
| SHA512 | 29823eb9c37d7c26324536a50fc80ee985995be8f0e59b57794c965f3b06b3e8d1fef6253b9afb4c7b8ad89386ebdeceff5920288b8ff7d5a59e626e4c9ea889 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Window\qmldir
| MD5 | 94ebe16c3ede17a27d79716cf1b00d3c |
| SHA1 | 34f50446b26c05a86018c2fe587d0cecdeb7db29 |
| SHA256 | cf518c3574e25f91acaec7ad8831e28c18fccfe15411672ea56809b2eb94077c |
| SHA512 | f19b2326600b902bb124a8c5b07d70ac2e6b6f65a02be9bf7f95b7641e9c44ca3faaf3a409b5e47b4203fcd1fa62eb49ca4f09eee0e95c7806428e58971ade6a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Window\quickwindowplugin.dll
| MD5 | 9703533f14281d6ddb3635ab0fac97f7 |
| SHA1 | bc26999f82b97e56aef84fff6b2adacfeccbfb49 |
| SHA256 | 9aea4a0ab67426a0ca989e62e8a5cd8290cc169fedea5dc6912be3d32144ab0d |
| SHA512 | 3a4472f522924f3e9a930438e514d034141732d9c0df76961dfc8ff4d8059ddd89fb89ab85bfabd5ce7493b15d3ecd4ee4b61110be4ce9cc011aac1d7612c938 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebChannel\qmldir
| MD5 | e0e05541afe2a4120f98b955aa43f663 |
| SHA1 | 8ca6194e64beef2352bd3df18770eb7cc478744a |
| SHA256 | 0d728adee8ed1308524a8b3e5234781d8207a15dd6c738b74e62246f9679d21d |
| SHA512 | 0333def621780792272b2c9af8ffab76ada8ebbb4733ecdcc6353cbceea94b83b25c861f424b9d5e37d4d63f198da76f58ed6d77196ba29483aaf1dcee786a71 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebChannel\webchannelquickplugin.dll
| MD5 | 42d0cc66b8adffd8db1c44d4c5ebc188 |
| SHA1 | 092487413fe9e4cc7d65b7fa7e7540a4f5761055 |
| SHA256 | 89e99655ed1de0d8daa34f7fd550509f0e64795ddbe4c866c66715adbdec97e0 |
| SHA512 | fdba365a2dbf7dc34bc67313ead8ed406f98412d87cec2f2c95656861c61e606929c15a834a9d8b8e339b11fb8db2deeec617a82bb4991b3f3cae268ac6b0786 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebEngine\qmldir
| MD5 | 305905ee8126ed39d5f4b5312aa2c99d |
| SHA1 | 46a27e297e6fc3846f64d23b6b54512c70ebe1cf |
| SHA256 | 9ce4a1ac66b6a7dc6950b0abf7040117c107aecf0432ede1d015d45a8883bbc3 |
| SHA512 | 2b2c9a56f77f5581ec3758622ae47adf28f790a68da61cb1759af3ba2c6c1906940d2cc9707b2ab4a2b564096dd144eb4eb453a864e36600a7ff8457be13becd |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebEngine\qtwebenginequickplugin.dll
| MD5 | fcc2017d74e088cbac65104c90474063 |
| SHA1 | 2b4d32cb48be3cad1f2bef4c6786065f5fd0b733 |
| SHA256 | cdd3e9f9c1dc7cdd1f20b0d932064f69081e84aa32f1061322dd84d4136ffec5 |
| SHA512 | 83a53d4cf8102131e2d400daeebe700da4964d80262848a72070931ed8046f2831f2bf9d37a53917ab36d25a31efc7f96e19a9495735d9985d32dee4a7afbbb0 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebSockets\qmldir
| MD5 | b37b47dc81d0ddd5733d3c3df54a0ad4 |
| SHA1 | de3b51b3fe652e502ee44061552affcbfe6448c7 |
| SHA256 | 4ee99fa9bbf2dc0c4526df9f10c54f7833fb503b508e6b2cccbe573b422128d8 |
| SHA512 | f3111cffb73bb28dc43afd5cb5ca6ba2ce68620ec363caeb7b86275def0f06236103f2d1753c731166d222918b0fb059b73fd5d6298a1a078b91a5ac038debb9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtWebSockets\qmlwebsocketsplugin.dll
| MD5 | 6162f3f09fc11878e4850c1c0ca57d06 |
| SHA1 | c454f1985b65b8ff64ff133c559ed9528c8cbbc1 |
| SHA256 | 0935f9f612bfd0fc905e86535193663cffeee560a8af83433bd67cd7291eed1f |
| SHA512 | 7b5ffa2d36938585565954b564abcabd15ea3dae56495b199f09d51bd92421e2f5da26e5e99e6a79dc24b5ab73a155fedc147a347aa4eec77a0d88114ae74f73 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQml\qmlmetaplugin.dll
| MD5 | 852714229daa6a278feb0d01f8e34375 |
| SHA1 | 92e768efc89624434a610a7201721e74db49f0b5 |
| SHA256 | c02b6e8fa0a1b93c50096f56218d38e0d15099c7e1b58ddb31b24951d3e1bcb0 |
| SHA512 | 81152863a5758f73ef72f852e4435d5b147fc130805272a676dfe3fa415eddffeea9193ae70e6834513d0bcf09cf2881bccf18a98404f27bb3b84a1b466d49f9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQml\WorkerScript\qmldir
| MD5 | 2d775cb02542905e995fd826dda7c026 |
| SHA1 | 64ecb2070786b0d83f8f01b4f0fc8b44fe0a191a |
| SHA256 | 516dd5663b9e122cdbb2d212509724ccbb826b0774b1eb08cb96c5f82fd38ac3 |
| SHA512 | 3b2aa32bac27b3b384a518926d4e26d5655a4434a907b327cecd61a0c25ac5931f81fcc49d16d0b25cfc00f98d346bd269310829c6064a54df2664c60f43b718 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQml\WorkerScript\workerscriptplugin.dll
| MD5 | 9db78074c4e988c40441b7f318d31a29 |
| SHA1 | b507f2a12d6698cc4acccc14423f8adcf6da5dae |
| SHA256 | e478700ec9dd0f1de166f43eaa408a38b9bc2f8b994a80846649ff934d8c0e07 |
| SHA512 | 917bc4a6f347b81e0b0bab1b6a9782d0a021771b98684cd9f9c2abedf155491006a01e3d56b5265a01ee7aea17965bdcee0ba290dcf92e782937aa816d2b041a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\Basic\impl\qmldir
| MD5 | d6b02bd0093c8bb00347b387e01be80c |
| SHA1 | 06ad73d6ebf391957932c537f8b933ebc82d1bae |
| SHA256 | 89daa248ee0544aa92530173d3e969d4c5b05ac2122d836173cc50d069805cc8 |
| SHA512 | 3b0813529bf0b1fa3541798a1c1b8a738f13d0a3f769b0d49aa242aca18b5ba8bd3e3e2746ab7ac0d5cd680d916777814fdda5420bd31bdeed270be8e4428fe7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\Basic\impl\qtquickcontrols2basicstyleimplplugin.dll
| MD5 | 5bf2a01e2dd7ade5616ca79170a8d23f |
| SHA1 | cee7440be25c58c73600a50cb11bb6fac7136a61 |
| SHA256 | 554e784f16b2150058eaf4cd3003c018e980b4fc5cf93ce1e93f3eb14fbb74c9 |
| SHA512 | e42aea99eb87ea4a2bdd815c95c53b91b80a0df5603d7786e0d9b1c3fb0031a5670574f9360f17c5fe35582118e73595f4a6a5f2b830dcce32a6b8aeeb0329dd |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\Basic\qmldir
| MD5 | 3329231d19c34ec08997356bd2df27a2 |
| SHA1 | 9f7214d9f3b15263ee2fee5568a9940b3b023a06 |
| SHA256 | 142346c196c2b2674fd0f0e7f8c1fa23fb9964bce47c02d5029041d6a9248c69 |
| SHA512 | ae9a06615a5037a46eaaca120b4ccb176466d8aa0472fefea59dfcd7d83e5d05a1773f941981f41d268d8fafa421cb0f1b21bbb28e3918a3f548603a1a939c67 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\Basic\qtquickcontrols2basicstyleplugin.dll
| MD5 | bbe4d4b6f282dcdf020edea17fa11234 |
| SHA1 | ea871074fb5abff1baa4087f1aaa6409f6a5f10f |
| SHA256 | 4907a1cd4ad812637b1c5f7359b12f1219c462962eadce8e6f8472fbea628104 |
| SHA512 | 50ad4997a84da6c272c79d3dc820d83438d83512f5c35c8250e319577863903f4a8eb4a2e995b6c3d023c15aa5aa147f8345ebf573dd5083746bc25521a57524 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\impl\qmldir
| MD5 | 10b88077e9248124cc7eb9a17b5d6906 |
| SHA1 | a519e508367c7e7002fa17fbf1be61a0c7242e5a |
| SHA256 | d968aed9b217c5a95b8a0d3d3f48635302696b9b2f5f7e73ab16e8be6a9fc66b |
| SHA512 | 90c735b12bccfc14c8583450a7df0e0a8a0d56173e2ffcb377aaedf18e6d9960b5b52ad53494da8a53c69420175b56766a0cca29b096dcd2918c533f7cda5ab6 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\impl\qtquickcontrols2implplugin.dll
| MD5 | 42cbd88fe9d6570f24b4b517e5f30694 |
| SHA1 | f7109c9ca08efbd9040d983b3f7b1f6bb6c4b1d0 |
| SHA256 | 0736118554729f3a01528082c106c0717f92e728dd93b4f9761e7d39b050d64d |
| SHA512 | 0f6e8f4c1b1d23197608d1a35827665454e3cc439b2ad80c6b358a8238ffbe2128b5196635e2f78f0ffb0302958c1b7a54eb0e8d5309a91c1ba00ad123093101 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\qmldir
| MD5 | a098009511c5c0a59833180919453a5c |
| SHA1 | 90ecb87885d6fd7aa15cafd2c8d67a68c4d43f25 |
| SHA256 | 9fd5547623ce4b95247351517534bc5b4b29d43f36f57b7f3378b24acb58ef0f |
| SHA512 | 63ce67b9f9285453f5263a6b1ed612b9434c804cd0097ce56ca31448a45ddb7befc592f2901b83e66211b33cea7ea46635d9213277eaeec8bfd683ab65e62c8d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Controls\qtquickcontrols2plugin.dll
| MD5 | 603a83e1eb93e0b4e1c7fe1b768fd105 |
| SHA1 | 3f5d29c06475ec16b7436a121fc23ecd861f87e8 |
| SHA256 | 932a269dd90d509b03f32abdd2d2008db697f4750df47bc25eb6b02e965f836d |
| SHA512 | 0f39d3091eb96348222a935f567509c7f5edfda74f7481453386c3e7053405517296d28cd264872fd1a50951d3bd417b4a40df24dfcd425d4077a3a78d4a0080 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Dialogs\qmldir
| MD5 | 82ef8bdd05ae26b81ed33e11d06e28d7 |
| SHA1 | 18fc845d32c1deca96d97d47a5a6900ab7f99747 |
| SHA256 | 6b547b8e506fd70e034967fa4678368a515dc8e7cdbbdd0fd2b1f263b28fe46c |
| SHA512 | 4541c30ecd7178dd6c238a99eb3f0a9fa46029e2366ae3eb1ea9684619038832534e5a4b0658973d47597ae7bbd6e344c8cee2d74e1126c2657a6be8048cb393 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Dialogs\qtquickdialogsplugin.dll
| MD5 | 3d45a03c422d0604517d735180f32b65 |
| SHA1 | cdd53042670df5cbd2a94b595553658ce21ab2bd |
| SHA256 | 00edeaf6b5447c16654d1e8f010d882d909aa2766afe44f4b6e38b260a9928e8 |
| SHA512 | 54e288db318376cbf782890bf46b51160122e69fe4a6a61cd6ca42b614c37ca74d38f85f24717ac78efafb6ee14d844a2240dd94a41597c09875d7d651ee3e6a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Dialogs\quickimpl\qmldir
| MD5 | a732e1b574ca5ab3590b8c6d6de8b2a4 |
| SHA1 | 0bfcf7f7af86f82b196446e0542c367f88023f24 |
| SHA256 | 947b7856d7f3ac5e731045d2627973df06744aab3ff392248ef2eda5d42a6279 |
| SHA512 | 9dccaf5a9258c8907d58c0d72c9ba315e32d4878d3d31168a58e3e5c4cad234d34d668f6979d57e9e47bb5c5fbed538f4e4f7009ca3c17f614f7367addbda4b5 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Dialogs\quickimpl\qtquickdialogs2quickimplplugin.dll
| MD5 | abfd86b2b24ad23f3aab3edd952ab053 |
| SHA1 | 3f82656bff4f357ea40787d43f9610c9e4a2337d |
| SHA256 | c5ee749b4f347a1e00b1f912ebf5e4a4e6c34ffcb8877b5db556742b0c46eedb |
| SHA512 | 9768741702df37fb2bccade5d0118c114cd6440bff1bd7e76801a51c34c86b82e681cb4b195cbfceb4cb2936c81eed0b40b14507084ffbbe653b1e0f68ee27e6 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Layouts\qmldir
| MD5 | 59476cc514bb3c0e6d94b0450fde47bf |
| SHA1 | ceddc40c1c97d5f88831e76460afb127b808fdde |
| SHA256 | be7bc0d0defd3037fd4493987ade323210f191bad527255eb32d1df15b1b8edf |
| SHA512 | 3331f35f7c6c6e278192017b73ead6802ff1c394111c82c061120cfc7cffa365c407328a5b31d239f847fd3567ecc2afdb3f005062ab948c504bbbae21a381c9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Layouts\qquicklayoutsplugin.dll
| MD5 | fe46bb3ebb124f1a49f3b057f53fc117 |
| SHA1 | c0b2d468629ab2f517d8bf91916b3d1361526a2b |
| SHA256 | 8b25efda99d9978b84c99fb5c63b423ebdbea40061611a835cbfde745e6892f3 |
| SHA512 | 74d428d7737f6d0ff723c92ef680f9807c8b5eafbc472a3ba021217e0d61e74847930c7a46e598b39bd8e792c205988da51b1776076a2be598dfe1d316798863 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\qmldir
| MD5 | 229c819d9d388357c948f58e96513964 |
| SHA1 | 9580844569cb3de2d0f728695d9c83c6713d5c74 |
| SHA256 | 137c386f9b2ba49fb3a3417b55096f6f1bd15a794a98613a862b490a6fe4fa79 |
| SHA512 | 61fb9d95be728ea658b31b137216ca2db2a52ae4523ebac1f7bd7b20fdfde4442b6570b03c7defe9047a96905227cffd0160a6e3f42940e27ad58dbf3b3383ca |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\qtquick2plugin.dll
| MD5 | 0c90675a28d95f6bb1050b69f6477de4 |
| SHA1 | bb8518a467430fc41322060361534ae73879f362 |
| SHA256 | e9f4fa73ea93efa6883c8256f74e4351c7cf808db721e0e1d49d4f5af97cdcac |
| SHA512 | c338061443eca85503619b9b9e5397a480ad60b2478cfe3468db360c88d0d5f938fc577e5393d8dd4ae8c40c335000bda9a7fbe9490f112a5ed0d2346be0a605 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Shapes\qmldir
| MD5 | 29545ca5555980969d58494c03e810db |
| SHA1 | b56a6150c8d39708e502b53d2c7535438aa02568 |
| SHA256 | de2dab12c07574207db93315ebf5bd6ec6656d1aa506df756328f73342b2a7f9 |
| SHA512 | 6715f3b9f144ee65cb37cc200c1be14a827cc40b6fbc47e456a5ad04eeb751f69b1cdd8d4c3fb2a5ace30173c2d61b6633958e7b8753a2c6bd9c3d27275941fa |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Shapes\qmlshapesplugin.dll
| MD5 | cf18f633aff01189246c1a2b257bd8e4 |
| SHA1 | e782db1781c57ebcae62b01d594ecc81022e6379 |
| SHA256 | 6be600ee9189a6c84e35eae24e91534ee5eecfdae33797e15472c6ffc8ef039c |
| SHA512 | 78473cc3e4d2cde99759988e47d4387b44a5b34245d59d0b6f2dd9206f96ccf7aa2f06d841c546fcfadf239fe0a6d1cc8d775f74797328bc4bdf2746345b43a5 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Templates\qmldir
| MD5 | d6238b74f2a445964a7f223b96bc6442 |
| SHA1 | a7fbbe96872ca73d293470ff50f4a0a7278c10a7 |
| SHA256 | 60e185a2a878267d15f2b54f6088e1bcb3c7e66b67ac016b121b9e79b305a9ac |
| SHA512 | 5cbe2966e26f6ec1227fc36e3baa363fc9997e5e2322100d8f7dcb0faf520d18c210568a7682b85156d5d73c90465c4934e557de08d82a1ca95989eca1257d2e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtQuick\Templates\qtquicktemplates2plugin.dll
| MD5 | d804c42ee7783da45affec5016be7546 |
| SHA1 | 7128d899253257f14829ca2f28fb9b7606f38d15 |
| SHA256 | e931944d5eb53bd373d2b4dc9e2562951a44e49c40e177670aea7735f3a3497e |
| SHA512 | 0508477329365f2bc49176d358df4c5718eeab85ccdd74a928e2f8df23eb75203115980c6f3b9ae948cc3b9f3cf434b27784933ba36f89f43cee9ea77cec4a02 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\sw.pak
| MD5 | a76199fc5387610c34c10fe432de8ae6 |
| SHA1 | 78beef278932682c53755d2ef2ec7bb702920fa5 |
| SHA256 | 8e37295c46adc0afe92ca7f4a1a2ed52a97e14423d11eb05e8a14b543493195b |
| SHA512 | 68990913627bbe34292b65074f24f399c0172282cb6b55a631b2aac1c2b12109135192f8eec22be5e533ebb25a590a69d91caa4c8bf304a2c26e512515610eb2 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\sv.pak
| MD5 | bcaa22655669b60765b38521b21da875 |
| SHA1 | f34e37dfdb5521ebc332a52baeab8c568722ffc0 |
| SHA256 | 9ba97cf45ed07f4b8b3304c55bade120fd01f6ef0c2d7685765151c40b2b3acb |
| SHA512 | 9e8d7d7d58ee7ef352d850ec14e22f5017c0059c66d7ae7ac7b3ae26a0c5cb7a11b90318e5cf189e2732928f658868fd5e13596369513ae45926e9dc1c0e8ae0 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\sr.pak
| MD5 | ff5e1f8f679fcf45ace4b095d23841d0 |
| SHA1 | dcb7cc4c3afe6a4c9baee3cf7e2c900f530ce3cc |
| SHA256 | b8d0bb2ef02f21acd435e4e969bce77b7b3410263763d2ed76a2fa73120e5e1a |
| SHA512 | fd4940cc1e3106eb73b35ce13a63556e5eae05fe03139dad255472d25d37a223f25fac85e5e45b468383edcb174e3d8bd342574b0a55ddd27bb530a1ca614a2d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\sk.pak
| MD5 | 097248216acaad35198b979dd2bee4fb |
| SHA1 | d8d51024575138afa55217960a623469a7e65cb4 |
| SHA256 | c7609346fc5d8cf34d3f6e6b5fe4366f6eac06731e14e6453b7820f02c21b635 |
| SHA512 | 777aac33755b874e853f5f2189babd99d0d9408d182e4094f27af26f4d451d8ac3e6efa6892307f90c51df7008394f713d68efd76ef1963b8593c201031b8846 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\pl.pak
| MD5 | 1e6a60b03abd6dc4f8c869dbc774b680 |
| SHA1 | f3d02e9d34dd05bec55fb69846342282b32ab405 |
| SHA256 | cc4775d2d1a1751cd6ee4de5adc7d4a13b079e7b132898595cb2865e0a57c823 |
| SHA512 | 54c2d9eabc73ca873314336df35e5c38302dcc78da5194b097cf16c0bcf3b64ef4a9bf7230ea7367b23fa9785d1a2b94bbccdaf0f38eb45b3b4226f32be5a2eb |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\nl.pak
| MD5 | a17f9d1ecc10a7da391a2fa71220e123 |
| SHA1 | 025d8fc0ee1eba270973fa2ad2f10701bbd708b9 |
| SHA256 | bf1b04e7fd896333e4e2ffbc411563d5de30e4c241e3f7e0c60548af1310bc1a |
| SHA512 | 47079ecc377e85e907ee779a332fe6dd8e66beb39c94dc0643a8b5baa400b97285b42d727ee32efe88fae26ff59e18671974766e9ed9b744bb7df11a3c5e74b9 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\nb.pak
| MD5 | bd58803d4cd991cc7b562da68428867b |
| SHA1 | fe36b791388d2a1137ab2377b72272fc8dacec82 |
| SHA256 | 43fbabc2a7b4ab2dddd00fb511aafa241a9905af40409b7c3f54210b6152302f |
| SHA512 | 6f546f39fd47f81e73bc1de8e105882c91b56d32d6517ac115401f173c4c7202d8db9de72bd131526ab54feb3aa3745d8550c2f993dac211b14ee99d71d4801f |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ml.pak
| MD5 | 3f2d7238334e87c1dd28508ae42ce499 |
| SHA1 | f368408c86e61a2fd972876f659247dc4f1a2090 |
| SHA256 | c182a95c3b75b2bc5795bba0af6badcb2588ba2d84cd68925e75cf5ffc0168da |
| SHA512 | 5f0ac10d7fa2e6fdb0d9f8fded6f055febb1a3926013e28db108f8f8a8ab8c24216329f1d4b0e8bfea6da9220294cccdddfab810e60253455e99d52ae26bfd44 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\lv.pak
| MD5 | 84509c858c9da5347db91821960af8e8 |
| SHA1 | 2e4edff02a0e429a9f4a633cbe3877e5ad7bb38f |
| SHA256 | 624c7917250b498c2e643421212989b7dfaec944d06a5a0954568f8e9e90b0b2 |
| SHA512 | 9aecf65282432c8b7bdb327f373b715a48438fd1730bec5d2e27270810b5ec880b98d13e8f4a0586a420a42b700feed50abd844fa7e3d655bf9f723bebeb8365 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\lt.pak
| MD5 | 82c786051cc71dac807c37fca436a91e |
| SHA1 | 7c663b0225b90bfb1dac4cc10f950349c0281b89 |
| SHA256 | 0050421881174da761b3177082de0862eeb1f20165169eb057ee74fcbdf95eee |
| SHA512 | dc8887aeeb5d2f88f5ff01a2b417c7f8d471ec386adeb848f4af2af32c97152eb9bb50f7c78ee9cc216cf64821f761c2a25367e96eb2064e4ce2d00021c7fa4c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ko.pak
| MD5 | bd258202d84cb6cd398c38eb444d7c13 |
| SHA1 | 4b03cd62fd99f107dbac2f600130ab070cdd7e64 |
| SHA256 | d1e47481b8775c11c7b4b42fd73c7fca614e16950581e892ea739def6cc9dcbb |
| SHA512 | 0a0ea62530b9e8486b8d081057174b0bb6211f5ca4e23f1db4ff7316d252f4c1ab09803c33368b1c068045341d35977b1fd8d6b18efd068928b170d7adfe34c1 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\kn.pak
| MD5 | 3638bfec55b3e6146eaacff7edac9976 |
| SHA1 | 0aac7b431980d1df51170c2ab5e5e960604364df |
| SHA256 | 77b514e529b8aba4da86653bbfae0fdf3fc4eee0d84caf40530a23bfa58d790f |
| SHA512 | 477410a6ab9db7b74e82e5de5101fcdc13a42fa8c9a9437419fbebe66cadb9b57d61930a3938b53135d90527419f30bcb5381997cfddc2cc51f65b121b5d5482 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\it.pak
| MD5 | 84030ab6437d9279b2e93a4e83ab5d56 |
| SHA1 | 7cde75bf29eeeb84c6226983130e7fad0442f777 |
| SHA256 | 6f1cd9d09ec1be6033bcb0c2efba08a961214f1d6d7a9844b88e7d612e7a1860 |
| SHA512 | 86aefece3ac2862144f997ab3e69b9aed98be5ba5e9941baa02600ef63ca7ab9099b6e083f3263d077e4cc014df308ee8231c0268c06ed846f6c59f6f2e6460c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\id.pak
| MD5 | e1038c2d0ea1eebfd9e25dae192a868d |
| SHA1 | 6be7fe8751880e14ed8322f7d29794a8cdbc7467 |
| SHA256 | 3134fa4e6e3745d206aaff3d8b4fbc289ca29b687ef1d8f16ff22012efb3dfef |
| SHA512 | 5dba90a2850b2851314620be62cff5d593a048338cd984731eb4d6e5e77d806296c6e1746b5a7c08be19beca1695ff418d5cc9e1b84fcf5dfbce5e7953a6bdd4 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\hu.pak
| MD5 | 10f85e5fede463e2486ed890a561bed5 |
| SHA1 | bd0113b5573d79119fbb15d053da17fdfb4e2d50 |
| SHA256 | 2e6795aac09546926d93180082a3e4ef64b08a18ac513d79493ea8fa168e9cc4 |
| SHA512 | cac4858b1ba904d893250028afc8a10bd9ffa99c7301efa0448e316585a2a817db1936edfd325c1d6dbca5fa21af0f0a8f4b8ec0c6506df035d8d582688eaf08 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\hr.pak
| MD5 | b556be50b983d7d62a8f44dcb24efea5 |
| SHA1 | 6c6840dfdf83a69dde3536e8236358c32b6a8535 |
| SHA256 | 155a03a996003ae7cf7ba22894b0fa479f0fc6a04578baf6a888ff1b2e8473fd |
| SHA512 | 4dbe58000c5fe799be609597078535f321e62210dbfb6ec6e9613dfd569e04b16dc305e5a827c6706acafd250fe5c00eae2f24e9784ec304ff5d0446c194f847 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\hi.pak
| MD5 | 248182b1fe577681f70dda64b046e120 |
| SHA1 | 3c3f2726be0921121486f5dee10886b74cb37556 |
| SHA256 | eef6fc72fe85670200ca23656e69804d9d02d9ef3d0c1ccf7d129d71474ef400 |
| SHA512 | 86365716669d960fb67e96e0ab903e1412a7c5387349b49cdbf8d0ebcaf118c0d99c93df0f166089f32aae2d0b5f2c2e34734506f6558c9a8819729abf7f55e8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\he.pak
| MD5 | 3d3d2134b30ef1d443e07250229e2678 |
| SHA1 | fba103c120d78c07f3000ac7709d3681688809a1 |
| SHA256 | 4dad9b698b48ad90553bc3c82ce8faca6e4f8264ec6ac5b9e1bf2cd20f2ecce6 |
| SHA512 | c806b7f37d87957904c5f0097fa4951874a115f06392857a482ae50af6b19178acf478296a8859d031a71493960e7b807b6a772fac04bf56f88200d93073872a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\gu.pak
| MD5 | e3074b687e6a6deb35bf1400caffb425 |
| SHA1 | 5e524e883b510a67e05b1ceb082f3661b5890341 |
| SHA256 | b558039d718858f3a15ceaf9c2ba5a89282bc5f6f15ede43a1e552fa458114ff |
| SHA512 | 489d922276ee9e7f42ca0d003caefd97e62abdb712d678d1cb8e8c756be707a1d07ce080201c6957b529c2b7a9eba26e7d0a5ffe7251051721ba1e44160f8fb0 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\fr.pak
| MD5 | c63cb62bf919064b0b6326a0e598da50 |
| SHA1 | b3b09ede4892391fcfe51288e55d9503b8848aa6 |
| SHA256 | 5b88cebd089e9bca4978cb9df076ed06f97fd5f6d496f6a47ef6d42441726566 |
| SHA512 | dd51706d7150367303dba7c99029d5468ecd1d57abdb28c1688b5937700547e14d707440b12f2040b4120cbd0f4c4dec67e99f175761b58c9f14581aa0e0923c |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\fil.pak
| MD5 | 3a9fe4cb75cbf95a747e4a98e9a5134b |
| SHA1 | 1a39f169d11ee06ef63c028a7708af81926d7918 |
| SHA256 | af5917413713e97363a62aef1909cf7a800f031ca68bbf211cb243032a68b461 |
| SHA512 | bd2da49b2b6425708206aa4607a1c40c4da68847becf59ed9092ccf16a79f967c58428d2bf7b198bec0441358ef05141a56549572e206355a3bec7ddc088038a |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\et.pak
| MD5 | 03aab03a3d067c79b8ad078af1aff9f6 |
| SHA1 | c5e402fa5b148f09895bfdce750033fe8e5c3e35 |
| SHA256 | 7b301a55543e15c5255db083b7156a5cbb1bd7669c863376651e7c536a0d3c03 |
| SHA512 | 3fbbf675a1b26e92625f30a245b92c80ab5cccbe3559e4d79bb81b6bde33f796e82e128bbfebfd29b324cb6a0718edaf4fc53be28648366288375fe615079538 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\es-419.pak
| MD5 | 41a4b6343b952185a4fada57ee9fcbc9 |
| SHA1 | e2475227c6f62da6f8a1467b2035f89d9741a132 |
| SHA256 | 803dd9d993d27ee7ada530046f6933dc5eaf35af1e43cb678b1f82e41375c5a2 |
| SHA512 | 66824110cff65417d12a46ca3d6c42030038dcf1032aa6dc6062323513eb781778851849f84f37dc0225f951be29bc94534a33f74647910bd4ecabe3edfc44c7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\en-US.pak
| MD5 | f70ea9666c4b2d503da8e0237c46eca8 |
| SHA1 | f150561cbdfefb7327b9824fa3a291c792a44d26 |
| SHA256 | 2ba506930a8da5c3389d0616ada76630dd7f41d5cb8ee850f2406028f015d3db |
| SHA512 | e8e4b03c6b1e5b7c6ae082e372f903bc78f61fac0c2308e7c716b02ff2f8275eace5f541d7ada90b9fc6d33ede29008fdb3e6994fdcbc736a705244d360eab98 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\en-GB.pak
| MD5 | 1d94e3d6893a9f8e54962482186ede36 |
| SHA1 | 357a64334864a48d72b7d3ac8969c28fab065505 |
| SHA256 | 525d94f828b967070b72e6043e0b9d1c55364b382be1f040b010b90a41b6a815 |
| SHA512 | 3be8fc06e379df5d6389547a2d3ca122f367d8092c00e87089b23fffec60e6a4a8b1edc281bd96fbbaf3ff02b77548259d44edc93d7e5af46b0b32ce78f2efd1 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\de.pak
| MD5 | ef63e015c168179a884821c9db90bfe4 |
| SHA1 | 2dcab43076d76cd723e6d01e99fc6ac30271eb99 |
| SHA256 | 4fd6c23374b3bb860a705ab343bea2905cda824953cf2729f2da7c86ef314f99 |
| SHA512 | de21ce56b1f47fb42b671167265b8d493f6d0d27cde4bd97e1fe6d86f26ca07208a864b47b0d1ec7a3b2163447791c986e71fda255b1702f2f0f6bc7f50235f8 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\da.pak
| MD5 | 18300a43e13aa570e0ddad7205e4c528 |
| SHA1 | 3a13f35888d22437055347ec0fd8b2e67cfbef28 |
| SHA256 | dcf563b44cf1bce09dfb017a8e51da2e5653e834e312e7d9c3a868c4b90b5a7e |
| SHA512 | a1c4d8333461c723bf6ec51622759f9a7f3a89ffe03f63b3223d296ff99ed926d2836c819b5ac4da2cd33eddb8adcabcd15a18d5c9bf41d399da17c9bc65702d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\cs.pak
| MD5 | 2fa44a92c2e2304f8180f703e2363d2c |
| SHA1 | 73ffa3b6999acba487a76b77e26d52d10a4ff69b |
| SHA256 | 6e6e158da321c3914399aabad1bb68f43d907e21c5568c182ac12539ed308672 |
| SHA512 | 3377284037652bcd9a7cd1b9397e0c7acf084c42c7ef5170cdd92c8e1eb2005b6cdd818abe6b9f24c1cea2c10531c1571c351f331da42d68320267197b1d21d1 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ca.pak
| MD5 | dd10c97f6c8153faec769dec63aeed67 |
| SHA1 | 37fff3ede19be23bc01c4d297372ec2a4f4338bf |
| SHA256 | beec5dbddc73c0d80faa6677298f002c52dad4991deb5f533da8f07cef775be2 |
| SHA512 | a387606c54404e2b07db9541d23124a3d8ccdfe6e3f6f27492f5bcaa0fb5be4de59b50b3fb288c5261d02b719e4ec05ec767e53469ae96e6d943a3bf2920f412 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\bn.pak
| MD5 | e5bfbba7a15e8d989257ab6f4cc65550 |
| SHA1 | 40726da19598b58271c650311039ab6f7d7f2bb1 |
| SHA256 | 9d9bd667d75539698c1e1febc4f0d9f37accca2cd0813314fde01df8d130a20a |
| SHA512 | 7b26b407d51d27c73e3337e8430ecd5e53f07293edbd3865774f0cd76efd615d4d699bfce6c05ab3d44ecab6fae13c80359f2ea94a08ffc1d822d10033b82ca3 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\bg.pak
| MD5 | fcae54e530f1c0b4cab64328c89e4128 |
| SHA1 | bc54613a70daac0cb08dc938ba830a3332bf5656 |
| SHA256 | bb6107701d4184539f914a33634ae0300d0a9e2deae979b88a3ece53605c5179 |
| SHA512 | 00b32d37822a1bb74a8e7fa22157b5034655c4be523df9060961bc81637b554fa78b3033b51253c2be9312e0caf3a0e30d8794d3593e038b24f8adac87f64322 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\translations\qtwebengine_locales\ar.pak
| MD5 | 3368204e7ff3e30e61651b6872f7a6b7 |
| SHA1 | ef64940a8b0d955e4f2c441a967166fa55064137 |
| SHA256 | 65266af2212453cc9cab96296a516070375924119ec55754f41c8053af3d8048 |
| SHA512 | 2d0b4948e191a22837ef2dce2db59ccc12aa111ec378de6efa7281e875e98c9c160adb94b4b373e16744b65aad5c85eb1fef0fc7a12d2cb49ddcabdc95dc6d9d |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\tls\qschannelbackend.dll
| MD5 | a79fdae77d68c47599a2501224a1bb1a |
| SHA1 | 11d3bf27e0e54eab9c8cbba8639e37fd6c2cf647 |
| SHA256 | 8a25fc4b8d29ee934fac2a26f85f98b82eaa4eb5b0ea924a98bfe597cbe7cd71 |
| SHA512 | 5c2941da9cbe7973abe90d25b4e5e56a0bf94d67d43c0d5652859f032146461f9db5b0de5580e97abe0de067aa82bf213ae32b98c90ad1ea3cf25d5bef0743b5 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\tls\qopensslbackend.dll
| MD5 | 2ce461340c36cefe018d18bcfa0bc943 |
| SHA1 | f4116728002c0d1e1667af27b359ac0d90fdf356 |
| SHA256 | d78806f6c92310172e095240b112bc966c60c7a34eaaf3aac8497ba31e6cd95a |
| SHA512 | ca0822cec7e6f49a2d9f8ba889fe28d5309de4b6f25da585f1fb4d10420a815d2817f3e39cd82207fbe68e755ee98a9700c6053d5950e3442d865fe0eb487893 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\tls\qcertonlybackend.dll
| MD5 | 5240566cd1d97774f03c319606396659 |
| SHA1 | 7715e321e912f413561e0e3e5f6316ba1ea77525 |
| SHA256 | 9039e7af3cc64ff8d653b71f8bf9a90549ef5f35de6beed23cab336f4e3102fc |
| SHA512 | 4958b92c632253fd18c2816a3dc288285e92a96a265766679881efac284a8c49f9d49ad5596206ec374506e4341a9e10f5d66354fc8120f29375ed0feffcfb2e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\swscale-7.dll
| MD5 | 60ee6404315f42cfd111ffda6d30a1a4 |
| SHA1 | 14aafa75e18202af1a4bf23d526d1738f96c4156 |
| SHA256 | 331c66b7974abbd85639c63e9ebf63c62858d5b1d8a47ba52c7bc10715aeebe0 |
| SHA512 | 8a4d858ef96a9cbe311bda94492d6759460f93751a79dfae826fb6b63748626134b11e3f30a37e19b6fff1567556d6a3f51d22211885bfad433f8a4451d2abea |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\resources\v8_context_snapshot.bin
| MD5 | 38a09bcf4160f5b345942462b63c1c7e |
| SHA1 | c4de02fecac708d94096d6e3e16cfac3472781e0 |
| SHA256 | 3202f8ca18e49da8be573afdfe3ada8b98b351f8c5f1ec08ee92e8f00cd8d9b2 |
| SHA512 | 1dfc511b0b387db1876989d4faa74bdcfde66714af76379bf768f71252874a6743bb803035a137f87c530d120aa180009215e8ce1020dafbc6f531381e891995 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\resources\qtwebengine_resources_200p.pak
| MD5 | 09da93dd890313c6051e3eb31cab562e |
| SHA1 | ca4281451381360393c0abac1029aa4c632b5ce1 |
| SHA256 | 70418cc40f2078d59972bfd5d182b1169beceec2a828a5b81cf6e77933adf6f4 |
| SHA512 | ad00145b99f09ba25ef886ba89e3339c52d09c8080d0d9cf33707f23091e9bc8fde035ba99be291303f727b99cfd798ec3c77644e9ff46c0c6bf64c8d3e91856 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\resources\qtwebengine_resources_100p.pak
| MD5 | 698db9c6537b8d9dec4869a11355af2a |
| SHA1 | 0d2450a12e0b3405ae30b3c7f5ad233fd6cbbef2 |
| SHA256 | c471280e5c2b50d0089c069954c84b121a70a7c50a2865b061e6c5eda329e634 |
| SHA512 | deb7faffb6e3c28616e200d10e18707df229a649c9d16e6db8921c3eec7381aeb977e1308dbd07bbf2c2a839b19de25bb6f8a9ba9d094f1243c3aa2d2ebb3f16 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\resources\qtwebengine_resources.pak
| MD5 | f249e5dd0eaf7ffbcc2843fccce85ef2 |
| SHA1 | ab7449a0d3fc68daa29f2cce08263fc290c4b046 |
| SHA256 | 7e9c3c381c6a1bf31b4fc75c68a9c2f30ca34d9999291ada1d3eaf0b79618d4a |
| SHA512 | be88d39e01828788e5a8b8c436cfc73d2863debf7251b92323d2ca3c02a8737d8edf1c70d24b98a9b11388cb3650129ed46e8134ce3b168a8564e37c3c67e215 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\QtMultimedia\qmldir
| MD5 | b7d5c74f4485b2550ad065e16252976a |
| SHA1 | af8c4cf1a294e7efa6bffb00bf3a66ed9750f18c |
| SHA256 | 2a0f427a8594e31ed6b3fbc1b2242856976a02131cddd8c59b23858dd3d67cf5 |
| SHA512 | 25581e90656d77023d91e2ec5797b6290e805caec2996ec58be98c618e2284c3657be93f5cc18dfabc6ecf662279a1854be08f888805b217628172ad040c47f7 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Xml.dll
| MD5 | 8169c439135d3453614e28466d0f3e8b |
| SHA1 | 14cfaba32e6f878e94ac2137852dae5dcc67e3b7 |
| SHA256 | fd6e3dfc8be003418f40aeedd90aef4296ce39aeac544a3f4c04bc86ba1b06f2 |
| SHA512 | 6d2655020f76412a45adc3b6da7b0c5ea9e15031161f346ebb8b8875dd2356fbe0d66d9ef829292f5fe5bd6fb495e003413b4b6cefdd348188b8cb8892a66a34 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6Widgets.dll
| MD5 | c3241a2e538115dbaddf3a8c283c7966 |
| SHA1 | 0833370c511d9e44d6a9fd44eab950a77e6908e1 |
| SHA256 | 6a97350bbfe5518c5e41453062548f493014f8037a70645246549de33e6cfc17 |
| SHA512 | 3ee01be6b0f3f112cf0f64ea3d446bc819f310a9fa23b96e6839d4a4c007a70603a7cf595c25c107f04a65110639b3d617094c1b0d1240dbae9e54ee42e6b148 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6WebSockets.dll
| MD5 | 04cc26f549ab23a726f5625d773f659a |
| SHA1 | 66f7b72558335121d676fdb276e3679fe4b5da17 |
| SHA256 | d955e7ffdf0f3ebae045796a242949f851db07ddfac9cf50df45f601e04b0e57 |
| SHA512 | b3f8f4012f683444f09e3a7a48586143e3401e5d165c6455af4bebc04c6e01d92bc3255c3dbe3fcfad08f7b55f6badb3216b342854d1870951cb153ea50c5640 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6WebEngineQuickDelegatesQml.dll
| MD5 | 93c0440d85f375b171fd01c5b43ba85b |
| SHA1 | f05aeb8c34aa2269a1622d1748c6702334774fef |
| SHA256 | efabaf7879040b2ff01dc1db582f15ad1d28e04684eb67f3907e24c780c4e014 |
| SHA512 | b9b3c2af9678cd6610317fb7a64fdb2e1607980c515d213efc74851e8580301c9b9520bf6cc8a06d8abf8ceef47f169048dc7cf1bfd31ca268384c21752f4827 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\Qt6WebEngineQuick.dll
| MD5 | 97814a8961992936598f1b7683aca5cb |
| SHA1 | 6644cf3079595f1337116881e9cfcb2ef11c818f |
| SHA256 | 1585dda7eda1e6cca66d840257b23fc0b25b0f4b448b25c0896de790ec744cb4 |
| SHA512 | a6c2b88fca842a8aad3b3b1d878f50b90f573830009d0499248f3f1a38a8ceae42978cc106894855eda40708f09a215c77615960d06cdd1da634e280c94ea448 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\multimedia\ffmpegmediaplugin.dll
| MD5 | 200a2431241ea2b1bebf61d1c242bbf6 |
| SHA1 | 80a6e9298c6ce3af44d7f829d5359534979de266 |
| SHA256 | 5b8b003a86e49e3c4d1c750c940c6620fe6d8f0c2cb4e35b01eebf5899c958ff |
| SHA512 | b4ce3565d780a8201a7f01f74cc830e577a026d1002f60c9de28a13491160213dc76831a80265539c8148044db92f9e4fa76b77f86fa82d0e84c93a3b09f5cac |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\imageformats\qjpeg.dll
| MD5 | 85089a44f0a801bf0df3e529d5dfdfe0 |
| SHA1 | 9eaf3133ee6e4f504092bb67ab86241b5734cbc7 |
| SHA256 | ed785d7a87abc60ef8e9df6fb9a68eeea65f354a6959fdaecd325e56182af7de |
| SHA512 | f95542b9357a911dcbbade0545f4121847c5bf64fc7fd01592bef7faa97b9a24af0ccb345893d14462a0bc32d139cac84849ce12ff02578f739041ada2001adc |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\imageformats\qgif.dll
| MD5 | cda2aa5f7792f7f6989fbfb976c76107 |
| SHA1 | 6f1f2a75b11689adb68175d2b382e9cdd435d395 |
| SHA256 | 4db6e6109b1771f966deba62abdbb80300fb7d154266a2fa8c77e2fa6d4abcb0 |
| SHA512 | 0068f8ba909533b2d876e80882a0ad10bc8323afdce405fc273b2c8dcae5f34be76bb2c04ed816c136c8dedb513356af0cd92d0cd832b066ef4c26f3149e138e |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\BlueStacksAppplayerWeb.exe
| MD5 | 33f277e986149e4b3cb590e052c4904e |
| SHA1 | 00d90936afc6183b612d03a3ec12db2bf4b0c8b0 |
| SHA256 | a753fb439c724ccfc00a0d5218ba540ed13e287fbaefa55017d2a96c6b616c29 |
| SHA512 | 7aa2f723d3c042d849ac771c190f2c06de532a8f263eb0ba3468f0594a1dd8c58ba545b58a77f611d1c4feb519138dab455dd47dcf483907660089c8f4c82546 |
C:\Users\Admin\AppData\Local\Temp\7zSC6FC2439\avutil-58.dll
| MD5 | 203009102eef773a714cf83515723b4f |
| SHA1 | 7d3a4941e2ccc42e9d313a5ec2f1f7bad65c1a61 |
| SHA256 | a8da1bcec215e8b002c4f8da2ddbc340d93937c93c480cd30d42b1d506f77a7c |
| SHA512 | 919b8badcdb3e1a78b5a96ec81dcacdf5cc9b76bca53d27dc7916700cc1e77e416642338d456345a617118bacc6913fa62bfb43c8937048ae346c1d295b5d8b7 |
C:\ProgramData\BlueStacks_nxt\Engine\Manager\BstkGlobal.xml.in
| MD5 | 8c11ed64e4cb4e992c891a1685f5e0bd |
| SHA1 | 1b125f8aa3f77ab5e23bcf18ff7fd9efa5232bc5 |
| SHA256 | 4c64d4ad8897d3198cc69c27e54c9ad24aafd70ee2818a4eb3a970f24b7cd535 |
| SHA512 | c2eee227704f0940bd46db419e42f15ce0dff3b006753c94005ac4c063fe2a2f0f24833a6674e9bbe570adcb425277a78bbbf398d600017e05357f33661d7c7d |
C:\ProgramData\BlueStacks_nxt\Client\Assets\minimize_progress.png
| MD5 | 90d5c0e2977d65b21b430f486114521e |
| SHA1 | cfb48cef2634d4be33210ba54e5b7c5c197530e4 |
| SHA256 | aa538477ded33f33e33cb9a21241dacaceaa0c3e5ad8eb1b6830a448262bc998 |
| SHA512 | 9a3f6690a638a69232335b746a4512ed1c623baa984d87cf4127663c4f85e818a4220564c63b764570e2ade8302989482580af7d9032052335d44b9c98d2d37b |
C:\ProgramData\BlueStacks_nxt\Client\Assets\menu_help.png
| MD5 | 2e82bd45c7a8b2e216c27a24d42f12a8 |
| SHA1 | 8ff552358b2d77090a54dad0c12c2757af2ec433 |
| SHA256 | e55ef002466578307998045edd5e10577161efd1cf8f1a71768a8046f4c2ee0d |
| SHA512 | d8f44a110bc31d5834b337553baa599c9a127d7335aeddd7e139ba5c7851db006d36ef74d841f10f7fe69e25edffd89a6faea9d3c72eba27bbbade843af440f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a923a31c7ace4565fc14e241fae1639a |
| SHA1 | d0f119e17b62f56d13fe2912fdac920f82d5114d |
| SHA256 | 118c9a686209ff3614bfe9a7ead57c6cd5c6a741a78e69345fe299ee6fd36372 |
| SHA512 | 270943258866508438fd770681616a3190f7f55bd4906225a48b5cc0428c08dae2e5559e61817066a7f9294379cae89d74feada65ebd6ea9a575e8e0d286041d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4aab8ad801f0054b1976faa04305f25 |
| SHA1 | 02e0212c39d1cdfee2feb32a6b37e620b7b0799b |
| SHA256 | 3f09d7d3c64f8e627d42025dba4f98e9ab7d16a6a0b8c3c4b6c8191300895721 |
| SHA512 | 63d557b7f736785b4d054afb03915ca3f7213d4f90c82207d9b9242b8a53757bbd904072dc4b965d404583134d84fc6c716cd0329242adfbcbb4a04a7af75508 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5d5539a3f930b1f03c37b66a03c4724 |
| SHA1 | 1923b7f7b86ac5122d11e42ddca4dc8c71fd1584 |
| SHA256 | a7f304d694dd590c06ba91d1164b1d58d15ade4a227afd03944f039e1705a0c1 |
| SHA512 | 790d8c6fc705604dc63c5f98c322539804ad55210d65cb830ac1478a211c1f11743a3edc8060cf2dfae03531d6fb011ab987cd73023ca90c0eea1d12fb0c9942 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 087825e27e0c2b3758ef5debe1864ea5 |
| SHA1 | dd023acde8a56c9aa0d3677d88b5f879a82d4457 |
| SHA256 | ac0cb615c0bf60a6c90b4b107a3eb1d5d4ee1d1818ed66b567ff7154f4b59ca1 |
| SHA512 | 9b4605b63d75e830d5c71376044e0da7463b42142f85966c15a79362880a2f170072f3253c86a8383b48c37fb39fcce6a630b79b424ec74b4aa632878476d215 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 778ba02f0eb9a3f2f5be12eb012a27ca |
| SHA1 | dff37b122f002ecf44d2f2e3fccec5969207c739 |
| SHA256 | c2c1b2c6d97ad04bdf2d45c2efabd97e5c8bd3ca1a50149ea2bbf51fa7474415 |
| SHA512 | 4c8e551c548788a63175174a4ce7bb6930726e68636da01f12283c3bf83a541c56a48ae3891447bcc2e8b0290de99d4530ec1a22fd6771db5d689f0cd58e3acd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 39734a9f76353d6023d8e99f338f459e |
| SHA1 | 3243a07340393fd51a474d231caec470ba97b6fc |
| SHA256 | c1e6c3b53aaeb9a8b6fbae80a68a31ede18fb272f49f0c3672177a52b96582a3 |
| SHA512 | 68bb80b23e971e0e5d23450a03e8416b22f1eb82197d5fcae15b687715c52903abf34ad93a34e7645ba1ce65f29566a778e355556703d468233611a3a1ae7986 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ddd6c7730a266f2178925bd7df624549 |
| SHA1 | 92c67e5bf999c15f969ced02e86f9105cac0b9bc |
| SHA256 | 259fe2d00325d50333c13b70e148ec7bd67aac5bb9ad4c28864ec49722961b5d |
| SHA512 | eb2c32aeaa1920f4eab91cf1a3a0fd3c25e001824ebfdbf7f87fd11964786cfdf092e325809480a8cce047419c2048ef4e20cf7089e2cbf9a7ee80f474264073 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5188cf5291bcd8e994cad63e266cca4 |
| SHA1 | 796d9c67fb594fd023b3e47f24a654c0307d6fa0 |
| SHA256 | 4423d0e77fbbf2429d54ab3f5f341000a0066b2099cd9acfd13e36ce2bd5e049 |
| SHA512 | 632f3da6552a60e172b8cd119a391a9534745aefc27fb7a6e4771f2b0aa0913da3cbe505568cf21536a7a4701a85e0a36480be79b49d1ec9ea356e9ff60d8abd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 13643ce8a3564d2cd48ffb0f748ae81a |
| SHA1 | 2ec0a3788a9dacd0a9d0fa0669fb0e1baaeefdfb |
| SHA256 | 6d2200d3364dec6a3d41b0e36e727fde7b6808e41bb7f7f58fd92f857a5e84c1 |
| SHA512 | de439db5c6262d6f6cfe571b2934bbfd320e5e646507c81d66e8b9bca3d1a7612e95db714c36d8fb977867c0df6813047451039face8cc2845fa696e8fd81906 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8540cc42aae1294bcb3197db3611c6ba |
| SHA1 | 4532544fa8ce40a82337a596733898a6646dafa9 |
| SHA256 | 8b683f9ccb2fe9399c30e49f1c30f16dbcbfc04b274785bce2cf21bc32c87e1b |
| SHA512 | b2e80b94d2b14e7a01e7b191f9c49d5b1f6cfe396a2a8c39721a0135306d5c80747c0da4b2c60c864241511872ff3a1b4d6e20d93b51343d0189dda06e088f7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 33c5e2453781482687a89d01e94dafbc |
| SHA1 | 0be3078cab8c481314844dd66ddfe9f950f0e3b7 |
| SHA256 | 4b69b92a5a8ad2546702134804f5bc0880e0a89cf3f76558e7368027faf51168 |
| SHA512 | f3783636cc86b2216274d6db43bbb1ddc6c2e6ab595b37ddc694f4ab4586549bf9bab491f1b66c02e1ea92595286ba6513acc76425b1153e753b0f7c4c06d014 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3980c7b128df5acc7baea168d3685029 |
| SHA1 | 490d560f2226cdba13ccdf4171413a8729262766 |
| SHA256 | 0ca636280bba34255e25887ff7750fb2c7302b24e318334ad6f2c4a2e882738b |
| SHA512 | 49877e1cac98cfbf710b769fe85feb71a4acf84be0f2b4ef8e2352cc4822f83bd2ef74f54e861a54e2489ec9bb6a92b2c1f88f7109acb03173bb6ddef52db36f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5198c8d7aea690c76cbedd0985192c8 |
| SHA1 | cc6d5396e611d71b1e536ac689354f1cdcd45894 |
| SHA256 | 18744bb2d8f859682b6551d82169227bbd389af1256b2eec98777afbd52e3830 |
| SHA512 | 72ae114faa7e92d56cf88d546b1cf97ae828cae533d2b739c3b8fbbb2de97ddf2a4997c50af7778c5003a85809b4a19265171549e6877ad12470a2dc9f3a952b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5aed3615b3e3df395b99862dacebae97 |
| SHA1 | d3c9f882ee56f0600650071fdd4524ef1241c3d6 |
| SHA256 | 8e93dfdfd2dc2ba1eb5b150352ac06a9d76aaf699d43077a0cf1346b048c9809 |
| SHA512 | 040f7113eb71836e18984ddd7b0eff98c51dd73132f38d67720ac81645ffa0a417b53994804bf436c645edb04793df63756fbf4b5f2d799a128f15bf5254bcc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3e9db5c306d7c22fab11197dc78c822b |
| SHA1 | 0f7f2d6012aadab32e0a5c8e7c93fe72ae7d0746 |
| SHA256 | 1e14ac3b2cfc0d0300940cf385123cd50b3b48639b9c3b722a677f49a3ffd3b4 |
| SHA512 | c0b87d99296de12f289f7c91b7816ba4ae66bfa126aa9f383782495614218004e361577c3499bd39135682eb4a8d248b437a78a8942ad09ebabad9173a095e60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d085425419d099aac23920086f76e7d4 |
| SHA1 | 5867cfe9e185baf917b5dbb288a8ea797017893d |
| SHA256 | f4b974f045e606e9feab1af447d95cc436c0b8b2c2b8aae921d099ec0c59f7ad |
| SHA512 | 46ccee83f4fd153487aa15e33e385a823fc29c19787e1eac216ce5a47185543aca2ed40d0040be2594db021760d17c2edc54c05d3c29594c083a78caa43afa7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 45583a5e53dcc9be9fdd7bcf21cebf7b |
| SHA1 | fb6b1fd5f95248997215a9b1c84d251684b7c9ec |
| SHA256 | 5b551ceb127bed7f6cbb299c740ad9c458dcb4406007ac5252dbb4d66664729c |
| SHA512 | 03d71da223193926e119acd6254db348689878d15eccdb7a0877105248bb2e6b512c944addb0645109216d5db919c2d25208bde6aed5194efcc80a359e1c8b41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0e8d5467beaf220eb283bfcbb0abcd70 |
| SHA1 | e53ac2dcb8286cc2f461ed6eb49258f3916cd1e5 |
| SHA256 | 8409aa864c30b63122b9463dfb70d26d9ccae08b98e73b06a572a6f492851a27 |
| SHA512 | 8a92e1e812de5de4e1177203f979c17367dd78e0ad0c902a738570ed232af21cb80ef4e7214e45ca1fd51bc2b7244d167bf927346500de73f9c77bbe664a3a61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27eac9b5550279429495746de9ea12f7 |
| SHA1 | ccd70df6e55808ec29bbfb3c283329a98e7026be |
| SHA256 | 2b6fa20640fac1a7633eebda58e0db42e0cf2fbc223221c3c4931c18c6b7c889 |
| SHA512 | 3f6f6239f872134999bea6374c8596b6b9a317d794eee8a6ff4d2d36417bf2bc5230426a5cae9a0c527ed87f506d32dec29cca27c82aadd7bb7d6e99f373b57b |