Malware Analysis Report

2025-03-15 04:00

Sample ID 240825-bhds4szeme
Target https://youtube.com
Tags
bootkit discovery motw persistence phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://youtube.com was found to be: Likely malicious.

Malicious Activity Summary

bootkit discovery motw persistence phishing

Downloads MZ/PE file

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Looks up external IP address via web service

Adds Run key to start application

Checks installed software on the system

Enumerates connected drives

Checks for any installed AV software in registry

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Writes to the Master Boot Record (MBR)

Checks system information in the registry

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Browser Information Discovery

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Uses Task Scheduler COM API

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Modifies registry class

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

NTFS ADS

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 01:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 01:08

Reported

2024-08-25 01:18

Platform

win10v2004-20240802-en

Max time kernel

558s

Max time network

559s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Setup.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Fast!\fast!.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\FastSRV.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\Fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\Downloads\avast_free_antivirus_setup_online.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Users\Public\Documents\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Users\Public\Documents\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\sbr.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X /rid=20240825011301.784240892437 /ver=fa.1091v" C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\AvRepair = "\"C:\\Program Files\\Avast Software\\Avast\\setup\\instup.exe\" /instop:repair /wait" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\TempFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ShepherdDebug C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\avast! Antivirus C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\FwDataFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ChestFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\MovedFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LicenseFile C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LicenseFile C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CrashGuardProcessWatcherExclusions C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\DataFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\JournalFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry = "1" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\MovedFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ShepherdDebug C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\settings C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ReportFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CertificateFile C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\SetupLog = "C:\\ProgramData\\Avast Software\\Persistent Data\\Avast\\Logs\\Setup.log" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\settings C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LogFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\TempFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ReportFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \Registry\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\Instup_IgnoredDownloadTypes C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\UseRegistry C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ChestFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\JournalFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\DataFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ProgramFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\Instup_IgnoredDownloadTypes C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\burger_client C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\burger_client C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CrashGuardProcessWatcherExclusions C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\LogFolder C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\ProgramFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\SetupLog = "C:\\ProgramData\\Avast Software\\Persistent Data\\Avast\\Logs\\Setup.log" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\FwDataFolder C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\CertificateFile C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\L: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\O: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
File opened (read-only) \??\G: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\T: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\Z: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\B: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\Q: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\Y: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\A: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\K: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\R: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\V: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\E: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\H: C:\Program Files (x86)\Fast!\fast!.exe N/A
File opened (read-only) \??\P: C:\Program Files (x86)\Fast!\fast!.exe N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A whatismyipaddress.com N/A N/A
N/A whatismyipaddress.com N/A N/A
N/A whatismyipaddress.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\avast_free_antivirus_setup_online.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Fast!\ui\images\app-background.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\network-error-popup-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\resources.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fi.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File opened for modification C:\Program Files\Avast Software\Avast\setup\ais_cmp_gamingmode-92b.vpx C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ar.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\icon-close.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\tr.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\bn.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fil.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hi.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\lt.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ml.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\id.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\zh-TW.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File opened for modification C:\Program Files\Avast Software\Avast\setup\ais_cmp_rescuedisk_x64-8df.vpx C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ca.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hu.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ur.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\en-XA.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-PT.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File opened for modification C:\Program Files\Avast Software\Avast\setup C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\en-GB.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\nb.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\back-arrow.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\fast!.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\kn.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ta.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\FastSRV.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\de.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\en-XA.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fa.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\license-btn-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File opened for modification C:\Program Files\Avast Software\Avast\setup\ais_gui_cef-7d6.vpx C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\nw_elf.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\es.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\it.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pl.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\all-circles-bg-mask.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File opened for modification C:\Program Files\Avast Software\Avast\setup\ais_gen_crt_x64-834.vpx C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\vk_swiftshader.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-BR.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\vi.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\checkbox-hovered.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\fast.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\el.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fi.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\nl.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sl.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\da.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\id.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\it.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\zh-TW.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\js\ui.js C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\nw.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ar.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\uk.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\libEGL.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\nl.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ro.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\th.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\en-US.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-PT.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\2229298842\2766033437.pri C:\Windows\system32\LogonUI.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\Fast!.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Public\Documents\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Public\Documents\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\FastSRV.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\fast!.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\avast_free_antivirus_setup_online.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690219864563209" C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "200" C:\Windows\system32\LogonUI.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" C:\Windows\system32\LogonUI.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "85" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "55" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "22" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "44" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "75" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "61" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "92" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "22" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "23" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "73" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "78" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: instcont_x64_ais-a48.vpx" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "70" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "19" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "43" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "90" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: instcont_x64_ais" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "75" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: ais_gen_core_x64-8df.vpx" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Main = "4" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "100" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "17" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "33" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "74" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Main = "62" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "8" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "59" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "27" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "29" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "60" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_dll_eng_x64" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_gen_tools" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X} C:\Program Files (x86)\Fast!\fast!.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "24" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "28" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "78" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "37" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "56" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_cmp_rescuedisk_x64" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "DNS resolving" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "41" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Updating package: instup_x64_ais" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "60" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Replacing files" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "32" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_cmp_bpc" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "71" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: ais_cmp_bpc-7e7.vpx" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_gen_tools_x64" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "3" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "47" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: AvBugReport.exe" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: ais_cmp_pwdman" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "25" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "File downloaded: ais_dll_eng-887.vpx" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Main = "23" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Extracting file: jrog2" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-523280732-2327480845-3730041215-1000\{C83B5199-2372-482D-96EC-39A96170FFB9} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\SfxInstProgress = "71" C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "79" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_UpdateSetup_Syncer = "96" C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Main = "0" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Description = "Checking install conditions" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvastPersistentStorage\InstupProgress_Installation_Syncer = "41" C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 91329.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 848504.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 16605.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 333227.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\FastSRV.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\FastSRV.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A
N/A N/A C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5100 wrote to memory of 4636 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 4636 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5100 wrote to memory of 2596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb974046f8,0x7ffb97404708,0x7ffb97404718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5460 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x470 0x4f0

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4676 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6772 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7088 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9300 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7024 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7660 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7720 /prefetch:8

C:\Users\Admin\Downloads\Setup.exe

"C:\Users\Admin\Downloads\Setup.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://pcapp.store/installing.php?guid=A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X&winver=19041&version=fa.1091v&nocache=20240825011237.170&_fcid=1724548340187407

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb974046f8,0x7ffb97404708,0x7ffb97404718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp

"C:\Users\Admin\AppData\Local\Temp\nsr5B6D.tmp" /internal 1724548340187407 /force

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\PCAppStore\PcAppStore.exe

"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default

C:\Users\Admin\PCAppStore\Watchdog.exe

"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X /rid=20240825011301.784240892437 /ver=fa.1091v

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

.\nwjs\NW_store.exe .\ui\.

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x2ac,0x2b0,0x2b4,0x2a8,0x2b8,0x7ffb85dba960,0x7ffb85dba970,0x7ffb85dba980

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x1cc,0x1d0,0x1d4,0xd0,0x1d8,0x7ff7662b8a60,0x7ff7662b8a70,0x7ff7662b8a80

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1840 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:2

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=2132 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:3

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2280 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:2

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4248 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Users\Admin\PCAppStore\download\SetupEngine.exe

"C:\Users\Admin\PCAppStore\download\SetupEngine.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installing.html?guid=A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X&_fcid=

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb974046f8,0x7ffb97404708,0x7ffb97404718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4340 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=3540 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe

"C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe" /fcid /instdir C:\Program Files (x86)\Fast! /startup 1

C:\Windows\SysWOW64\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp" > C:\Users\Admin\AppData\Local\FAST!\Temp\dskres.xml

C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe

C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installed.php?guid=A5C5E2AE-85E3-447C-9E0B-C9A7B966D823X&_fcid=

C:\Program Files (x86)\Fast!\FastSRV.exe

"C:\Program Files (x86)\Fast!\FastSRV.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb974046f8,0x7ffb97404708,0x7ffb97404718

C:\Program Files (x86)\Fast!\fast!.exe

"C:\Program Files (x86)\Fast!\fast!.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1

C:\Program Files (x86)\Fast!\Fast!.exe

"C:\Program Files (x86)\Fast!\Fast!.exe"

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" ui\.

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" --annotation=plat=Win64 --annotation=prod=FAST! --annotation=ver= --initial-client-data=0x2ec,0x2f0,0x2f4,0x2e8,0x2f8,0x7ffb8736a970,0x7ffb8736a980,0x7ffb8736a990

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1908 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:2

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --mojo-platform-channel-handle=2108 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=2268 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --nwjs --extension-process --first-renderer-process --no-sandbox --file-url-path-alias="/gen=C:\Program Files (x86)\Fast!\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:1

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=3848 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=4168 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=4176 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=592 --field-trial-handle=1844,i,5800983589742588543,14023989122373573313,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10724 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,9571081016402467009,3965408913776918618,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9448 /prefetch:8

C:\Users\Admin\Downloads\avast_free_antivirus_setup_online.exe

"C:\Users\Admin\Downloads\avast_free_antivirus_setup_online.exe"

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4280 --field-trial-handle=1912,i,16258460115439363737,13919505671568511766,262144 /prefetch:2

C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe

"C:\Windows\Temp\asw.47fa3b5286289cdb\avast_free_antivirus_setup_online_x64.exe" /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /ga_clientid:6c8051c7-d572-4c3e-86b0-7dbab55eafb7 /edat_dir:C:\Windows\Temp\asw.47fa3b5286289cdb /geo:GB

C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.927e55770a1b1c32 /edition:1 /prod:ais /stub_context:d95fcda4-250c-437c-aa11-cb152db6f06f:9941352 /guid:89207f50-240d-44c1-a07c-4df36b2efc18 /ga_clientid:6c8051c7-d572-4c3e-86b0-7dbab55eafb7 /no_delayed_installation /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /ga_clientid:6c8051c7-d572-4c3e-86b0-7dbab55eafb7 /edat_dir:C:\Windows\Temp\asw.47fa3b5286289cdb /geo:GB

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.927e55770a1b1c32 /edition:1 /prod:ais /stub_context:d95fcda4-250c-437c-aa11-cb152db6f06f:9941352 /guid:89207f50-240d-44c1-a07c-4df36b2efc18 /ga_clientid:6c8051c7-d572-4c3e-86b0-7dbab55eafb7 /no_delayed_installation /cookie:mmm_sft_dlp_000_119_h:dlid_FAV-PPC /edat_dir:C:\Windows\Temp\asw.47fa3b5286289cdb /geo:GB /online_installer

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" -checkGToolbar -elevated

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" /check_secure_browser

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" -checkChrome -elevated

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AVFC

C:\Users\Public\Documents\aswOfferTool.exe

"C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AVFC

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AVFC

C:\Users\Public\Documents\aswOfferTool.exe

"C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AVFC

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\aswOfferTool.exe" -checkChrome -elevated

C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\sbr.exe

"C:\Windows\Temp\asw.927e55770a1b1c32\New_180817ef\sbr.exe" 8016 "Avast Antivirus setup" "Avast Antivirus is being installed. Do not shut down your computer!"

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa3867855 /state1:0x41c64e6d

Network

Country Destination Domain Proto
US 8.8.8.8:53 youtube.com udp
FR 216.58.214.174:443 youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
FR 142.250.178.142:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 142.250.178.150:443 i.ytimg.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 150.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
IE 74.125.193.84:443 accounts.google.com tcp
IE 74.125.193.84:443 accounts.google.com udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.193.125.74.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 216.58.215.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 rr5---sn-q4fl6nsk.googlevideo.com udp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
FR 216.58.215.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.201.163:443 www.google.co.uk tcp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.3.125.74.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com udp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
US 74.125.3.202:443 rr5---sn-q4fl6nsk.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 142.250.179.74:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 static.doubleclick.net udp
FR 142.250.179.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
GB 88.221.135.33:443 www.bing.com tcp
US 8.8.8.8:53 33.135.221.88.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
FR 216.58.214.174:443 www.youtube.com udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.219:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.219:443 r.bing.com tcp
US 8.8.8.8:53 aefd.nelreports.net udp
US 8.8.8.8:53 219.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 201.143.101.95.in-addr.arpa udp
GB 173.222.211.41:443 aefd.nelreports.net tcp
GB 173.222.211.41:443 aefd.nelreports.net udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.73:443 login.microsoftonline.com tcp
US 8.8.8.8:53 41.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 whatismyipaddress.com udp
US 104.19.222.79:443 whatismyipaddress.com tcp
US 104.19.222.79:443 whatismyipaddress.com tcp
US 8.8.8.8:53 a.omappapi.com udp
GB 143.244.38.136:443 a.omappapi.com tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 a.pub.network udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 79.222.19.104.in-addr.arpa udp
US 104.18.21.206:443 a.pub.network tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 18.244.114.32:443 cmp.inmobi.com tcp
US 8.8.8.8:53 api.omappapi.com udp
US 8.8.8.8:53 optimise.net udp
US 8.8.8.8:53 api.floors.dev udp
US 8.8.8.8:53 d.pub.network udp
US 34.160.128.112:443 api.floors.dev tcp
US 34.111.152.239:443 optimise.net tcp
US 172.66.42.248:443 api.omappapi.com tcp
US 34.160.152.31:443 d.pub.network tcp
US 8.8.8.8:53 onesignal.com udp
US 34.111.152.239:443 optimise.net tcp
US 34.111.152.239:443 optimise.net udp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 freestar-io.videoplayerhub.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
US 104.18.33.89:443 www2.bing.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net tcp
US 172.67.74.207:443 freestar-io.videoplayerhub.com tcp
US 172.64.144.166:443 cdn.confiant-integrations.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 cdn.whatismyipaddress.com udp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 206.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 32.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 145.160.16.104.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 112.128.160.34.in-addr.arpa udp
US 8.8.8.8:53 239.152.111.34.in-addr.arpa udp
US 8.8.8.8:53 248.42.66.172.in-addr.arpa udp
US 8.8.8.8:53 31.152.160.34.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 207.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 157.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 166.144.64.172.in-addr.arpa udp
US 8.8.8.8:53 btloader.com udp
DE 3.125.91.136:443 api.cmp.inmobi.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
US 104.22.75.216:443 btloader.com tcp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 c.pub.network udp
US 34.160.152.31:443 c.pub.network tcp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 live.primis.tech udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 api.btloader.com udp
DE 91.228.74.166:443 secure.quantserve.com tcp
GB 18.245.187.42:443 live.primis.tech tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 s2s.t13.io udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 c2shb.pubgw.yahoo.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ex.ingage.tech udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
GB 143.204.68.51:80 crt.rootg2.amazontrust.com tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 8.8.8.8:53 rules.quantcount.com udp
US 34.120.63.153:443 prebid.media.net tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
GB 108.138.217.48:443 hb.yellowblue.io tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
IE 34.255.93.117:443 c2shb.pubgw.yahoo.com tcp
US 104.18.41.106:443 ex.ingage.tech tcp
IE 52.16.171.36:443 ads.yieldmo.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 18.245.187.41:443 rules.quantcount.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
GB 108.156.39.15:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
GB 88.221.135.104:80 apps.identrust.com tcp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
GB 2.17.68.19:443 secure.cdn.fastclick.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
US 104.18.41.106:443 ex.ingage.tech tcp
US 34.107.140.113:443 s2s.t13.io udp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 hb.undertone.com udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 s.seedtag.com udp
GB 18.244.179.114:443 hb.undertone.com tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 8.8.8.8:53 136.91.125.3.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 42.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 6.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 51.68.204.143.in-addr.arpa udp
US 8.8.8.8:53 113.140.107.34.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 48.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 106.41.18.104.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 117.93.255.34.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 36.171.16.52.in-addr.arpa udp
US 8.8.8.8:53 15.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 41.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 232.154.172.18.in-addr.arpa udp
US 8.8.8.8:53 19.68.17.2.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 58.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 114.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 cdn.undertone.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 contextual.media.net udp
US 104.18.38.76:443 js-sec.indexww.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
GB 13.224.222.44:443 cdn.undertone.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
GB 104.82.143.163:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 108.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 44.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 pixel.advertising.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 35.244.159.8:443 us-u.openx.net tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 3.33.220.150:443 match.adsrvr.org tcp
DE 3.71.149.231:443 pixel.advertising.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 fadea3550a7d428552dfb9dbd3007d9a.safeframe.googlesyndication.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
FR 142.250.179.65:443 fadea3550a7d428552dfb9dbd3007d9a.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
IE 52.51.104.112:443 bcp.crwdcntrl.net tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
FR 172.217.20.194:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
GB 18.164.68.61:443 cdn.browsiprod.com tcp
US 8.8.8.8:53 163.143.82.104.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 37.62.75.3.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 112.104.51.52.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 161.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 61.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 events.browsiprod.com udp
US 8.8.8.8:53 yield-manager.browsiprod.com udp
US 44.233.65.81:443 events.browsiprod.com tcp
GB 13.224.245.85:443 yield-manager.browsiprod.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
GB 18.164.68.61:443 cdn.browsiprod.com tcp
US 34.160.152.31:443 c.pub.network udp
FR 216.58.214.161:443 cdn.ampproject.org udp
US 8.8.8.8:53 widgets.outbrain.com udp
US 34.160.152.31:443 c.pub.network udp
GB 2.18.109.60:443 widgets.outbrain.com tcp
US 8.8.8.8:53 ai.browsiprod.com udp
GB 143.204.68.58:443 ai.browsiprod.com tcp
US 8.8.8.8:53 demand-engine.browsiprod.com udp
GB 18.165.227.32:443 demand-engine.browsiprod.com tcp
US 8.8.8.8:53 85.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 81.65.233.44.in-addr.arpa udp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 60.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 58.68.204.143.in-addr.arpa udp
US 8.8.8.8:53 32.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 tcheck.outbrainimg.com udp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
GB 95.100.245.166:443 tcheck.outbrainimg.com tcp
IE 52.94.220.185:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 mv.outbrain.com udp
US 8.8.8.8:53 log.outbrainimg.com udp
US 151.101.66.132:443 mv.outbrain.com tcp
US 151.101.66.132:443 mv.outbrain.com tcp
US 50.31.142.223:443 log.outbrainimg.com tcp
US 50.31.142.223:443 log.outbrainimg.com tcp
US 8.8.8.8:53 mcdp-chidc2.outbrain.com udp
US 8.8.8.8:53 sync.outbrain.com udp
US 50.31.142.255:443 mcdp-chidc2.outbrain.com tcp
US 50.31.142.255:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.191:443 sync.outbrain.com tcp
US 64.74.236.191:443 sync.outbrain.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 95.100.245.166:443 images.outbrainimg.com tcp
GB 95.100.245.166:443 images.outbrainimg.com tcp
US 8.8.8.8:53 166.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 185.220.94.52.in-addr.arpa udp
US 8.8.8.8:53 132.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 223.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 255.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 191.236.74.64.in-addr.arpa udp
FR 172.217.20.194:443 ep1.adtrafficquality.google udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 121.170.16.2.in-addr.arpa udp
US 104.17.111.223:443 onesignal.com tcp
US 8.8.8.8:53 img.onesignal.com udp
US 8.8.8.8:53 223.111.17.104.in-addr.arpa udp
US 44.233.65.81:443 events.browsiprod.com tcp
US 44.233.65.81:443 events.browsiprod.com tcp
US 8.8.8.8:53 maps.whatismyipaddress.info udp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 172.67.69.80:443 maps.whatismyipaddress.info tcp
US 130.211.23.194:443 api.btloader.com udp
NL 185.89.210.141:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 34.149.50.64:443 s.seedtag.com udp
US 8.8.8.8:53 80.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 aa78ea87612332996772482b96d2ea40.safeframe.googlesyndication.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 cs.ingage.tech udp
US 8.8.8.8:53 u.openx.net udp
IE 52.31.116.101:443 ap.lijit.com tcp
US 34.233.57.91:443 cs.ingage.tech tcp
US 34.233.57.91:443 cs.ingage.tech tcp
US 34.233.57.91:443 cs.ingage.tech tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 35.244.159.8:443 u.openx.net udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 onetag-sys.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
DE 51.75.86.98:443 onetag-sys.com tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 8.8.8.8:53 101.116.31.52.in-addr.arpa udp
US 8.8.8.8:53 91.57.233.34.in-addr.arpa udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 72.119.184.18.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 34.160.128.112:443 api.floors.dev tcp
US 34.160.128.112:443 api.floors.dev tcp
US 34.160.128.112:443 api.floors.dev tcp
US 34.160.128.112:443 api.floors.dev udp
US 34.107.140.113:443 s2s.t13.io udp
US 35.186.253.211:443 rtb.openx.net udp
NL 185.89.210.141:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 34.149.50.64:443 s.seedtag.com udp
US 34.120.63.153:443 prebid.media.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 172.217.20.194:443 ep1.adtrafficquality.google udp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 34.160.152.31:443 c.pub.network udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 sv-vlm-mtil1.dmz.ardatis.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 34.160.128.112:443 api.floors.dev udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 34.107.140.113:443 s2s.t13.io udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 35.186.253.211:443 rtb.openx.net udp
US 34.160.152.31:443 c.pub.network udp
US 34.149.50.64:443 s.seedtag.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
US 34.107.140.113:443 s2s.t13.io udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 34.120.63.153:443 prebid.media.net udp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 34.149.50.64:443 s.seedtag.com udp
US 35.186.253.211:443 rtb.openx.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 a.omappapi.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.browsiprod.com udp
GB 143.244.38.136:443 a.omappapi.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 events.browsiprod.com udp
US 54.68.177.133:443 events.browsiprod.com tcp
US 8.8.8.8:53 s.w.org udp
US 54.68.177.133:443 events.browsiprod.com tcp
US 34.160.128.112:443 api.floors.dev udp
US 34.111.152.239:443 optimise.net udp
US 34.160.152.31:443 c.pub.network udp
FR 142.250.201.163:443 www.google.co.uk udp
US 8.8.8.8:53 133.177.68.54.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 pixel.quantserve.com udp
DE 91.228.74.244:443 pixel.quantserve.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 5ff47bf501ae08cb746ef6cffbc31216.safeframe.googlesyndication.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 cs.ingage.tech udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 contextual.media.net udp
IE 54.228.243.229:443 ap.lijit.com tcp
US 34.233.57.91:443 cs.ingage.tech tcp
US 8.8.8.8:53 cdn.undertone.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 35.244.159.8:443 u.openx.net udp
IE 54.228.243.229:443 ap.lijit.com tcp
US 34.233.57.91:443 cs.ingage.tech tcp
US 34.233.57.91:443 cs.ingage.tech tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 match.sharethrough.com udp
DE 51.75.86.98:443 onetag-sys.com udp
DE 18.195.234.25:443 match.sharethrough.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 229.243.228.54.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
FR 172.217.20.194:443 ep1.adtrafficquality.google udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 34.160.128.112:443 api.floors.dev udp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 34.149.50.64:443 s.seedtag.com udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 app.fusebox.fm udp
US 8.8.8.8:53 a.omappapi.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 ds6.whatismyipaddress.com udp
US 172.67.70.40:443 app.fusebox.fm tcp
US 34.111.152.239:443 optimise.net udp
US 34.160.128.112:443 api.floors.dev udp
US 34.160.152.31:443 c.pub.network udp
US 172.67.70.40:443 app.fusebox.fm tcp
US 8.8.8.8:53 40.70.67.172.in-addr.arpa udp
US 8.8.8.8:53 static.libsyn.com udp
GB 18.165.242.6:443 static.libsyn.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
US 3.231.180.165:443 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev tcp
US 34.149.50.64:443 s.seedtag.com udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 c08450811f0b22de84fc8e04532e29c7.safeframe.googlesyndication.com udp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 6.242.165.18.in-addr.arpa udp
US 8.8.8.8:53 165.180.231.3.in-addr.arpa udp
US 8.8.8.8:53 cs.ingage.tech udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
DE 18.195.234.25:443 match.sharethrough.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
FR 172.217.20.194:443 ep1.adtrafficquality.google udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.browsiprod.com udp
GB 143.244.38.136:443 a.omappapi.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 18.244.138.116:443 aax.amazon-adsystem.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 116.138.244.18.in-addr.arpa udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 2b2f80fe86db0df96234f6eca28d3215.safeframe.googlesyndication.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 match.sharethrough.com udp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 cdn.undertone.com udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
US 8.8.8.8:53 veryfast.io udp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 224.17.227.64.in-addr.arpa udp
US 8.8.8.8:53 repcdn.pcapp.store udp
GB 84.17.50.9:443 repcdn.pcapp.store tcp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 225.126.248.104.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 167.99.235.203:443 pcapp.store tcp
US 167.99.235.203:443 pcapp.store tcp
US 8.8.8.8:53 delivery.pcapp.store udp
GB 84.17.50.9:443 delivery.pcapp.store tcp
US 8.8.8.8:53 repository.pcapp.store udp
GB 84.17.50.9:443 repository.pcapp.store tcp
US 8.8.8.8:53 203.235.99.167.in-addr.arpa udp
US 8.8.8.8:53 168.245.100.95.in-addr.arpa udp
GB 84.17.50.9:443 repository.pcapp.store tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 google.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
GB 84.17.50.9:443 repository.pcapp.store tcp
FR 142.250.179.68:443 www.google.com udp
US 104.248.126.225:443 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 d74queuslupub.cloudfront.net udp
GB 18.244.114.119:443 d74queuslupub.cloudfront.net tcp
US 8.8.8.8:53 119.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 145.178.204.143.in-addr.arpa udp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 43.159.165.18.in-addr.arpa udp
US 8.8.8.8:53 113.216.138.108.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 64.176.203.93:443 pcapp.store tcp
US 8.8.8.8:53 93.203.176.64.in-addr.arpa udp
US 104.248.126.225:80 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 104.248.126.225:443 pcapp.store tcp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 repository.pcapp.store udp
GB 84.17.50.8:443 repository.pcapp.store tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 veryfast.io udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
US 64.227.17.224:80 veryfast.io tcp
US 8.8.8.8:443 dns.google udp
GB 89.187.167.39:443 repository.pcapp.store tcp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 ev.pcapp.store udp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 8.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 repcdn.veryfast.io udp
GB 84.17.50.8:443 repcdn.veryfast.io tcp
US 8.8.8.8:53 77.211.182.147.in-addr.arpa udp
US 8.8.8.8:53 evcs-ocsp.ws.symantec.com udp
DE 152.199.19.74:80 evcs-ocsp.ws.symantec.com tcp
US 8.8.8.8:53 evcs-crl.ws.symantec.com udp
SE 192.229.221.95:80 evcs-crl.ws.symantec.com tcp
US 64.227.17.224:443 veryfast.io tcp
SE 192.229.221.95:80 evcs-crl.ws.symantec.com tcp
US 8.8.8.8:53 74.19.199.152.in-addr.arpa udp
FR 142.250.74.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 234.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 repcdn.veryfast.io udp
GB 89.187.167.38:443 repcdn.veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 147.182.211.77:443 ev.pcapp.store tcp
SE 192.229.221.95:80 evcs-crl.ws.symantec.com tcp
US 8.8.8.8:53 205.201.50.20.in-addr.arpa udp
DE 157.240.27.27:443 connect.facebook.net tcp
US 8.8.8.8:53 27.27.240.157.in-addr.arpa udp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 veryfast.io udp
US 8.8.8.8:53 veryfast.io udp
US 161.35.127.181:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 181.127.35.161.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:443 dns.google udp
US 64.227.17.224:443 veryfast.io tcp
GB 89.187.167.38:443 repcdn.veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
GB 84.17.50.8:443 repcdn.veryfast.io tcp
US 159.223.126.41:443 pcapp.store tcp
US 159.223.126.41:443 pcapp.store tcp
US 8.8.8.8:53 41.126.223.159.in-addr.arpa udp
GB 92.123.142.129:443 www.bing.com tcp
US 8.8.8.8:53 129.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.89:443 r.bing.com tcp
GB 92.123.142.89:443 r.bing.com tcp
GB 92.123.142.114:443 th.bing.com tcp
GB 92.123.142.114:443 th.bing.com tcp
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
US 8.8.8.8:53 89.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 114.142.123.92.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 147.182.211.77:443 ev.pcapp.store tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 rewards.bing.com udp
US 13.107.21.237:443 rewards.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 en.softonic.com udp
US 151.101.65.91:443 en.softonic.com tcp
US 151.101.65.91:443 en.softonic.com tcp
US 151.101.65.91:443 en.softonic.com udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 softonic.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 www.clarity.ms udp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 151.101.193.91:443 images.sftcdn.net tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
GB 18.165.160.104:443 sdk.privacy-center.org tcp
US 13.107.246.64:443 www.clarity.ms tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 151.101.1.91:443 images.sftcdn.net udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 3.165.149.173:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 104.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 173.149.165.3.in-addr.arpa udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 108.156.39.27:443 config.aps.amazon-adsystem.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 130.211.23.194:443 api.btloader.com udp
US 172.67.74.232:443 cdn.btmessage.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 api.btmessage.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 c.bing.com udp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 27.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 232.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 api.privacy-center.org udp
GB 13.224.81.114:443 api.privacy-center.org tcp
US 8.8.8.8:53 fa5e03f76dba0468ca6b76efa3245fd2.safeframe.googlesyndication.com udp
US 8.8.8.8:53 wct.softonic.com udp
US 104.26.3.63:443 wct.softonic.com tcp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
IE 54.194.88.89:443 ap.lijit.com tcp
DE 37.252.171.85:443 ib.adnxs.com tcp
US 34.120.63.153:443 prebid.media.net udp
DE 162.19.138.117:443 id5-sync.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
IE 54.77.206.203:443 ad.360yield.com tcp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 151.101.193.91:443 images.sftcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
FR 142.250.179.68:443 www.google.com udp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
IE 52.51.104.112:443 id.crwdcntrl.net tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 13.224.81.21:443 tags.crwdcntrl.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
FR 216.58.214.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.72:443 push-sdk.com tcp
FR 142.250.201.163:443 www.google.co.uk udp
US 104.26.3.63:443 wct.softonic.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 lexicon.33across.com udp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
US 35.244.193.51:443 lexicon.33across.com tcp
US 104.26.3.63:443 wct.softonic.com tcp
US 8.8.8.8:53 uidsync.net udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
DE 23.88.8.125:443 uidsync.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
IE 52.95.126.160:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
DE 23.88.8.125:443 uidsync.net tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
NL 185.235.87.228:443 ag.gbc.criteo.com tcp
FR 185.235.86.208:443 gem.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 114.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 63.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 89.88.194.54.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 203.206.77.54.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 119.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 66.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 162.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 21.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 ampcid.google.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
FR 216.58.214.174:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 125.8.88.23.in-addr.arpa udp
US 8.8.8.8:53 160.126.95.52.in-addr.arpa udp
US 8.8.8.8:53 228.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 208.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 66.214.58.216.in-addr.arpa udp
FR 142.250.179.78:443 ampcid.google.com tcp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 151.101.193.108:443 acdn.adnxs.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
DE 157.90.211.246:443 sync.richaudience.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
GB 2.16.170.50:443 player.aniview.com tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
US 3.209.126.202:443 cs-server-s2s.yellowblue.io tcp
NL 81.17.55.171:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 tracker.open-adsyield.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
IE 52.49.168.145:443 jadserve.postrelease.com tcp
US 172.111.38.54:443 tracker.open-adsyield.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 3.222.152.35:443 api-2-0.spot.im tcp
IE 52.215.131.87:443 match.prod.bidr.io tcp
NL 185.89.211.116:443 secure.adnxs.com tcp
NL 185.89.211.116:443 secure.adnxs.com tcp
US 52.7.6.179:443 sync.srv.stackadapt.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 192.132.33.68:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 172.240.45.78:443 sync.aniview.com tcp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
US 3.165.148.34:443 s.ad.smaato.net tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 50.170.16.2.in-addr.arpa udp
US 8.8.8.8:53 108.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 171.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 202.126.209.3.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 116.211.89.185.in-addr.arpa udp
US 8.8.8.8:53 145.168.49.52.in-addr.arpa udp
US 8.8.8.8:53 87.131.215.52.in-addr.arpa udp
US 8.8.8.8:53 54.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 24.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 35.152.222.3.in-addr.arpa udp
US 8.8.8.8:53 179.6.7.52.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
US 104.22.51.98:443 spl.zeotap.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net tcp
FR 142.250.75.226:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
GB 104.82.143.163:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 73.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 34.148.165.3.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 246.211.90.157.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 98.51.22.104.in-addr.arpa udp
US 8.8.8.8:53 81.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 3.233.158.34:443 rum.browser-intake-datadoghq.com tcp
US 8.8.8.8:53 www.avast.com udp
GB 2.18.110.91:443 www.avast.com tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 static3.avast.com udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 34.158.233.3.in-addr.arpa udp
US 8.8.8.8:53 91.110.18.2.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 197.251.103.104.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
GB 104.103.251.197:443 static3.avast.com tcp
US 8.8.8.8:53 s.go-mpulse.net udp
US 8.8.8.8:53 assets.adobedtm.com udp
GB 95.100.244.132:443 s.go-mpulse.net tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
GB 2.18.108.226:443 assets.adobedtm.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 mstatic.avast.com udp
NL 20.50.2.44:443 mstatic.avast.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 www.nortonlifelock.com udp
US 8.8.8.8:53 c.go-mpulse.net udp
US 64.227.17.224:443 veryfast.io tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
US 8.8.8.8:53 132.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 44.2.50.20.in-addr.arpa udp
IE 54.78.109.69:443 dpm.demdex.net tcp
GB 2.18.108.132:443 c.go-mpulse.net tcp
GB 2.18.108.120:443 www.nortonlifelock.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
IE 52.215.101.96:443 symantec.demdex.net tcp
US 8.8.8.8:53 cm.everesttech.net udp
IE 52.212.226.55:443 cm.everesttech.net tcp
US 8.8.8.8:53 oms.avast.com udp
IE 66.235.152.156:443 oms.avast.com tcp
US 8.8.8.8:53 znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com udp
US 8.8.8.8:53 yjxa2rqccjxfwzwkqwwq-f-f0bbb5106-clientnsv4-s.akamaihd.net udp
US 104.17.208.240:443 znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com tcp
US 8.8.8.8:53 siteintercept.qualtrics.com udp
US 8.8.8.8:53 132.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 120.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 96.101.215.52.in-addr.arpa udp
US 8.8.8.8:53 69.109.78.54.in-addr.arpa udp
US 8.8.8.8:53 55.226.212.52.in-addr.arpa udp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 0217991a.akstat.io udp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 bat.bing.com udp
US 150.171.27.10:443 bat.bing.com tcp
US 8.8.8.8:53 analytics.ff.avast.com udp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 s.yimg.com udp
US 8.8.8.8:53 www.upsellit.com udp
US 34.117.223.223:443 analytics.ff.avast.com tcp
US 34.117.39.58:443 www.upsellit.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
US 104.18.32.137:443 privacyportal-de.onetrust.com tcp
DE 157.240.27.27:443 connect.facebook.net tcp
GB 18.165.160.116:443 static.hotjar.com tcp
US 8.8.8.8:53 4711400.fls.doubleclick.net udp
FR 142.250.201.166:443 4711400.fls.doubleclick.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 script.hotjar.com udp
GB 3.162.20.88:443 script.hotjar.com tcp
FR 142.250.201.166:443 4711400.fls.doubleclick.net udp
US 8.8.8.8:53 www.facebook.com udp
DE 157.240.27.35:443 www.facebook.com tcp
DE 157.240.27.35:443 www.facebook.com tcp
US 8.8.8.8:53 223.223.117.34.in-addr.arpa udp
US 8.8.8.8:53 58.39.117.34.in-addr.arpa udp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 116.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 166.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 88.20.162.3.in-addr.arpa udp
US 34.117.223.223:443 analytics.ff.avast.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 35.27.240.157.in-addr.arpa udp
US 8.8.8.8:53 bits.avcdn.net udp
GB 23.208.241.36:443 bits.avcdn.net tcp
US 8.8.8.8:53 36.241.208.23.in-addr.arpa udp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 8.8.8.8:53 40.211.222.173.in-addr.arpa udp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
FR 216.58.213.74:443 udp
US 8.8.8.8:53 74.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 34.117.223.223:80 v7event.stats.avast.com tcp
US 34.149.149.62:443 ip-info.ff.avast.com tcp
FR 172.217.20.174:80 www.google-analytics.com tcp
US 8.8.8.8:53 s-iavast.avcdn.net udp
GB 95.100.245.14:443 s-iavast.avcdn.net tcp
US 8.8.8.8:53 62.149.149.34.in-addr.arpa udp
US 8.8.8.8:53 14.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 analytics.avcdn.net udp
FR 172.217.20.174:80 www.google-analytics.com tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 34.160.176.28:443 shepherd.ff.avast.com tcp
US 8.8.8.8:53 b7210692.iavs9x.u.avast.com udp
US 8.8.8.8:53 b7210692.iavs9x.u.avast.com udp
US 8.8.8.8:53 d3176133.iavs9x.u.avast.com udp
US 8.8.8.8:53 l4691727.iavs9x.u.avast.com udp
US 8.8.8.8:53 n4291289.iavs9x.u.avast.com udp
US 8.8.8.8:53 s-iavs9x.avcdn.net udp
US 8.8.8.8:53 y8002308.iavs9x.u.avast.com udp
US 8.8.8.8:53 b7210692.iavs9x.u.avast.com udp
US 8.8.8.8:53 b7210692.iavs9x.u.avast.com udp
US 8.8.8.8:53 d3176133.iavs9x.u.avast.com udp
US 8.8.8.8:53 l4691727.iavs9x.u.avast.com udp
US 8.8.8.8:53 n4291289.iavs9x.u.avast.com udp
US 8.8.8.8:53 s-iavs9x.avcdn.net udp
US 8.8.8.8:53 y8002308.iavs9x.u.avast.com udp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
US 8.8.4.4:443 dns.google udp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 42.170.16.2.in-addr.arpa udp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
GB 2.16.170.42:80 y8002308.iavs9x.u.avast.com tcp
US 8.8.8.8:53 c3978047.iavs9x.u.avast.com udp
US 8.8.8.8:53 c3978047.iavs9x.u.avast.com udp
US 8.8.8.8:53 r0965026.iavs9x.u.avast.com udp
US 8.8.8.8:53 s-iavs9x.avcdn.net udp
US 8.8.8.8:53 s1843811.iavs9x.u.avast.com udp
US 8.8.8.8:53 t1024579.iavs9x.u.avast.com udp
US 8.8.8.8:53 y9830512.iavs9x.u.avast.com udp
US 8.8.8.8:53 c3978047.iavs9x.u.avast.com udp
US 8.8.8.8:53 c3978047.iavs9x.u.avast.com udp
US 8.8.8.8:53 r0965026.iavs9x.u.avast.com udp
US 8.8.8.8:53 s-iavs9x.avcdn.net udp
US 8.8.8.8:53 s1843811.iavs9x.u.avast.com udp
US 8.8.8.8:53 t1024579.iavs9x.u.avast.com udp
US 8.8.8.8:53 y9830512.iavs9x.u.avast.com udp
GB 2.16.170.51:80 y9830512.iavs9x.u.avast.com tcp
US 8.8.8.8:53 f3461309.vps18.u.avcdn.net udp
US 8.8.8.8:53 f3461309.vps18.u.avcdn.net udp
US 8.8.8.8:53 l4691727.vps18.u.avcdn.net udp
US 8.8.8.8:53 p1043812.vps18.u.avcdn.net udp
US 8.8.8.8:53 r6726306.vps18.u.avcdn.net udp
US 8.8.8.8:53 s-vps18.avcdn.net udp
US 8.8.8.8:53 t1024579.vps18.u.avcdn.net udp
US 8.8.8.8:53 f3461309.vps18.u.avcdn.net udp
US 8.8.8.8:53 f3461309.vps18.u.avcdn.net udp
US 8.8.8.8:53 l4691727.vps18.u.avcdn.net udp
US 8.8.8.8:53 p1043812.vps18.u.avcdn.net udp
US 8.8.8.8:53 r6726306.vps18.u.avcdn.net udp
US 8.8.8.8:53 s-vps18.avcdn.net udp
US 8.8.8.8:53 t1024579.vps18.u.avcdn.net udp
GB 2.16.170.58:80 t1024579.vps18.u.avcdn.net tcp
US 8.8.8.8:53 51.170.16.2.in-addr.arpa udp
GB 2.16.170.58:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.58:80 t1024579.vps18.u.avcdn.net tcp
US 8.8.8.8:53 shepherd.ff.avast.com udp
US 34.160.176.28:443 shepherd.ff.avast.com tcp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 34.117.223.223:443 v7event.stats.avast.com tcp
US 34.117.223.223:443 v7event.stats.avast.com tcp
US 8.8.8.8:53 ssl.google-analytics.com udp
FR 216.58.214.72:443 ssl.google-analytics.com tcp
US 8.8.8.8:53 ipm.avcdn.net udp
US 34.111.24.1:443 ipm.avcdn.net tcp
US 8.8.8.8:53 72.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 1.24.111.34.in-addr.arpa udp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 34.117.223.223:443 v7event.stats.avast.com tcp
GB 2.16.170.58:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 tcp
GB 2.16.170.51:80 tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
US 8.8.4.4:443 dns.google udp
FR 172.217.18.202:443 udp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
US 8.8.8.8:53 202.18.217.172.in-addr.arpa udp
GB 2.16.170.51:80 t1024579.vps18.u.avcdn.net tcp
US 64.227.17.224:443 veryfast.io tcp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 207.246.91.177:443 pcapp.store tcp
US 207.246.91.177:443 pcapp.store tcp
US 207.246.91.177:443 pcapp.store tcp
US 104.248.126.225:443 pcapp.store tcp
US 8.8.8.8:53 177.91.246.207.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e765f3d75e6b0e4a7119c8b14d47d8da
SHA1 cc9f7c7826c2e1a129e7d98884926076c3714fc0
SHA256 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89
SHA512 a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 53bc70ecb115bdbabe67620c416fe9b3
SHA1 af66ec51a13a59639eaf54d62ff3b4f092bb2fc1
SHA256 b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771
SHA512 cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

\??\pipe\LOCAL\crashpad_5100_PNJJPUPWKQYZDYWO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0513342c4f6b98603410d645ec9e7145
SHA1 4452e4be952744ab685793af526377487bc47c04
SHA256 cfccef443bdd10b8cf6dd84e8716bb1c65a89f72d089d8fec457a29fe08bda44
SHA512 846d160725a0a3990a45942b77ea4fb387d700dcb231d12679aad3826a6825cce7d155844925dd1d4b8e6b5b0e219faa1c98b0c47291675fc0fafbc561d040b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

MD5 5760af84087f405b338f42a088623d11
SHA1 49eb0f797adac54263e50e9ca06d88b444bab22d
SHA256 3e8acf899c934538249b0a69a7c0e893b3031c70e4112f85e4b8e5c526e192b6
SHA512 b103c8cfa3a0282f4690322632febee93ccded6861df2037af3c604b42e2a2022ab3913a3d6e164b95b7773647c44fdb06c386e5ed4b285444bf874d672ad3f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fcc2d20f800e77da30d09cd35fde630a
SHA1 01c175bb3f03d66059a2e69b6ae6c571f17c4b70
SHA256 853279bffce24a65549239b7074b7f53488de7736515fd0f477bc0311b4d137a
SHA512 c906210f680402419a1e8809612d5deca6268c2439cd547eca80313bb707815a66fb8a697f03e14d2228cfc87a4fda4aa1cd5a253f4eaa6079cc0abf957f5a28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 24757c463f62cc42722d96dec3a9da9d
SHA1 f7a8b1da641c09981c5cf14ebc9f393fe211de8f
SHA256 fb838ba35bc06117381961583818c6c356b51d47200c4d3eae8f21c296593572
SHA512 3bc6e24baba82b2cc52c9c4ac3b7ed9188c2805779a183c4d59287291d6aa65771f70ae9be4c7eb47422fbd9c7b64db8fc024ea6f803d4aeb98d7d94e38018ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0d5b065ea1c5f6469aa139f99ab4ffde
SHA1 2edfab3389083dd9b20348a6453255a65fe5a432
SHA256 16152d4b2867bcc73319a042846b26a5ac156d5acfd9faf198a12843a8fa1529
SHA512 422ecabc33d0a7c199f3b37a48aaf97c5294d6ae20403a75b32afb85afaf0f224b15ed0a5dfbc2c5bbf2372f47fcd0ef18c2c0f57748fc6641342fb44ee5f095

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5b6d31ff4ff6da1180188c14006a7d80
SHA1 296f13d183ae62432afb7c80fe211ba27910fb66
SHA256 1b601cd47a7d6779fe66258e1939e342c338620e06b0c0eb62c2eb8c2c074de3
SHA512 9993a51abf7343aefe19d2ffb2e1b1ada8ffb9ed9c5115294b8a414040affde0b98ecd301504729d15d360cd48fbc30e636d850e2d34b9d0c1b2bd6d2a832b1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a65b15c040d58d1cd63132e7392db6ca
SHA1 ca47c23f6c11fca15c306c899683f0bff90becbe
SHA256 d8a223b83c21f990dee5142e956fa8aa57243a54327f940b49703be4c53cb058
SHA512 4f37d66bc09bc885988d59f549ca923e53fccbadd65142a50461868cef8d1b3d49367bb528c8d5c3ef96983c221f9f65e6aad64ff61e78a9ccd1ea2c396af727

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d6f567f5f43b660cfb32e139758f5fad
SHA1 a01fad29e6954ae8f5d6a9748824dfa2bebd4b95
SHA256 17d8294083a4b8a98e62fcac65d1c27e81c7e114b11eaf6d0f1d4d83a14fd8d9
SHA512 b52c8b3140a1ce844929c910e3a245ef378e73331c10bc939e647af258d34bc146e9c4f1732d045423130dae3499e2220b2e8a429cefe3cd172eee8ebee1e0b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580450.TMP

MD5 b59109e570befc21a7bbe0c8369f8e9e
SHA1 a7dbc50b834da3261d1fed27ac9876d9bfc38b32
SHA256 5c40bf4f199c749a3aa08492ea34c10e1bcd1a40cc320a00ec9c6c6896da5687
SHA512 3a7960d1f16193ad04139e3466aec67b12621907c7b2c3b194527c4677599755bebee1c5f78467515db6b39a0b7e2cc3810f5b2e712af57a30f8a1e01819c405

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cd84638a15320aee81c1c9707db9321d
SHA1 77c2e984d0fc16ded7c60ff717e68a770361acdd
SHA256 090b766806474a937ea57eb0d42987b21ce325c42a3987ec27d13ad89336b7b4
SHA512 3dbf5316b7ac2be4addd3d6bbe9943e45d43447d5de01339b0a74527528e57a06fcd7c00d30c5b7a90fc9bdf2c4493889fbabacc4d03872f0435ce9310a6615f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 732c791dd930d98962abaabac16821f7
SHA1 b22a644fa84e76788750971434788a953cd9a15a
SHA256 a7204b93e9db0eef4024a44ce75bc7681526e41103d418af5b17bb441532e15f
SHA512 c76cbd34d21f6c7512e4e24b1e16788cd085e083647acfb81a9b09fab331aee1324920875c34ec5878603a31f0301cddfe3a4286160bcc246560276693727d57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5808e4.TMP

MD5 e957ea75fb96ccef01345743111741ca
SHA1 1c24baae236faa3d41ee275f1880c303573bc8b6
SHA256 028d4331378dc035490fd3f6312edfdbc2f881524ae49cee6a5cf38eb896ffb8
SHA512 a433ef3a181428dbe28189f0d74fc6b1dff81f9ec3a03ee88bf95db130374dc6e2aa9b914975a4cc23026360df8a604aed55c4800d6f0e400187297776432ab1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\51ad8c39-5e55-49f5-9636-b87fb81e9b9e\index-dir\the-real-index

MD5 fa46cc34dec83bbc6b4e05754ab6e109
SHA1 9ae69793654fe26178d802937cd3490ac3be3ae6
SHA256 77e022888d9271061a5c29a0084bcac9bf6aac8e9a2272ee8bfaf31708a3240f
SHA512 ab72f68b84097d914e12719c710cda15ac8810303a6138d666bf6bbd1b804873b0ad200bd181258e40a5506f3e0d96f3ff630e1eb61ea481c660af52ce99733b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\51ad8c39-5e55-49f5-9636-b87fb81e9b9e\index-dir\the-real-index~RFe5809bf.TMP

MD5 fa2c4f225980a07c7ac7de363c8abf9a
SHA1 18bfa04dc6c5cd736009750815c4868c97ed5725
SHA256 f6c9af9f590c2227d526f45dc02858e6e6635e23dd22c0c30e730e4e3356ba91
SHA512 d31419bf34f51a324791d7a51e4d8513dda8b779f89f22badd2f64aad59c189e2500ca29400945b688592e5456a220f5738e796403a194b85d4b6d488f399dd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a0fcbde3-2b5d-4833-b655-f2e38d8536e7\index-dir\the-real-index~RFe580d69.TMP

MD5 41f1f096766cc8a86056fce1a395ba62
SHA1 9da13cb0eea3493fc9295f9564ebb1325b8b03cc
SHA256 19c2f7ff3d67cbf9e4857fd2a0dced2e1d80e4efafdc80c90e96987d0a2db9ce
SHA512 884d5585c7b88fe07c910bf3b6819f669a685729be1903deb8b795439c5893a3226017212ea72da1424169b55514f57764df1de6a7ec63a99472c17c46d30706

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a0fcbde3-2b5d-4833-b655-f2e38d8536e7\index-dir\the-real-index

MD5 6f8cff828b91cbca0b6a8264d4e19ac3
SHA1 bf820f478488aeea23c486be36757dedd64e636f
SHA256 915efb2e92ad070cfe781a7ea99ebbe7e06a640345e298e4647fe2633cbbca3b
SHA512 f9ea85e1d9fd5846abea4767cb53115455617ec790323e2318126056f2810897c0bb588de322e3a8b16a745c60f7295ce1888c8d39de0b521a7ec64bc6a21cba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 69dfe66045bdb7727cd89aa319ae4d55
SHA1 d230ce32c86f67c51a42825d122fc60632986230
SHA256 26984b2c53b3593528b9f6d94b61a0f6ed046a893af6c8f2d94f180a9c391a39
SHA512 9a925f613172808c985764ebd30e72fa29721cea9e6bf1025f18569ff7d261e1d5b55361e14444608138f382aaef58629fdb6d3b2bae523b5429b7853984e097

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 21b77791093846ba743ae03ac3dd30db
SHA1 4f9876a2a49eeb79cc1083549869748815644bcf
SHA256 643df91c23a466678768cbcf9cd02c371baad878cc511a27f4147850702e3776
SHA512 929cab819820ac899d682bfe0742128b343b498ddc7873f8000031312228d5c1b49b2e20893e4f375158ff2bb412153569f2a028f252cf4eb7363bf3b1ddc57b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e750f29626f631572d95e804c7c68cbb
SHA1 030d2029128ecda296b8b7e1b835a490a95f5258
SHA256 0b3fc7de0f3bdd8aa1121bc43dc3f3226e1aabe7fb8e1b141dd3b248e84ef0dd
SHA512 84d46cf8d335ce83ce8163fe05c105e70002320049d8dbd74cf36a7969b0aedc701fe415059a3d8e48c53b46dfb0297198e2558eee9a4530e6687ebc8b800b60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1acb9f0ad4f35f30d84698ac4751e95f
SHA1 913ff0f0f796bcff65e39968218d9d068bc315aa
SHA256 e552d33326de5d0b976529fd74fd49c2fc085b5bbc950076d4eb15cc25df4b2c
SHA512 7b4fbf2979b0e8ac797d43ab38d7ecafb9e6cad3c30ac1f27222769425eeb6c7e679bc8965c614062f91f44e6ec6a07f2b1c0e0891656cfc3dc76f05db67857e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 12481e5427438209981157e5f093c816
SHA1 84e571be92b23842205b1b0693a8eecea445f88e
SHA256 0af237ba490191a5e9250cd8b0ee88188a1ef7df21b0576c136f4520b714cccd
SHA512 5d5647389e9a832a395c3bbc8adb2e1b1daa227c540f80f1a03fdf895f25f7364ef77f208a84dce1609c079621821676341a43fbb33f9f9ccd86b13c989dbc54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 411fff8568351335957eefa281adae74
SHA1 693f15773f67b7e65ab19f173a1afd1b6517d100
SHA256 2d5d144c02de9947406b14ee590d37016e6156f567570210befb81e1de20e3dd
SHA512 a001e2a269073eeef1b087d1cecf4817ae6f90a4bf4bffaa17a94c376ab435354ab8783abb9e5ec4ec06033aa1be25ac30451dfdeafd3bd5b0b61f6c6e5344cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cf29d7858b6c719e7c08a3d1ef5c5e49
SHA1 d736871041391c9805abda45e0c6bbd5db0154d2
SHA256 d194c1719b72c71ef490e778ec63e114636cbd42a6c338b9879387070e29a516
SHA512 c7f575307f5f3423095a8b3059bb11e05d77e539da934db7f73ca3cb1a55b141246ee07b0ce24b021ba74dfb3c4d6ea9210340598d50299f54e15fe6e4d3a8b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 8266eb9d769b0040c61f9107b9233d0d
SHA1 7d84098b0f5a6b1fb73333838e071558086938da
SHA256 389603813af8808ae7ec8ca4f2bc326b15e4c2ad5d86eeabfb271ac4d170b923
SHA512 82854e09e38363bf682d1426cd72d2efe770a58531f8b006c80c32718229cd9699c6db6ae4afe0a5ba64504a08b16568e53ec8fdf2702b5abc41ef7711f011b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 96aa3743bab6a2a15456f1aa6a1dc953
SHA1 6ffed9c3c855f1a9214fe155cc00e2ae60c3776d
SHA256 972fa707ea5fe6908e0f29f613b6c24cdadec0cf78b98f01069fb9047645e1db
SHA512 4cf310ec935a2443e8bb1ae2ed3104b13345d7ac7ed19fe5c967b2e3b0b51dc02c672daf87fa39086d16f8868bd2900b6d9782031e3eafbf4f347bac3186c7f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 eba8f83ebcf836af72e54e6cc7ec40d5
SHA1 741d30cece6f1cc722dac97e71a0d325c53eeb08
SHA256 d771e4859180e5128e5d76d62f1fd934282ff44eda666d2226ebdc01b3b1d73f
SHA512 3c5d5214ae35452352a57a89bf0cfa4453614c2aa263f8051a12f9b7340be6b1032d7a7ed3ca1264853779b0555c8534e4e87b6fdd4d8589c0d79d2f13b7274e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cdf38392c129431aa9e67e15b774c190
SHA1 3b5e44c88d105ba9e6a77c197fb9c064026b95ac
SHA256 670b4a9dd83394e0dae7dd827cc779e5e8ee53686587681b38c0e29993b23574
SHA512 646342609391f5f01b82077ff289036ef374f8805d973a77c62eb6ef163e18fa0c92908b12d3371c8bf783448e1f4bb120b73b7d7daf5db28293f2bd80fb7320

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7aa000e1d833b976b910fc02c03fd837
SHA1 6416a586271226ab1e48ad41ca4cdce6b9334854
SHA256 4eaac32510be4a85c69ceaae3ba0b894fe236bb0f3aac7f55dd16d808ab814eb
SHA512 b940ae714b4ad25e8e4dd8e6e99be3417a06b204eb1d319ffbdbe98f15d399fc0fc1946c6d3b3b1f35e112a326aad559e804a4ef6004482b6ecf35626c861c73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9c303b4968bed2e2cfbb72ff1d7a1e33
SHA1 e4e2f201154a032a690833fb0810a3d09dbcd4ae
SHA256 38de634a90c608aacbc67b61f752fbb6035e7fd2e8c0d4c4af146594b577e58e
SHA512 98e856e86481042d0ae0ae42fac54c04757b44e3b0647fda86ef43a788db495d7003f1529e9ad67b1687675c789d8926db329da4d27ce7e4fadce5c698f97022

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0048c1db9ffbffc0f82dcecd3c095f9e
SHA1 2f667d7a7215f1b9de527dbfb38219cdd3e0ef80
SHA256 7c11984d3c54379f2f5b15e824e51c21c4f0758ba2e0a5d8bbcedd0ca7b6cde0
SHA512 c644b8eae71a4d1f90a98b70b0349927af5ae5dbf6aa1595409734f2dc508bae7ff5fbd794148f6053f01ba67d0f0d743548b0dbd9119f94bb2ef5a1f5509d76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\891f8f05-6535-4e70-89e1-f71eea5e51cf.tmp

MD5 9c4198655774b02e76b9dc15e3285eda
SHA1 3fb18c75b9165be07f54e906e9b2414cfa0e5d9f
SHA256 fcd4211923d89f2dbbb019a30a157e20a45a8560df00724fb21c38ad9e584211
SHA512 d03dba4ae0641a0a31c29bbea74e6ec8a7b4814b72f307bfa21560b625ac387789ab073b2a907abb857f552de63db82c72bc65c4ccfac5c08f41f81d03125618

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

MD5 34d92df7e75c92e77c5210d7b97b46cf
SHA1 031573aec9e631d119e9952ea0a70aa1f7ef45e1
SHA256 404fd8dc09d419829ecc4bc46da3c63f7e78a730aede76393d32b09bd3a5d97b
SHA512 e853cc5476f14b7c72ce5666d30bdeb7fe43311f8ba3f7d37e2125d57124bb314c42ece5fedbd7c06ec7b869127cd8dbba3bb91b5a9814200da18ae58913e0fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 6b1ed52d79c951a3a669e1e0537d90d7
SHA1 0b32855239f605e3cfcc0746170b29047d278aec
SHA256 ceba6bc6173fffa5e174005ed0b3ce487400be92d5a7d86dd2856a86a3ccabcc
SHA512 5110ad8e3b800dbf764fe287df623b98fc18a74d98a52601d553d0d7aff7f5d89ea03ef1c9d84773fe8c0748f603f6560c437daf6c3fefea8a49aee45f46c780

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 a2493494337158906e93a9f9ddfbc0a2
SHA1 9204da8cb46c703cdcaac02c5c37d806c34ab8a3
SHA256 768313983f73c0b2ada84f44a3343a3b69c90117eb8572520fb20418e0b7c626
SHA512 b80005486abb16d89743fd4e7522a17755ca562a77468c8d11bfec42fc160d6783caa9a229bd3e6734f7f8481aff0076ca080f115cb03208e1e5b2ad4c9133f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 b2d734116dcf0bba8d9e7563a5be6211
SHA1 f5b382ecdcc4e175361b3204e55758ea4b6b7824
SHA256 1f617168f2de503fb9dfef9879a6e8cf6c3342fb0f5f6a5c295ac7662888c9fd
SHA512 59a6b72d2ededa9783a084cb7b09fa8bcaae98180adaba8a03bfa8415d2a6660559012d2d353f666335e8c75d2730209f9e2dae9ac788e857caf8c18b8cafd49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 22c04a443316a8f19693fe1cf72a57c7
SHA1 79ebd5427d791f4b85759c520dbb17eafaa089d8
SHA256 4bed01f2abeab6a751a08ee43d8499ffef3aa8a42c4c41b082fc4047968f10f9
SHA512 1acaa0bd5c5e56569f634fdbb39214b3217423f5935dea8d1abc408efa5cdd730d1ed4e02cddebb4590753cb852ff2be46793223429777960e83d378907efd1d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 c05b402d8edd291b252b688629b65253
SHA1 4a4bfcf5ca804b0e4de346c0cc52e3932e1f3bbe
SHA256 7a43a1923fc44c968701493395dba052d8fc5aaea634f0575493eb5489d1a91c
SHA512 25aceb07482c84a7b018671be3ba5208fb5e3fe1af02fc9f8b81641463ababd36e0688159dba7809010b9c7f4003e9bacb17a6f100e13ae3d0943b42e2db6a5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 f8f44472dbecddb91559112c533659dd
SHA1 5f71bbcf255074cb65e7b1cf9374d69d078979be
SHA256 a129e15e8b7d71db66c1a360efca3ddc00e5990bd8f93b70e12afd783af53d1f
SHA512 cff90e7dbb611df03aa560564826253aeca2e2650a672c2c452ee4ad57aa62a1d57121105cc84b9b8c7c91847c592d05b744185b4e6656b5dd460ca4cc37c128

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 d78111fdae608a457fe035307f04da2c
SHA1 d41794a595a0db2d59b834eb035487482500ae1a
SHA256 c3babdd3166cf5994af7e75c4d1dc52729573328b186ffe356707c4cb10ab5a0
SHA512 6d36b71c2d78331f67e3a46efa7ef3bfb5387d10d923115bf809ea4c5376cf92a1cfdb8a8ad92b37bdf5373d3c3dd7c0d7e10c494a055e683d58ee71baa4eb2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 8fe2407dd728cd524bce2f490fec2ef0
SHA1 5a25b43bf52e2e8c09e6de422f7dd0ccc05ad215
SHA256 d31ddd790748ba8656d85cdf19b9db3629d0c788149aaed113b5753da7fd6bf8
SHA512 a1555b9a8f0d086b8c68f38be21a42607f661dc894c1f7c1c83c89e1ed8a143483ac80f8596968c4a8f15b66b90ab38480cec503aabab33bb9d42ccc6eadedfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 72fce02ce8453a1b3750a03749479b10
SHA1 85a0d27a7c51e9a6c26468ddfabb01338a2b533e
SHA256 5f9a3b04e9bf7ee62ab31a79ff65f78fb2658b0be23c6db80324adf01c1be4d7
SHA512 d845f9c5c7cf96f82dd09ff91e44b13ba941e982fd4dffd1a093a542d053851d892028265f2950fc1d1f6269e2abe62760217423c058866f01fd5d012bccdc64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 e6b28049d4e4d54061a02d0bc9576879
SHA1 38fbbe19d7d12b2cc08bdc8b0e807b93b1788b84
SHA256 2ff1aaf217a94e727c0c94f9823cd156b17e19c350d4456ba0a99bee7409c78e
SHA512 09d35665b516f5724c13e094452806a9de0257467ab4ede1ba0d98f3d94296157974cdde66ef84241a2c95b10754be16544fb7b26c4d9176b433d9f7bdc37d8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 65d3f83d879428f73e751d9a36db6db1
SHA1 a19668aecd92ffeaec17643ae7d6140ad763351c
SHA256 8e802d53da4fd798ca61b4aefc77e20767bd4696e15312b0ac7229679292560c
SHA512 e2550db4a106da242ccfa4dd8346364d0223a6034d38232dd3b867c79e18620da631fb4ad0c90c42ba3e69c17b9256df8ed05646feccbaae2fbcdb9129884ae8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 76074361c87e7c8d3af88302818b71f9
SHA1 f7c56271b6aa1052d44177b880df9fdc82b7a2ab
SHA256 12e8849ba93575da35cd426232e7482b04ca5ccbe687118b444e71b38343e2f4
SHA512 a79408ba8488a0c01fc760f0ddc6e2c3833520ff5c9ef17769be80924888654be8e41e86519b4b68f628a4433a050ccad6876fa29e576fb56408b25a34a2c004

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 fdb14e9f83f5bc1c2bdd3dc334956932
SHA1 3053fb1bd6fbe122f61dafbddd133f2fd8bb3de6
SHA256 3adf2ca0b82565c9e99a10b00fe74fad10ce03bc88d97977bc2d7dddd4f1f394
SHA512 46fc5c68ac9a6637ac02d25d6157590347ea2498779e2703126db00b7cea10c755903a83ef2e9c07d4c1bc61f1f152947d82f75d817418f62ee08966d402e2d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 8c0fc2a8cbdf5aa41247d7eea196ec4c
SHA1 50d3a6444aaa4d1be4ce53f9751e67f7fbf601b7
SHA256 91bd5771843bec133c4f6a8b7b0b31951e7b666306c5ed1984e4c3ccbb0c88c8
SHA512 5c7d5c0c629db6129874945506904a3a4f8af94a2b316b8e054cce6f62a0c37ef7a1643b069c57e294df191a5140772bccf9904f55aeb71f4fdb30f0803e7836

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c869d937b808bc2d6b02b4b86743f28c
SHA1 ed82db1590c57b402b6c1202aedfa504f6ea82a1
SHA256 a57e21707074b9b8b45a516ea0377274ead9522cec4fc3b0bcea922cb22bbc5f
SHA512 623922fd989f7385afa0eb5ed468de1b6fc93345bf908ea3f841289ea4ee297f3f696f7788a05ccc0fcebdee5cbd276301f029bac64a3b5f4cec8a866fbb8119

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 c38d86a2b5eea9e823662c4ced969527
SHA1 d9d42845ac4f59b9ac28ba5380a8ec02646efe3d
SHA256 8731878e6c79b29f4e6e52a6c3a6a023de6d85026a965cf994b71e0851abca9b
SHA512 9178e814ca9bdbbee0ffd0d2d4faafbf06f693b5b0f48f18f40550e92ef9151859c1d8b605c0d29e4470917deedc96ead59ed853e37e4628b5327637d8a88c38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f49b1eb04ad6741c337784f7e6b9c0c5
SHA1 b23c2d0004defbacad1e4d15b9856afbb7123b67
SHA256 98285546b2c582c04d371d4c041521d7165672cf29f0c23302c319c87f4357a8
SHA512 669d692f69254bc9d0c8a7b23be771c506ba679b0ce7ae3a3d3d3e1984e230b0c141d7524e06de35df3f9a266e9449ec598e963c633a0c49cf72ec26e0a251e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 876ad911669d770989bb6fc1de8db991
SHA1 814b1d097355e7cd5daf8d2f9e283ffe428cdda3
SHA256 3701145753019afd9e3f139e328467a3338c7aff4371e0b8e98035f8200c8c10
SHA512 b66b0d0f69a8a2471787815415d9d7d8d39ea6c1003f7684b7502acb0a2f4da9876d05bc3b22561c17502cd9135b10090cfef03cb98a603de24dbf26820ee893

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6a40b854a1e649a128718d323da5eef0
SHA1 7564f26328293625645a32962cf83a68aed7fce2
SHA256 ebfb60b6a8a64a2ac774e83141372b41867edf127e912a609f729317a3c2b773
SHA512 0c354b5db86af9e4bfd1a526690382cc26dee1a24e82d72f5eb629f9131216d7bb939d31e30cfde4042a2802bd4c4cc8bf5d16570eb085cf430272b447e2bdb6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 667a19815ea14e83adb279e5b3185b5e
SHA1 3f7bc1e6f579d08bdc6dc3a42ea58440ef598f8c
SHA256 7413180ff72d7680da9b455229a0bc84551a45fb49859f7a9af12efa1e3481c5
SHA512 829c096504a49d0076f831a3de5fe186de19a67c4a286d19db9245c366a580134ac51c5598f98039077038b11d0aca58022a0cb6d20d6e580e0cd0d3b3f36aa5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 c8b26f869055afaa9e4d75f8075cb8b3
SHA1 8aa1a6b64a047db424dda727d62a1158a3c203e2
SHA256 0927438f9b5595e4d432bf77b473086c19611edff47cec103ab4b5cd68fd7ab8
SHA512 6b52e402a0f16302cf09f6bef21e8af619853e4f24c29abafb8a1ed285f9a61af056caa0b8e6187b7ddc36ea83da396dff53023dff75a15d87e1ed7fbc9df0ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 c83e4437a53d7f849f9d32df3d6b68f3
SHA1 fabea5ad92ed3e2431659b02e7624df30d0c6bbc
SHA256 d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
SHA512 c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\135a9e73b7a29232_0

MD5 320f5fa200f4f65292451ee00d04ec94
SHA1 c99a7d79e6f57ba6fe6d4a7ac3a39499da580292
SHA256 1702802cf01a77a00295e54c120d508cc811ae1161f4680db0fc972649bd16b6
SHA512 aace1936010c36e9517f814a8b2d26a1027dda437313d61b14c7d26da25e18938231d41b98d9cceb23811613a56ffff6c2af66ac61e8b0dce20f6d3e331cf18b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 b0a3a560a96e7043a1148b373d438472
SHA1 576b56f969708b20324ecf9fc8951ec681ae6a2d
SHA256 bbf9e1aac1767990bb83fee07ccc938ecbc763b84a6ca7730fe9fc0cd0675fd6
SHA512 f4648e668b5a0ffcd98d6a2b8dc7e628b775f346181a8e042f9e2d87283fa065b3520a5bd285e1c183b6b16a282abb635df5ea056de3d0e002472985145fcff9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0084a98da4ca477_0

MD5 f55740896453e1b5065e47db7bce7309
SHA1 040043f85fe62568eef601b1b45f3b3de92516de
SHA256 5893b557bec7fef2542db067dff37dff975a01c819ac50f20f7ea683edfb45c3
SHA512 9a9aa6e6c4d2c971dfd39f905826d513107a41bea484275dd29ab24d8165c94eb666bdb48cfeb01d79da74cc8e49bd77d6f91691c425dff57063a0040c8bacaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b012c492876d369aa71b2308859a22a3
SHA1 6692fe0fd08a8d041f6146bd54c5f66ccf2f9c68
SHA256 f0086320322afb9331275f72a90b9efe93dc4eec240c0872b082a8818f68327f
SHA512 2faa1961a1354c109e61f2a1496d30b284d910566d49f7a0866c3bd03a8243b7415fcf24d8a66dce3dcb4bf7ccf967784b49d9cae69440daa50803370623244c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\215221d7b956f74a_0

MD5 21bfd5bd0d5cd78e52441f81aca2fa30
SHA1 6637ec8aaf9631fc5c201e81252b9d94614137c0
SHA256 f213e46d48936e49ef995268d94db8483eb6bd0aaa01b7337d071cff87169de0
SHA512 42de6cccce2481685e966f57b18d4eab657891aa3b2ce41b48cb1dab8d3141402c31cfd7e5e3345e8cabf172e47d411d25125e6057ccd90b56e0d345176f2d1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2363af8698c9d1be_0

MD5 df09aa24adc51be353fb0de74bf7c5f6
SHA1 01edffd0b7ce494a6cd2a6145b9156bbb69adde8
SHA256 1d07e7e6c1b8704cc7dedabb83a942f82864f9aa6d2dc355118aa30793636b35
SHA512 353932239571b22d6c463afab6c312b15be873cf9bd7866ddac77f85e14cc63b8db42ecd940e9aedd25304ea27ff6c797bb63e125ae7fa751adcc2d9f4954e49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ecaaa350d8ec7b78_0

MD5 1eb0fbdcc70fe31775cef572cffa1253
SHA1 c43f46953aff61080c1048c3774e33f7b04b788c
SHA256 33c0a6e9c8195cab3782b31a646fb201396970b455ce08509ebe59118f5ef63e
SHA512 5e3b38f08d6b9c1c9918c48a04c516772d651ca533520411e8d35a6626763c40cad8ffadb79bc1c2329b354401d1f2017f0c4f3afc5b86188560202d89bd317d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7420fd658c8bbe19_0

MD5 bd6af55fa69a5ecd90a2b44631991987
SHA1 84a0cb9821a83199c27d4d5dc39a37434ec5bc62
SHA256 d9615fbb9c8af336fdecfd4bde64fe5257e832edbae39ea706ba5d11ea52c777
SHA512 c35b3fdbc9797342cdb222a88291210f4b01acf2040f5e6026ecd1760923026e2610c68b5a4ba9fee712ea71d11f7843af17a5bb8218c9a90ddd704f8f8da667

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03c02a394e11f5cf_0

MD5 aa6b3c4aa329fd986c544504c7ec11f3
SHA1 e3eaefd743ef1cf1fef5afc74f01dad835a62653
SHA256 e1ae9e816cb1f5edf27a8fbe96d5e39a193e9539282161f99d8f266d45dcd515
SHA512 4ee8a89962c1aebd034a205e923f6082ae2ab1c05a498d33621eac2b176fcb210651d7495449d4d53aa5d22a8f5feaef5f64457010a7045b6c734377be1d3d5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\abb8cb1b76d3a456_0

MD5 092428c12a97c7b4c591348398ca89ce
SHA1 06133b612080622e6f2223b4862d90bf6811c588
SHA256 4c8304e23a494eccfbb366f333979bc63b39adc58ee285fd49a755cc2ad68f1b
SHA512 228a6135062f25065b523e6931e3dcbcd7ddac324615e1dbad60c0be5a6f26fb7f5c0e7d1b9f6af27c6b74efbd5c0a8a7823ae257702feb1a56325fd120e1594

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6122238f5a82b496_0

MD5 c6c9a0eab800e6b2b51494001d90125d
SHA1 f78826bd0d62389c669c815e71d51842467dc677
SHA256 a38e1d8a2637fc9c762f8f6b9f96bbe3d1ce5d08a200c89eca64ee4bff62fe01
SHA512 b0003ac2701e40dea7111cfbba77ea3eb8f34ba6a7a9341b1d38169c1ea0c16e3c0ee2af41287744eb020d754aba130b40494fef949e41d90d4415ce7ccf70a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a326fa9743aa0edb4f0fc6303765eccd
SHA1 c93ebedfc02232d6a6f5fd4f36bd45163f27f1bd
SHA256 588f5c66edd29e780a8b36f3d2984fba239070613e8cbe7f08823c1e08f039db
SHA512 c1b01ea9d6c0b5a084e8518dff1c13f5db53d9e204a9ac179a08d88eb29d6ea010a2d3858d46b5ea8465c23f89e6bcc3a6df5c9216d76311ece2e6042b58778c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dd55aaafb52497408eddbcf4fbb3096b
SHA1 8e695b229848d1749bb07a49bcbd0813942fc0ff
SHA256 4e57cf796cc9fed8de8474ed7e10f730d0cc0d0bee299cafe1dfe34d01f8338f
SHA512 f113268a693537a07f125ab00d905d71b5f734a0e98613afa3d14ef48f9d06291721e015473cd28068dff545f0bca368c0b812d737baa86cb91ff5c76881c342

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0879d62c40a024530f9e6afe57a75402
SHA1 37c6a0306b2c9f8737defa13f5939e465b5a9160
SHA256 eaae5f8d90b61df0cb4ca047419f5cb672d86a3ee434d693877424be9609fc11
SHA512 bbdcc58fb4ee172d828b76e1477b377654529823443c009c36f7b7f2d47dd1de012952cc4c3831b434548a81fdd3b4e052b95729e6b743cf4a6f029d34746c54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

MD5 94ec5055df1155dc2280e6c9c5fcc3fa
SHA1 86c21fd684361fefbfeec5453b0c51c5f9038499
SHA256 76282147e8651d506824d1337383f1e27feee375949bfacd7008d667312d89a8
SHA512 14d907859abdf87c3a35adec37dc1935123241234dd930ed085488f62692e0be23295b81b6cc34de435654aefd1af52cf42cdbaadec0168306596e4e93693a2e

C:\Users\Admin\Downloads\5b948fba-7c88-4cf9-9b1e-3b6c1460b132.tmp

MD5 eb9c292f33e994664a1c488e70532159
SHA1 16395a0be951c255695c2bd0a9a0afcde234c83d
SHA256 c4df76d3dc9acafad8474ad23700c7efb43a9bab4be00a068111e5110c8b9ac1
SHA512 19b95808d18daebbce73068d83d03b1217d83af7113e5ed4958c7d2c645ce1ff38afacbf055faafd823b9fef32eb3848882ce07beb1dc342515e6c17825b4140

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 afdcbf59384391e07baf109559c3bc5a
SHA1 7e1742455d58cdbe653133a114125d70796c7ff1
SHA256 16d4ba46711192974320b0ffa24667819a40e3eb3ffe87e52eb8ef62755c19c2
SHA512 a265351bc52da274fa8a1e6e243eec3c0774216441ea6181766c627ff0615cf1111486c88baaa6e387810711f54cf714f8f56c33ae8d842ea0e430ddc0434445

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a574bda2b2341dcfe8610c7ab19285b5
SHA1 ac2393eb4856f2f1b1d1a30ef90f4a3d7d292da6
SHA256 d0db93c80446561e5599ca67a48bc04b341f311687f805035dfabcba4b943750
SHA512 ec3752ecc6955f24351eb982143bd33e07884f9bc8289f6f768303cd9e6279171591fa1cdea826b6db4d48cff82688d6a2462d63a2ddd91d6c9575fbf2294b56

C:\Users\Admin\AppData\Local\Temp\nst4870.tmp\inetc.dll

MD5 a35cdc9cf1d17216c0ab8c5282488ead
SHA1 ed8e8091a924343ad8791d85e2733c14839f0d36
SHA256 a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df
SHA512 0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f627515d0fb68ec47c18fd43cf6d6ed9
SHA1 e57360f046d85a9859ea9fd1c3b3a352a9017651
SHA256 080bcb7a769c344046cbdf4b979dc4d54e87e7fb1a7738f098201afabf14390e
SHA512 c02140d4e1a49d38e37bc6cbe1f8fbdd94519051127d17bfb1d66eec2e3d1107195ca6c194381d2fb0a346c98570ef87ca1156aaefcf749fa13b5e56800e40a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4622efdacc2682584fd12e962ce8b463
SHA1 6f810e2fb6ea70b58e93b1f6b2da37294d4b9e65
SHA256 e16782d94c84da457cb06ba411315ea1f71a9e9b5a526a2cd1870fe30d790715
SHA512 c5a75ce5e886354c26694b09ba4aa264b5295415b657098155886a3ec09aaaf4f326690a33b66ddea14ae0592c3f5ceee88349907587a34caac967209890e6d9

C:\Users\Admin\AppData\Local\Temp\nst4870.tmp\System.dll

MD5 cff85c549d536f651d4fb8387f1976f2
SHA1 d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
SHA256 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
SHA512 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

C:\Users\Admin\AppData\Local\Temp\nst4870.tmp\nsJSON.dll

MD5 f4d89d9a2a3e2f164aea3e93864905c9
SHA1 4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a
SHA256 64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb
SHA512 dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2

C:\Users\Admin\AppData\Local\Temp\nst4870.tmp\nsDialogs.dll

MD5 6c3f8c94d0727894d706940a8a980543
SHA1 0d1bcad901be377f38d579aafc0c41c0ef8dcefd
SHA256 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
SHA512 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d415ffaa050d5146da5835c5d8d48b91
SHA1 da419f73edbdaea4c1d314a597461cab6d4a26bd
SHA256 6ba367d1f349d685f6172ccc50d371ba901c826547394d15c4a8e2aaa672b4d7
SHA512 930895c5dd005253d2bfa9df8b133546a96ea268a7afb841211a472ff5f92de4c8448497053a44cd906674e262d984ec85e44efe0c28e5e6d25eaae3abec43f0

C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info

MD5 82d7ab0ff6c34db264fd6778818f42b1
SHA1 eb508bd01721ba67f7daad55ba8e7acdb0a096eb
SHA256 e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db
SHA512 176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a

C:\Users\Admin\AppData\Local\Temp\nsz88F5.tmp\Math.dll

MD5 85428cf1f140e5023f4c9d179b704702
SHA1 1b51213ddbaedfffb7e7f098f172f1d4e5c9efba
SHA256 8d9a23dd2004b68c0d2e64e6c6ad330d0c648bffe2b9f619a1e9760ef978207a
SHA512 dfe7f9f3030485caf30ec631424120030c3985df778993342a371bf1724fa84aa885b4e466c6f6b356d99cc24e564b9c702c7bcdd33052172e0794c2fdecce59

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\b86dfecd-3921-4fdb-9e55-40cabd103de4.tmp

MD5 728fe78292f104659fea5fc90570cc75
SHA1 11b623f76f31ec773b79cdb74869acb08c4052cb
SHA256 d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20
SHA512 91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5

MD5 03e9f614a008075733c76883156b568b
SHA1 5f9cb1b06928487c4b836e9dedc688e8a9650b0b
SHA256 b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416
SHA512 7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000001

MD5 8e433c0592f77beb6dc527d7b90be120
SHA1 d7402416753ae1bb4cbd4b10d33a0c10517838bd
SHA256 f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
SHA512 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

C:\Users\Admin\PCAppStore\download\SetupEngine.exe

MD5 3af0c31420d331d34320212a95f4015a
SHA1 334ee9d0574fcc1e6ea93b6573600a1202eb7577
SHA256 f504f1cda90e467dcd93c10585895a074f3cbdff2b278fa49cf487b32a51f811
SHA512 6345ce334e6ed06e24a2bb561650a9fc28b2dfd0aee424e680b4d57fa6a7c7d14ca6b10a1ff03ec041f81257c1aaab27e3bb41be1e662efd9774e5b711cc98b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a956a8da25dd0cc18f8946666b5ff4ae
SHA1 3a64b7981183a8511bec329216cf7d2f0b13a523
SHA256 cb44130f02e87d0600ebc7e02e8fea1c6d12cb03bb65b0d97a94673a72f35b3f
SHA512 88bae12fd3304c13b2db8b365083fe97227282f08691ed247e3651f38cac170cb6f7dfa7bd77e199bbba226f6865f7ece4b8f0376bddd6400653a738ab173aeb

C:\Users\Admin\AppData\Local\Temp\nshDB5A.tmp\modern-wizard.bmp

MD5 cbe40fd2b1ec96daedc65da172d90022
SHA1 366c216220aa4329dff6c485fd0e9b0f4f0a7944
SHA256 3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
SHA512 62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State

MD5 57cd90e8ed65bc0710b59ec6eda51f7d
SHA1 1bbea8de83329f1b92d5ea944630dbe3658fd7b6
SHA256 0f4ea4c2d0d2fe6a3cc3000ef0feba92be6bfb57721aef1a3ec718e00951e6ca
SHA512 5f8c433185a465bb2defe3a9f04a9eb543e0f7d23c793b6148d239e644a276fb3ab72b40b736421945b9f5082f8cc9452fc762f287bbbd01e83771bb575ae115

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State~RFe5be59a.TMP

MD5 93c385b0e56bbca3663077c9b553ec53
SHA1 09b3a2bf8d44835b5f14e1003b390dcc41d9318f
SHA256 5edec3dc542cd7fc11cfbf46cc16106c5c268f94623c8c812c5a1a442b9cec56
SHA512 be11b9cc20db0bac6227a54dae6a625df31065bbc19b0e373d9fd6f3fee5182db4171dd92814eb9898d5b0d77d1d40499a5c6253e9c5fd72ced6149cb1ae0ae0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 f862cd91d771975e12360e7571bc6450
SHA1 688339488ec802d1007f6dcdeb626a2464db3347
SHA256 344a942d4094f52c87647a4355d93cfc3daaa3adf5ebd600e5f30e2272cbf19b
SHA512 bae5ea8ef30898d862e5356e63ed4b21341ec19b49717e67be5c585afb3659ea30c22e05176d360aa1be6fe8af6ff493cf19f3327b951ec5899f3458721e87ed

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe5c0fa7.TMP

MD5 bbcc0af5d227ae8d9d43803ce46d139d
SHA1 5b30a31cecafb7a153e5ae3fba1e5d5c0f69901d
SHA256 42ae2414c5e83d5102917b6cc5827d2fa3da08967479c9d67eea9cbb6822442e
SHA512 86f09b6e0726d975d71520a77c6edc0738c67f7aabcec925a595e0f1ece035cd79005a52163344a555f675bb2bd6a549fa0fb6c3478465b8d368e7e132357762

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe5c19c9.TMP

MD5 bbac70751bef2a790e9ea3771fe0d132
SHA1 2484bdea43bb20c1f683b32e12e69a4730cb3edb
SHA256 7dd049a05447cc283d578f9219bea3d04432b6c784e39d046a1f2ab8859e39b1
SHA512 0a85de67dfea552bb6718b146ec6c4156bec93d34a486edffc2843a0d3626a93a71d6194dad34d5905946ce2448402357c2a4204c468a64c6de6f2ccd50f558b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 af13e1302c8b4561817425f68466d28c
SHA1 cfe1882e3c9dd9f5595e55399ef51a4625d2f34e
SHA256 af193bf48c6a743b4335a23ed0d3405bdc2efc2ff0cb8d826f810c59d4481a67
SHA512 052b3f6a1b6c60a303cf31e2b24c67906a2187bc3fa93e38a0be39a757fdfd988891a55aac5202e7ca06cc4573c3b0ebd7e0a1af7651e909a652c072d75c4480

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 93225196b19f65d18f0fe149c08a40ae
SHA1 9fc4abf79e8a7b8ac1233bfa1d3f591ba9b243bb
SHA256 61f9e3e93d398614cb65327c6037108abf2466efe8119e0e472e1c557dab07f6
SHA512 7dbc835d1517c2d6b53883c914a2c0fdead0e030ae0d823bba53a73836e91232810c8f7492e3136a3642048908bd9a100e447d89e0da74aa138c55ba6d720f70

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5c1b9e.TMP

MD5 85c288487e32750a0722786dd96da221
SHA1 760e32b164539e5db0a5ba4803c558ae2204d014
SHA256 5e977df65910c114ea44b710b80556ff6ac5804d50cb0dfb5d1127619e8c21b4
SHA512 22ef1f78622ec5954080ae718f9ff912fe672549ba8871fd8f55c438dab61dd61670be16908687477a5e1c2e675247c7cfab8be2f44e7a2ec3125f66853344ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b77b9f901efcc36f4d423c28753c1ef2
SHA1 e893adc17e2b0fe458adea68708270b416c0b52c
SHA256 4189dc043e36743dac5f71b407ceeadf951ba2ea5b53ca56aa0fb07cd77045bf
SHA512 4e24c6b0c499f6394b115e3b06ce33db6276233b54632988f25a885b185054b7590e8d76acd3a4dd9aa3e5fe837ef04ec283afddd9cefadb103000bf8d9073dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 06ff9024918b69c4309351e49accae30
SHA1 4a8099fca81bcf58d0d61054944a90db98b87871
SHA256 8fe16e17fc3ebb44b32f9d98b333b720076c948a7a61cde2f0d8775683e33070
SHA512 562addcc9bfb8019cb4fd2cb069858fc9a9454ea6216694af13e5024e9b20569ad911f4df807f76276b7ca474ee92a26419ae72312b9c26887dfd3344dced3fb

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e77dc436c74f25b759d7e0a46a553ca3
SHA1 6cefb175ddd85b13e0a3e49b51fab26d0871ef56
SHA256 2e364e5851405ab7631f91e546b129bc6dda021fc61be8ba5e94a4e75b7b28fa
SHA512 ea5479e172b221db18c3553d697cbc533b73b17aa75e135a5a180c494534f641aa414c96054a930ec5164d15ec9397fe2065b3fa9f022199a78a27d11e93caee

C:\Users\Admin\AppData\Local\Temp\nshDB5A.tmp\Banner.dll

MD5 a1b9bdee9fc87d11676605bd79037646
SHA1 8d6879f63048eb93b9657d0b78f534869d1fff64
SHA256 39e3108e0a4ccfb9fe4d8caf4fb40baa39bdd797f3a4c1fa886086226e00f465
SHA512 cd65d18eca885807c7c810286cebef75555d13889a4847bb30dc1a08d8948893899cc411728097641a8c07a8dcc59e1c1efa0e860e93dada871d5b7acc61b1e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f8d72ce0565df9905d8157d467f36eb6
SHA1 8bedcd95582937fde8395a8efa23fe7099174abb
SHA256 a5444729ea2e3c3651da6d4cf9467fec2c2c21942837d73fd5b118e3584d5933
SHA512 77f0fe991d3df3c04e5c5bc7a9c44b0cf9d9c4000d7f432e13da94fb9eae29ed4ee006212027cfb0c1455ccbc73f6783352ce0a853a0d3a8e2cc3859d06e55b4

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e4ba5cb2b8ebb1caaec49ff50623ed01
SHA1 ea80d3a64a633d9fd1a8267090ecf71f050e6d94
SHA256 6a7dcc5604fd1502fb54a0d1d07663de638ed401ef3b3f67b94bef991583d652
SHA512 5e79312f536c4b63898cb7ec5b9130f53fb5d773bf78a5ab6ba9786bb3ca17328c07828e013de21230d689bf90aea9a8900d00ae9f9c98f29b9ad246604f5e29

memory/4324-3024-0x0000000005240000-0x000000000535C000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nss4399.tmp\SimpleSC.dll

MD5 7b89329c6d8693fb2f6a4330100490a0
SHA1 851b605cdc1c390c4244db56659b6b9aa8abd22c
SHA256 1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d
SHA512 ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 679e175f7fcb5eecebdadefafe62f160
SHA1 13bae6e1adb86e36cdebb5451fcec394b9e0b239
SHA256 708bd23d5b34f74e7be85c8cf270c2b04b01ba496f71fa4881066d377e9347ea
SHA512 6e55a637a76c1e66d080ac37dc0b66e22085691ba64d973c6d5fd224c75a69cf265edf04eced9f11e963550905468904446a3d2f67104f6423f56483a9e0e7df

C:\Program Files (x86)\Fast!\uninstaller.exe

MD5 b3ab9bf4405ed41cab0ba2ec514ba517
SHA1 f801e7df5f122ac2d27b3b88f06cbc91bb416757
SHA256 03baf3b060fe592807a01f1a763b0da9f686dbe0ccaedaf2eda1949fbed8e184
SHA512 8499a609019970ad23ad5b5a8daf9b9f19e965470dc6942a90fa6bffaa47adcf81a34999424264843fd11a72ce68a6e89397ed329142a66519efb61af632f535

C:\Program Files (x86)\Fast!\fast!.exe

MD5 3b3ead51d26a7c68cfdab0ee1ed8e41e
SHA1 9bcbeb1605b56adbab57987e5d8fb65716e7fe39
SHA256 ffc8981d33ad515e5fd36258e54e07cfed91bed6b38fb131d3d4b64d0dd50a4c
SHA512 b6047e73ce39aadb96498cda5c9e302974d20bf12806cfec1569cb32e233417eb817a4b680853116f0cb541f83204ad9c2979d88f7f213b7addc0214d17a185a

memory/4324-3226-0x0000000005440000-0x000000000555C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097

MD5 8655d20bbcc8cdbfab17b6be6cf55df3
SHA1 90edbfa9a7dabb185487b4774076f82eb6412270
SHA256 e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
SHA512 47308de25bd7e4ca27f59a2ae681ba64393fe4070e730c1f00c4053bac956a9b4f7c0763c04145bc50a5f91c12a0bf80bdd4b03eecc2036cd56b2db31494cbaf

C:\Users\Admin\AppData\Local\Temp\nss4399.tmp\nsExec.dll

MD5 675c4948e1efc929edcabfe67148eddd
SHA1 f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
SHA256 1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
SHA512 61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\c3f4dd7f-2d43-4f8e-9ae3-22943f0e7e0e.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad\reports\dfb47616-1c20-465e-b07e-ccb617e483ff.dmp

MD5 fc93cad2d1152ca3bf117ba30c5d6cfe
SHA1 95cb28565c4c06c4945e0a0faaa92abb5c674b31
SHA256 56934de89f560164e760392e72c7402645a06d588a828462bb7631e4f3bc8a16
SHA512 ff7c94da9a2d1aafbed47dd2a3dae0b467423f3219bcfd25e89ea014dd7682a65992077a83f87aadccb5d575bdf0189690f3bed04ed6b5ce6fb62b184926c713

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 fe3ec5f449765270ec8e0021bc6899a8
SHA1 4fbf617a0246e0905b6219d847e24151fe30dfa3
SHA256 620b7eb2976472ac57e600c84062d51798deb5be6176cf62179322dba93c10ec
SHA512 6caf9ee2a584e05567184661eac84dea1667393dbfa0ca9284037b18157f0b20a4c06a67c7f34922d43652f1cbaf042d77a91e567b3c281945f4a75ac337a99c

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Program Files (x86)\Fast!\BigTestFile

MD5 d0783c88c24c8545881e126ed8941587
SHA1 cf18c6201a13e1fc061038bdbda9d477b5974d61
SHA256 5233898a95f34a29ce4041adfeada2d78ef8badd64d1d725722d757ad71ea948
SHA512 ab0ad0bbf448a7b1395423a687c4477edcd9d112e4bd33d82c817feb6e264f060b9f4101ddee68e830d7c35ba390df175a96fa875784f7007f2e03d23c28bfff

C:\Program Files (x86)\Fast!\BigTestFile

MD5 7245b4a86380386e2a9931350a748161
SHA1 450d827b8e50f5ebf4d25d3fee087b5a906b96a6
SHA256 a93c3fda56dcdd59baae1d68cf71c9c7c6d3a9e575222830beac4068dbcb196a
SHA512 0c09cd4b9138a75186d347f11ac235f83894a1ce6ef6536aa7f18e199a07a21681b4c433189cc7664dde091fb363d28b934d5cf00e6028ea052f033d47852840

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c2a322195419579de45d477a92297845
SHA1 159e22bda3d0dd7b95a203ce4e438ad033dd4e09
SHA256 8178e8da7ea9d49205a67be7d45af5763d00da0beaf001f39f6fb777996d0274
SHA512 2ee44b005dd40234619e8dc15519323216508bd2fd28ebc3b11405bc65a0d30c0fb17be28e908da390b470f9db1446340de826d0de97655cbcb70dae195a22eb

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 86a01214b3b9d8efe78f5fd6ef8dca00
SHA1 a71e8d0b0f3afff43a552ad88c25e55d4013a59e
SHA256 e30d8bcdb20c6b14ce1574b88bb1a18bb5ffdd4ecb619af5a14acd31a68d9224
SHA512 5dff388d77ce9855aebcde177305a3052467eebf15228cb083fedb074dc8a5b01e1ce69ed7d5c885a7dfc2b41909e9663ea783f6c911e4d7b964dd4988a61f39

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State~RFe5cd1de.TMP

MD5 2d7c8192d6bc7a40e7f39a9108f7c46c
SHA1 8b9e5390c2d024ecea6207477b1d0a218f8fb3b8
SHA256 99b0142d8a09f7b68f7db642f9b285372472ba80c9826f3a4d0787aca9774731
SHA512 8b477ed69cf4d8f81b405b13c76c011d7b47d61c845fcad9c1377b24340ea8120bf403a0a142bb8f819d63c8dcdc4bb259a03ed5a2811fc9f08a9d9848e0b207

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 bdcaa6bbc32d223d8cb659536ff06916
SHA1 a642c4034d044b0c16a35465d4244cecf9e3a64a
SHA256 0123efbc5cb987de4cd353e34f1883c574fab3d0d179e279d31951c9406204dd
SHA512 7dd0749cc88743e6b68f9321e06b6a6a97a052128dcd40b51cd0c590b187931194bfe4db880d44c1a74e2fc85db28217ea023989327b2296d4b0c5ff129d7dd2

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State~RFe5cd3e2.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8af39aa9b0608ddc28df744d63ae39ca
SHA1 b66366de6ade612d859057de84ed3bebe64406a0
SHA256 4e3c62339785b2aee20a2aa995526d60a819a8bdae51228b781267a744e533f7
SHA512 d885bb56fed2463f0a52f24c94200b4a77ea0c49770a57853f1ebe552ce4bc6a8e9b4bb7632b8c47f2da76c3515149881ad2588b86a9b9a578f54565754851ee

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 fc0d8a31a590b1fccb2465dc2d7dad61
SHA1 e1cb025b0b2f73f286e057a7cf26e54a683bc945
SHA256 69065cdc94055a910a8894e734220285beb31c5c488aa40349432247c50c0c5a
SHA512 e80b0c22970f810c9106bbe5b6343ee3ad9d833a741d4d293f188aee0a5f6fc160437df686067e4e3df508610154b02644836d09dfed736d506454c83dc57873

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ea14eeb5d9ea51acfd867bfd1ee1ff5e
SHA1 8676508567b8f2f65aab2cd409ca430bcc25dbfc
SHA256 69b084c8cb3170a780423b7fb0a6be1842f341bd891724eb32d97505c280e56b
SHA512 b1905ea6bdb865f3064f599b32d0b75f27225ac80da423b8c1efb9905cc3d408f888c485c228ec20689a356f67438369de880826ce39a1641d6eaf8dd291aedd

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 64bb5e2c4a8cb59f1c0d6a51d29d417c
SHA1 300a24c2dd1959d14f7ff22d371169c076956cd5
SHA256 1d441988481b074cf006b33702e335ef74cab91c785700a8ec3b568537394d61
SHA512 b99c0563a2e888ab607774a9ad3d8e0c1d0c6e394563c94ac961aa0d164afc4ea17144703ecbb718e951aa02742a12015e3d0a3ffef329a17b23eb571593f6d7

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 65a728983989fc3d28caa8b46893f0fd
SHA1 b72a20cba69117bf6718aca1b94a83ad3eb38d0a
SHA256 100806574840969c3137c9108695c606c2858c27ec88f3b1ae1428d61b3593a0
SHA512 01e342f5749c4d9c2fb63d8cb700c7438355152a1d1cf93b0c71c01bfa66b7bf9d9dcc70a238802ad83f192434fc6adda7ba5406a591ecd2547e29f92857b249

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity~RFe5d0581.TMP

MD5 107cafcc22b6b854ada3dfe1ae2cd182
SHA1 b23f6094f3142b628df10dcbdc5c49c20c5b19d0
SHA256 52f9e816c92c7a2c15bfcd66dc2a81452e10c4f6be6ef30a1e1e4219fc838b38
SHA512 2d8a4f148fccbfcb046e1d4e30f8f484a4e26c702e0f42cbd703aeaa3de893d815a93efeb14d0dbc06d0756c4acb45bf0da3475c32011bd822d2fb0e48607f47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 975ab2932cbe062baef940e8c91e46d5
SHA1 545995b0bb159d116bc01b04019450b7786af009
SHA256 c5868704654b5dc1b12dbcb0adaaa1d02ef635e3d377a3ea9caf25ab74a0a338
SHA512 88abaaeec35708e9e0777baabd39a6727a8183321eec7721ce7aeed6e435480f3bfd1f2dec9f083a1b4b176e180f8d2725b73fedb5af32983a5e1196b68df89a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 5ce90e9f771329bb35c9517ed6a9547b
SHA1 c86e57edc2cee809d40e7891e34891cb8dd960c7
SHA256 17f69be2dd4782de7a9fcaaf36f86edfa2e9340feaf015e0a0099f1567bef18e
SHA512 8ae46b2207a776cb7ffa4da6c1ca7fca56a3fe1ede473a4edbd9d3ca7a7b35000e19ed2ff6347cd6b8923a67518974fb3cc16403f2d8edb269816d1dd35f5e9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 3873df8a366016a585f8675d3c7a7e60
SHA1 240d04de55562201835da6df65831a2612fce33c
SHA256 db70ba649beb951701f02027a684432d413e711cbb55bb33f1436bd82266c911
SHA512 8f6920495df76f63fbeca61bb0dc4c4a9ffef4abf0ce1f311b09b7f0b3f31a3a359fefbd7f1f0b07a4dc73488b0748f2e5df6dbfe84c9106d25d82e879b062e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 038c1f469deb6932520d09a340856ebc
SHA1 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e
SHA256 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451
SHA512 fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 cf09f2c89f30aef7624a3bbf60a28528
SHA1 6cbe6aff400907b1bbc1207c9d03754ad5500ac4
SHA256 99cc1bb8b705a5b8070a37fc42101c996df0b33ba37278168f02b33710cc41e7
SHA512 caff2bf11d1c960c6dda4471638c2dc5e2811bb602f3cf0c32ad0295ff2c063925133ba9a5d0d8fd3474c47e677e311a18f265dbf9e4a70c04db92bb5503dae0

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 6cc01cbc3811c20df993cea8b402994f
SHA1 16c23200b5d5135041b56713fc0b098d1a294f0b
SHA256 f11682ffa7708ba4103135560a6fdbd2aa8d6bfa9e08ad5f2c267fbdf72a1c17
SHA512 238d3379c6a6921f883ff7ed0540ac0416fd10c99e018839a8ffbdfdd20794fd6b780b93d8aff8bbbe0e48066aca5ac14abf5b1a42d3001d6a6917414f04f349

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences~RFe5d3f00.TMP

MD5 8c2a80c83b0065b6097f87c365528a3a
SHA1 260b69bd0e78dc1a96337d813c3e96fc8101d8da
SHA256 56c3084f800815c4a7688f003be2f24c777a92803e364661d5fc39c5815009f2
SHA512 08532ee2c624031061b0cf16451abdfee1172d71d1eac5a9eb5fa79fccffcb4d674cbf96c676df031bb957223d3276adcfbbd1a00e906722779b58fa31c8a0b6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 35c8eaf84f96caa31e7bd3d6bc7a8617
SHA1 9464de276b547b84372d7d128319bec1146f33c1
SHA256 c4f424e93eee8387747ab701526daa9fd022fe064ee921b87a7361cb9479d0ae
SHA512 f95974676bada810bc98b184a3b97c710da7e28fd4d52306db40a0fcd3de73ad053af68209aa2a3723e4b99137a311a9cf108caaccd89248a3e5d3982ffecebc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4113799b3c12b19d06730c0a0cacf0b5
SHA1 ff7eaaaa83c4686bf6bd52ef168e96f68d936ebf
SHA256 d5d856b650e014e0481cf19cbdd2e5bc639ce85fdca461fed74228461986ea3f
SHA512 5426e30ad5cf2f204f4e7355323a6627b81ab06673610e2f2f7227d398b9b4824ef880a369b525ceb69f9accbfe7b77e802f199c4611ac383d7ba661dc71ad99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0fdd3dac-8678-493c-b5fb-0612b8c61f0f.tmp

MD5 cd392098639152ac94085f89d72ab073
SHA1 ba12fb0310b78ab16dff75dd5a43d338f1023fdb
SHA256 438c481cc5d6987f11d1aebbcdc6fbf11a3527fbe8e498f883ebad26b995297c
SHA512 76233d691cfcf85eaa4bffa1bde4c0fd85697ae08cdbbb6c99122e2f7f87b55cce9f383fc18d8e00cb95969e74f636bc6e1404db35b166635410324493d69203

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 d92b84f9aba32fe6434d0b064176952c
SHA1 8b7bf6e0d148213f2465d7a35d6c844b80d88327
SHA256 300ad8ae908c0719b62a7d7b015eb70756e18c58258a1f654f042c258922f9b5
SHA512 5c1c0fdc0356cf612f2ecd76b49b69189df4a4837e19c88db4d88de2f8e67642d37e395b9c6293d04b13032cec383318a6d93353109b9888840790883cd373b0

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 5dc9644d1ff9a2000b330f1723294608
SHA1 f29627a26c912b13c36bba334596f9616f49929b
SHA256 5b0fc91c87e07ac0a00946f56847b1eb54ab0de36fd1e447cff3abb8da3c6c59
SHA512 0e794f6383145fe626c89dbe1ad758f951e82d1f8de7c3e905d3156ceb88fe8078aed162575cd2dfcb30b81d3da4a63499fcd21d8241a81ef9c6e084b814521f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 0ec1ff0dfe3384a004687626fcd16022
SHA1 4b9068ab4cbc1f5fdead1f7f3ed9720deef583de
SHA256 bc76901ed518795f972b63d0de1507e24a7b1abff1fcd8e379d3bce0cc6ba260
SHA512 00405eba18f968fce109684bffdd11624e6573e03188e4a387a8780ae102fea12a50422930a808d3ef6175be2635ad2fb960240ddbb446869a1a7e43f21cde50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4243927303dbe971946980dfaf109687
SHA1 177c12b5b9f8f1330cf3321b09b050bd66369049
SHA256 a12535f4ee1a43156c1b46d570e79a0d095666f3bfc63c025c9fa8cee39ad9b5
SHA512 05347a1f3b172ac1d4c718dd485dbc51dcef87cbcf8f3f908d86363e8765dd51cfaa765904eb0ffe469563684c450c1384c3eff384d55f5b1c3577b54a0ac5b7

memory/3376-4297-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4298-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4299-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4309-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4308-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4307-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4306-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4305-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4304-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

memory/3376-4303-0x000001FAB5DC0000-0x000001FAB5DC1000-memory.dmp

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 711d39bcf9537f92234e2018d49e8ab2
SHA1 8359a50b08f29fe23ab9ec9b82a526d8c263d801
SHA256 e9576055e442a4eb2a4cddbf906713b3903722d46f2001fea5f39cd8db41313f
SHA512 34552ed843737c65c0b5d9f53e51fe562d9087d8262a2ad986014bde0ecb1f791eef0416b700cd8b88da3f540b68ffb7c9711e6d2394bd1a882e588c43fdf81b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 0d2283b0df70bc0217118f5c6d1fd836
SHA1 0aaa2e0daa0f0671fbf7817e222fcd777be523d0
SHA256 fb02c03e84b9a15ea357644f15643bc90eb9c6ef6532e1c82ecd052df34c2abb
SHA512 16071fce7468cc47fd7a57dc6913cbf41e142fd16b3f145dc30b13fb4a84a05fa3211d3b435ace7378c76682a1afc49e45d180eb88f6d32b0deaa2266196b2f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 209af4da7e0c3b2a6471a968ba1fc992
SHA1 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f
SHA256 ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403
SHA512 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 f930621607e050dff86f94bbf4806b73
SHA1 d06bdf16d5794550b78713955629c465b6970676
SHA256 fe97ff9a43f7f196dcd9088da3818e6f80ecdc2ad8937a5bd4a52c8b3979a09e
SHA512 df4c634c95cbc63c44c0f884817333fdb3965d225fbcf008d134a12ea99d05965b043c4f74bbe57f8356fd7f698fde30fe34638387ffcb8ca1226fe7c8b00cb7

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 b57d4e419d1684860f4979b85ac972bc
SHA1 0fdd971dc3a1d377857f4c7dc4d7c4b5b5de9e7f
SHA256 71ce5c79be5c9e0d96c506e3ab237ed7136c3fd2eef67e8721dabced4a21497a
SHA512 ec403ced9050c298a8d552a071ca09b93e30be6c867aff5a91eed1c6ca812d639d206c57739f0306624c2ee71e1c054b7f944b00dbbaf903302361d20cfe95a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State

MD5 282d309583b26cc6e9676fd1ba9633f5
SHA1 d0635de36ec99d92df286a5f56c05dcb78f21672
SHA256 99f8032e1b3e957eb67ed11e903a5084a169472ee163dc31aad036688c28f630
SHA512 fa7e3b4a861edae533e6ed7916cdc83672fb0f4bb36753730e5dc3c591d4ed016835baf1789f3e4ae10ec41f7544968f76b1cd8e38f848828f620bb17de17d99

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e391454c10ac8ec013456ea5baf03dd3
SHA1 4382346ae63e45c9024aed76aa2bd832e174691f
SHA256 da3a937bed9a3a63cc6748cebaa4914f4d5f26f515076184f1f31f5df3610115
SHA512 e6436f3dd07b17c1abee494b3cbe71faaa7c35c0b2f1c673b77d715930c6ed535ab92ced5d9f0394abde544d2ef5ad3ee863c7c01cfbbc1d1bfb135244181f4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c0

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6baaa926e66431aba4a2f38cbc58d449
SHA1 404cda0b75c0b3fa02bd3d980c852c26dfd8424d
SHA256 08fa32fcc437708fd71d74e366b430579ed7044708f3caac75d9b01d79e8c2e8
SHA512 e39248ec1cd9b151ae94d01495a047ee3c7dfb186262fa007a1b3e1b7098e7ca5134e425d8bce7bece80c9f14308791a058293b546ee6d4be91759f1f970bb4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6f5df9776bd798f4443378bf829747fb
SHA1 69e1bc0dd5f997fdb428c695bef7dbcf9bd2026f
SHA256 3d3619e60273d0e46051e98cf9d862cee314e8e33cf95fdab9c1bb7335fe52fe
SHA512 8c712b6e83910a31cee8299ec3b3d726f1ce81dfa9d973409a82487e61a93fe84c191a25d97640565864a736bff4d83a9b48a92f850a3c59f1c564f3dc92be8f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 63a142c44c16474a5a7063270d458443
SHA1 9fb0d3ae6ac7c33fab7b65049bec757a36ffe6a9
SHA256 47b0df54f6cbd41d76fa999ce111106d1ac21c53d28343a66bb738f51864a15d
SHA512 dbe604d9b3e96d7fbbcecb57682939cc0bcc6faf3929c624ea6d8f983e9329fb71a5d7199f1c8b981450960a91105d97d5f90dac29ca9bbad3cd791cd2ce527a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 91e05f210edcca93c3b1ee4e87664dd0
SHA1 3f901676e04f2772da9c3c98ddca4b24c7652820
SHA256 7c7c849ab88dab7d308dac8714aa6f3b5131ab7e22ad1ad8a3cf8c82e391ad24
SHA512 6a01576078de6fd0023fa53602206815a331594d45a8da0d4cc22d018e1db2b77d40e967978ea1db3eb30e365c5a284b56ef62d2368925cc5c2d0c6d939b1704

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 37238eb0aacd0f1e20909b78a44734a9
SHA1 bf79b90e68e077a77330d8de3eb0fb61154f9ec9
SHA256 551ce0a3e54bbca6c6bd9d4a6bd74da0b0ced4001a2287be00866c6c64307c0c
SHA512 7b5c924f2c3727a7814b7ceca4c37a1644457d8cbefdc76f2400d63c7d4b261bfe668439d3ad9ebb54edcd46f348c4700659f4501eb953ea34bbf52356d4eee3

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 50c4d35d35daa9982141d580688947f0
SHA1 294f1a39c907bc7dc70d434c7c7e80fbbfc32e80
SHA256 32204a8bbd0441651a2c3835dc620a1a1f06a5e1f92cf2ee8fb79fcb28161991
SHA512 ef6ac2cb302cc7c19698198014fad080fa86c44534dace364c4241480148fde48637bb0f7525bf9e61904a91be17cae01862ea13ac05c78ac9aec085f7667b3d

C:\Users\Admin\Downloads\Unconfirmed 333227.crdownload

MD5 87701e7c4b507cc0da9f2ae604dd214d
SHA1 e094c9c09df95fb3a858ad9190f1bc4f903f45b5
SHA256 964868a3b439e69798e6a0b27362acf15f63922508b4a7b3a17e356ab715853d
SHA512 0610785f29eed38b729409c2de9f80a1e58272a5f597e527d64164e6ac15601cb7c67a081bb2a5172987c34f6a1dd83b659687e1f067494b553c633d7e0d5c07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f06c70cabe9cb8fcc8f3e9025c9757a2
SHA1 9026417609c14ab2227ffd8815bdc5e41216fde1
SHA256 f22608304eed58ea01ecc9730b12f986a2d6cf96bd6f199a6e3e73390368c742
SHA512 94a23b2a92cfa1e0b9cc7e5804d6f2126dab03f92dd97558465d9424717ca5b3e616eed1a97315ac00328efd536f106d4548aa553a1b3005b4cb20a580f32d57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 354a32ee915a078a33d8112907b3b0ca
SHA1 4301631eb5aeb333b595174054f543513e8f32c9
SHA256 d68895ae6fcd8750dfce88cf29493736ce80d6e812be40e84cc7025c360084c4
SHA512 efb1c11dafbfa87d8c9aed7da71a6c224a1f4bec51e48164a5e203315df99c5b48ca781ad93aab61a9907357c756ddc979f3df5db78fd1ce3bdee288f458c4f3

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\7e9429da-6c7d-41c0-bf2a-94ef6699c1cc.tmp

MD5 94c4c92bd49bf61a5027b36e4e4c5d38
SHA1 7d97cecfa25f000db6b352506b0d4d50f7f5d1df
SHA256 daa3aacf23e65985005d14f23049771341ecc1645bafc0c1de0007ea11191c54
SHA512 90f67f29bd34a14c338fe63686e2cdd1f12546d396dea4ec720879d03114cc0a1a27b943217b51d76aefb1ac1f8c67d5cef591a499d23a20555cbfbd028db3cc

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 8cb073e382dbeaa763f3652261648ad6
SHA1 525a80a8e6558a6a3707c62c89c9c8d2c69fd06e
SHA256 29c08db19063c04880d3b038d5418d93a814cc188110e659dbfd04b9bad87a0a
SHA512 7365041fe67289e505a103abcf98fce30aa207d43c1e83395ffc00acc28163c6673914434e69459103d44dd82ac6a06cd8f72298cdb437640326bfd931d4c7d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5f5ac497e42bf1230bdc7dfebfb12cff
SHA1 91cb17ec25854c11daf6589e884348ec90af7066
SHA256 96ca6ee9ae65b33ec3704450cbbc81f9fa4173b62a82b050d08a7e07ca51a9f8
SHA512 7275946de0b3fadba7d2cea772f5957fd735b310863e7e9c2fd040233719d4c1f14138aa417db375256858ffb5f67cba3df05c2cc2b6e3ba9b753e13b0442fe6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8875ab91d202eadc9cd0c9c218e15681
SHA1 dfa141fa16ab66ea1adf6d57f825f855784fa5f8
SHA256 e8f423c2ff453bcf2ecaac63dd519a48d54a0a38326cf1ae9b8d1da312fe3149
SHA512 dddfeb740ca3466a9610ed97d21612acb78573b90947cd035d7068d8ecac93da01d90784da15e853b518e30ce5a6f014b393eed2d1e40c0e843c9557b85de09a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9a425a582c354c3665867195840abf68
SHA1 6e2371849a62ca4166f4c6e76e69e7bba7b263db
SHA256 4842fa417ed5c50c0fbbb8414861b89f76134dcdb0b2ac39467801c8ee0c2cbe
SHA512 b0d71c2c57e0e11948841276998872ead86e91c96c6a5c2e05e851f490655fa2efb074f1ea4669a78f078938ac772e2cd7639fe42919aa611c0e5e18d9264d0c

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 c35c47e42df9c9cdc92510ce5b7502d7
SHA1 a6936cbc94dfb0ea4a2f3789569b4835e5a398e2
SHA256 48d0f9d2f56eeeb6d672f80f4a4694aad79147b5a9926ab7c8dfa818334b1cbb
SHA512 c423bdbeb2ae953ccf324e17d82060be07ba961170168e0381c474e278a37c98c6f83d9ccccfd3d2996c4a7d1bd65ec5b525511ca559c64f49817267c0085377

C:\Users\Admin\AppData\Local\D3DSCache\79488f6db1539bc7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Windows\Temp\asw.927e55770a1b1c32\servers.def

MD5 a2c488fb7d3c5db6f578fb1736d49741
SHA1 622d7554f8380fe469e59e31f165697e578031f2
SHA256 9e4ceb50486625cc529947ee4868e79f289ef06937ad343ad49ed8e086292ccc
SHA512 2e23f30e95e29e79c639c2b587ec7cc189a0ff2ac9d138f6552b87f4a5f3e872baec9b0716a38c95ea39aefd19643aa9da4b87b96a4d389b5205cff702cc34b5

C:\Windows\Temp\asw.927e55770a1b1c32\config.def

MD5 f87d135122f5506e78815a87017c57da
SHA1 33f93948c5e4582bccea8f0dd818bb14a40466e3
SHA256 5c46f88e0222a1f4e14d78c4c01cca707b9ed730f6ba9f7c370e11c06ec97320
SHA512 ffc5d57d2d049f1c72efdef38625277c72adf53552da4c4fc41cd6ef8f613246bded48412a82638cadcb4853c66f672909e7a224413d95e956deb1b9a765ebf3

C:\Windows\Temp\asw.927e55770a1b1c32\servers.def.vpx

MD5 471cee2ad3a83091a8d7a1e9d731c038
SHA1 d69ca6d220d0de5650cd0d2f85c721946e1b44c0
SHA256 b5316c662a915427271db3e5f274a08e7486fcbd14d288d61a75153c04e48648
SHA512 2921c6119bec13bf5de8f684503119258799fe24576d438524ebd2603e87818437c7211ff9bd356c9995deba03025ff02b656bed1dda91e55b1d06188a86e23a

C:\Windows\Temp\asw.927e55770a1b1c32\prod-pgm.vpx

MD5 28261c70b4ba0225da4726ad7ec13266
SHA1 23b0c2cce16066b7820cf769bcff052bb03604ab
SHA256 384d3f757cfd167db8815880bddb79d6fed849cd0412c38c9ca998b742f3300b
SHA512 b066fe542795ef6dd6cf9d59fb2e776ad2daaf99c7da23646898688e5c5207be8502f17463b90912c6aefff3ab91b4e1df515d7b97325b59bd797764a5a5d735

C:\Windows\Temp\asw.927e55770a1b1c32\instcont_x64_ais-a48.vpx

MD5 feafc9c134138295adc37b97608e7da8
SHA1 d8ef74f9ee5196f3526b03551939ef0d4739713f
SHA256 84ad7d9cb28a7d35642169f8d748e5da8e4a0b98dd432c6308bb7366363baabf
SHA512 02f4c36ddb0c4e2445dfc51b49f75b0213c45262f5995d76d97d6bbbaf535398d802afe197ae2fa227de7195d361d1fa8a5b07ab83251a95fe712a3781005f4f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 ac912df33b6725cc0536230705533447
SHA1 0581db0c64e7fd8577794031ef87cdf59ae3c63f
SHA256 4f7e4eba00531d027516142576e82b94e7d187a01baa64c68a1e45f6eceb5637
SHA512 1fbf6cae68db59ac87f166c133d23a201ba37b9005e476b014223a97e05bda779c5d4cabeee740ad55e05a0df290774582bf7bdcd0a43494a616e7e4c19a38fd

C:\Windows\Temp\asw.927e55770a1b1c32\avbugreport_x64_ais-a48.vpx

MD5 a9eca00cd4015ba86f9f6c9a5dfb8326
SHA1 9a6faa7fdb0e88716e7d9ea8dce5ab3dbb135076
SHA256 d269ad4f899ca2cdb86185931311f3c01b6e8a8e513421ef6b9d869f5c04b74c
SHA512 16af5e8de4100ab1ea8dbcb04f1e5b7733b7fbd43514a3f9f840592ac1afad62d4619b923a76b1f6dbed7ec772b3513d8f632a6fb925461e4ad4c37e4f2722a9

C:\Windows\Temp\asw.927e55770a1b1c32\avdump_x64_ais-a48.vpx

MD5 0945efa037059e768efab61aaf8d4673
SHA1 1ee6537acfadaec963d0fc8b22cbe3a6a33b8668
SHA256 03237fd13426593547d7461f7be9a5bcd96217cce980229ea009a5bd98ee65f1
SHA512 382b75380e376c32afc635a08b48a11cc63297781088296833d278526ab3e65fc37d25c4f9e91ece57ad025baf97e43d9e1afa4af354ebae34d43d5643c0b133

C:\Windows\Temp\asw.927e55770a1b1c32\instup_x64_ais-a48.vpx

MD5 013420fdda6ec8a1de8997dfc51c463c
SHA1 f13f902db8ffb2bd91984b090530313f01391297
SHA256 b272662591c334f08b274c88102001fda20824f8b81cdffbf4f9079085fbee96
SHA512 ab0ed3001071edab997671b2929b067bcbab67fa58aca9b56284fd9ae16cd881a2a8e517d20c8a5f592bbec6c0d64d0a7074a59ff829672da13cc34fa17d4791

C:\Windows\Temp\asw.927e55770a1b1c32\offertool_x64_ais-a48.vpx

MD5 cfaa7925eae8f368df6b54cdc827f276
SHA1 95f30e25fbc21804a2cc69477da1d2c23d3e0604
SHA256 586bc918318439dfdacfc9fadb2c05201a0d5f78bdfa4026b1bd63186190df14
SHA512 f79f367e99c856d4e18f3162c2ab12c7321863f63e1162b2939c82282d32a9ed90d23e79b54f9bc4962c1516c94e76b34bea89a0104a9291d72d514738edcd0f

C:\Windows\Temp\asw.927e55770a1b1c32\sbr_x64_ais-a48.vpx

MD5 e0773e83692a4c7b1d634e28250994f7
SHA1 bbaeb069aaa3935618e5f28da6f3f165996b0286
SHA256 d93fded96c702fc4dc8c7482e5e5ffa6caee97e31187b890d610b039017ede55
SHA512 096b165e254a213e009a4bb661343ff31871626e3092b665960488da8ceeb6e80fdf89d7bf85dd9ac59f89ad15199683b23e53fca2861b60301007ada4af5676

C:\Windows\Temp\asw.927e55770a1b1c32\setgui_x64_ais-a48.vpx

MD5 fca65f25b34e4152300b34bc0535ef2c
SHA1 bdc1b00ade7fcb4baeb804ed49a27ff05b384d96
SHA256 ef97667682dc5b718235de3a8e5cd66d568a95c9a2d14897385077176c7bd7a9
SHA512 41119ff13c0d5d097141fcb6e14b8965c50756e0ed2f6ad5e718b1d1d45b4a6acff57ff11b32607f285395d1e295b3a96792e11634be43ef00e97dcad074829c

C:\Windows\Temp\asw.927e55770a1b1c32\uat64.dll

MD5 1eac709f7fe0e42741e40dd6570fc1cc
SHA1 5b153e03f643741c2fce6e00fa02ea2104f69c43
SHA256 bbe8a947d5d034816f135a205972a9c16235405042c749ff9ea691a62c8f888c
SHA512 0ac678e2ec443f24d3808501fc5042a1ec6a305ac0d08b47f58b38e31d664036e79866baca876d64f7b42d9d3f7e74a344eac5ae93cd2e826ce60f2f69e5061d

C:\Windows\Temp\asw.927e55770a1b1c32\prod-vps.vpx

MD5 61dca70e95c3ee4530ce1487ee3b9685
SHA1 9e2e4619b99e691387bb7a6b6420db3a1bb45391
SHA256 1a3491217f1fc417e97dc200d066c416a16fdd51ef58c2a53ef0fece11c78a2b
SHA512 c0c224a5250926c8b049c04f194f38eeb1a17244eb9a5aeccbdb652b341d252aa1d1a3ceaec95d11cc9b62ab5a98e84240d671a0ae0ba39b900d3c39cdc1de0d

C:\Windows\Temp\asw.927e55770a1b1c32\part-jrog2-157c.vpx

MD5 7f2eda5778698ef35e9967ef6b5b817b
SHA1 808500c03b102666705e34328a17a9d50a860095
SHA256 dd1e955aa920ef8f93bf33dc3caf51fbf69c6077b3c9c01c6cea7ef634d05900
SHA512 bdf3e42b2889f8693b120bac49cae48b65a9e7ac2827c70cc4a88ad92ffc1d68a352d91797f7579ee75a7995828825a0d8bf182311d7c53ccd89fe55e09bf934

C:\Windows\Temp\asw.927e55770a1b1c32\part-vps_windows-24082404.vpx

MD5 f89cbb1a904e9714d34455d762b98653
SHA1 610e2eb16b37cc86a70ec67112da8f65f079b35c
SHA256 9e5e73a299c0e329f54cf22904534c13b59ea6120068e94613e3efa9176488c1
SHA512 590ffdf9c6958ecef1ad5efdd2fbf2ae23b641f63db70093b2960a7fd06a63497a8007e1f8de15e6af6ecdaeb82015d8fc1c43503624d8cd6c7f5a06c009725f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 1d7378f6e4e71d6dd9ae9ceec4647d81
SHA1 4ed24085f3b1cc37b00bc66056c02af092883e94
SHA256 8130c0f135fe6d95e63c042222f0d684df20b22092759b2c177b1b0860780dd2
SHA512 5c89f604275c1b7e7c69b7ac8fd0df78ee34b3fe2671663566c1bcdd30179ac9b4ca81088a5311084ab6237e42d213970d27278e1b2488e7f07ec1d1c3fc6560

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State

MD5 981fc5191272f7a66b37a431cfefd2a3
SHA1 6ab42a48363b291820e8362d779ccd82a8829a92
SHA256 435effbdc605248368457ed03b876325d96f904b8de2ecba5b0e845f6aeda50c
SHA512 c23f3e21437ae821e84574a2435c7c354975dc52df6f1b49f80d1c06f17932a354a9bb84cefcee6f69391b6c66550b9585054846c423b9ee6dd6209c72f0ff7e

C:\Windows\Temp\asw.927e55770a1b1c32\asw73a15ebaa0f076c8.ini

MD5 90ff5e45d7d83c775a8f0ee6eceffc2a
SHA1 480d255da75e1f76d24212b34d67091d0b4fca94
SHA256 a557c05fcf128f6edf549480237a0a49de5b988c028c44996195e9c034fc2d46
SHA512 4d3bd02549eebe3a96cadb791aff689373ccd25166225976fd5246d4f78939eb4c3df458f33c339677e4509197855f5402ae5616be205be69b18ddbbba81ed66

C:\Windows\Temp\asw.927e55770a1b1c32\config.def

MD5 c26eb80bd05359749e162c99fec23c17
SHA1 d1dd3b04e7045be3e759ae871f730630225ae364
SHA256 c84f1ffc624cd92503e74a11d347b0d99dbad809919ee387f6f0833237dda1ee
SHA512 8ca77b7a08e8b5cd0f410e9c54aa0d96aee9dd97eacb3199e70b19bfaaf95cf5ecff6064f63a12a542fb55fd9e247caad2f5f12e3d3c41018abc30e8ef7e43bb

C:\Users\Public\Documents\gcapi.dll

MD5 3ead47f44293e18d66fb32259904197a
SHA1 e61e88bd81c05d4678aeb2d62c75dee35a25d16b
SHA256 e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905
SHA512 927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 4a9c8a249190385103067854064b1894
SHA1 f0dfd478900cf7cd466e60c41ec5f6a0da999bcf
SHA256 618c8fdb3601ddf5eddd85ba3349dc6779ed9ac232a368d2345240ffa97e4e1e
SHA512 08dcea746087e5fc9fd80f6ced4801ed7e114181d7594b590f9e34e9840e113bc05ce97812f5bfaec7b8af6bd814be48c6f3cbeaef00b3f8ca5a00dd18920c79

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 e6c6eada659a932ebe31a339996756b6
SHA1 0dacc79d8762b72d6dc48f75ca3d8ec2962c98ab
SHA256 a72b540517f33a05e0bd372bde522157ef4cc0fd1c0c8adc956eea960154f7b2
SHA512 447c2e60c32d8d34ee064650662df71c2b13929da3d15d6fbf6b7d82b2c1e35dbd32e4ca98cedaf454b5732292ded4848b9b8a92d856198a6569b72d811ddf4d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8f3407384840144c96ee85f70b4aeb66
SHA1 958cf20e538b199c556a8cc04cd8ae16470a52d1
SHA256 dbe709c2a6a5bb79c825de49541acb3adecffb8570736dfc4ed0c516f6bfcd98
SHA512 fa1365dabd00b129e19633f0e8fc39c5eddf2859607f13e73387967d2bb2d9b7f902cfce448d46b033841d7c3e4af93c95e178b2d2e69273847670cecc4b1e1a

C:\Program Files\Avast Software\Avast\setup\Stats.ini

MD5 1f46f4f51d2df3b33d6c6010e543a914
SHA1 920fec8fb20969c5f486b33a382623220a72c9fa
SHA256 1ac48e294c3ec728982fb7d987b664813c5592b63a62fbe1caa5ad03819d1954
SHA512 b210a8e77604d2c7aea48b8dbf8387650588f13d34f2944659e5d97c60e5f63d3cc767ae4b7f481ae3941f2afc85f9cca500fe8b06fec3e5446491ab7d459e6c

C:\Program Files\Avast Software\Avast\setup\Stats.ini

MD5 5936490f9a94c1940d06532db4b77c25
SHA1 f096fffdb3bfb77b9142bbb582b3d94f3978161d
SHA256 ab5d7ea677ce2a16e5a3ad5f06419df206f47c34fb7aaaf03359627194e2dfe6
SHA512 54778f933d2986333fe2717d80e7001e0e45f1e61289a359ddfcb0ba89f10d45bf9a743ad45b1e362f49ad4df0a1475e4dbf2dce63f2218413451fcbd3740883

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8f0d0b8f2f8856a8c0b06de97cae442e
SHA1 cbaa64529d965050644fd217d6682afc53695919
SHA256 b45f9586001458f0bcf7e773155e4600efaef83c672c2e998e7cdfa8a03c8b6c
SHA512 6e3d1a7fd0f7267143e665e1b2c8d03037805ae14649a641a58fb7f10d5f65357a4979b8d9201b225d4fa45a2c8fc3a01c7193486f7dc65fcba72bb017b3019a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b3fa9e3667ff19b4511193a3030d38ad
SHA1 2c57d630edd6946617e1b87c2f62c114777ef1ae
SHA256 17c21c815ac5bbe9b7fd3b678f1df505c19c1fa88731a7535a763e6ebca01706
SHA512 64e7e47178192d2a8f13d110cc95c4094e7ec8ade042e09f53e04df7e822a7f2cd41b757856806bc79072cb8db4e57673eb056d09ca59be5d4fd6c04284f328a

C:\Program Files\Avast Software\Avast\setup\ais_dll_eng-887.vpx

MD5 24c1ba1221544007db08b39196b08a35
SHA1 e6ed33311c7a9b8001429a5a63847bd3808fd0df
SHA256 bf4a8700a6335d4e322ccce957735a080dd1a18b93bb69a2bfa353b6cef38943
SHA512 02981130c8bebba5001cb277bbc14fe0c916b7f39ff4c94fc294655fff5a63409eab697078249623a5411a4fb285e08766de7e04177dfc5377042c3d55f9420a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 8e731aef9a5f7b59313d562c642a67c0
SHA1 5c0751a8ab498a278985b6cf136d061e17dac995
SHA256 1d6752dcdc3a0c1af970bc10c07d8fe4b30f111f18257520077709fb056699c7
SHA512 85a2fe62394d4abc811065096e428b5d875293693052dc7d8f4fefc7b41454e5b5080e3d042dcf3af0632c705e500df989e49c3528969c351eed60870beb60ba

C:\Program Files\Avast Software\Avast\setup\ais_gen_streamfilter_x64-95e.vpx

MD5 8bc4fd6eef1dd087676cf34f31884fee
SHA1 7a4c965371693ca57abfac0169f36a9bc12de1f3
SHA256 a57f5016725ece4d151baf715426e865124f666f3a2627b1152d1933ac5eeec5
SHA512 09d12a3b5bd2cd33c6f982c64af4607b474906bca4b04cfd4b8fc180548b23d3dee015af5e2f5b7993c91be74cdc4f2cc158cba79745246400cc42ca92719592

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 46d5873ad16641b5aa7e247eeba7c2d2
SHA1 5173de570cbd066fa3933df5dbbffd37524ecc3c
SHA256 a575d5241771a6b1258f71b2fe18bf5aa5e5e6211625fe826951816017645829
SHA512 4cfd4721b07d30cb0d85277e408519a474896127f6f30a6400deed87d433cf5a6f25d328683ad1f73317c26bb2667df2f62378b80325d055ad05470073094725

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 66fe40d8f478e904bbc3cd4068a40d61
SHA1 de019609519addb83025a14efbf10ad6f66aca22
SHA256 80e0ccc69d9c7b22d3bcce251fc1bc5be259a4df6cf16dd7b28994b54698ea31
SHA512 6d7d62b657a7356b3f6f883c068623eed6992a91b8ee386c8d5e8ec193f7a6eaea4babba0730f028e299ead5edac15453f69bf614b51865b1e7ec311896b4d62

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 ffbb6a6be97a0814973ac8106a7c0c27
SHA1 026a54359be38b81bb7a9d7010cd50a1624e35c4
SHA256 c08ac461cd6814f314b09bba1fdd29f1cb924afc0297f3b4a3b62d740b209645
SHA512 7dc051a9457b37be9d34d0db954e888abf45b5c87f4b5001eb00de70a567fa83c4f28b386c3139935cf9ee1373cd551ad88b00c165fa3bdbbd56338edbe7b206

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\0d329003-9677-4164-a22d-5e4b9e5fe7ae.tmp

MD5 5f0d2bcb7330149947886c2fd8908446
SHA1 d4110cd02c3c645949ba4f875b85ebab0c22ffbc
SHA256 4da8ed5eadb9ad39716bd05b3c17e1f0ec1df23218e1dddfccc7325276e6ea35
SHA512 3c5c0a65e2c4aeb0c5c89ecee60e3f39c369d02461f11bc733273e7cb1b945a9e6e98c10dee7f634ab74db18f2b8b60ee7d2b94750509003db52a8c63cfecd43

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 4dbc7c3f03c16a52ae0560ea12e75b22
SHA1 6f3782dbc55822945fb28ae166b23c124f245245
SHA256 0b01256271c075d6e0ae3ac1a96fc48d4ab72b9550e07c9ca38c3bb08391e1ff
SHA512 2d11a3504b9e6cec2fca359e830bd853aba1ad58d80108df53b0f0d3e2c82d4263d96e3593b8d07e3271ddd52734765a49480bb3b57d57ef9351d4aeb7281a3f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 4f73d4fbed20258f976b2a0ce255507d
SHA1 ae47d4be2f8fc08624c5d010d601ee68b076f4b1
SHA256 b68db542c16704717bfabf5c228dacddd06730d012649dbcc8cd3bd759554dae
SHA512 ddb9a77f38e50affb86fe4a66b28848378ff0ef4ab607b04b09444bf7704d2c808fad2831c5e77e8f97eeeccc14f3f15dfbc1e995adeb2c8cb38c8cae54c4b0c

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 448752c571408a5c7fbada7c1d32bc3c
SHA1 daad0ef0b89ffc5911daf7c23cc74e11e058ef02
SHA256 8412461377e5d2189c15d9ab25290eef1c2e751e62bec9b7b0ba4c5111120f3f
SHA512 7b379403fd39b778b334f16402a913d70cebe9ab3824ffa5de6239c4eab813d660df6367baeca3781f8f79948827304c16e39a9080ab36fdff4e12faa3db61ba

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 17d8405503f6f26ea183e7d288bb1e25
SHA1 1df40ebe126ef33b6a71cac9a432d1376fea702d
SHA256 e4496740971933781e58f1254b3af226b0c14e216fbbdf1fb1364c315060495a
SHA512 8f0f2fbdec812337e0c5e22bee4b7e46eae7fc376097231688e89916759eefb9b25c03507e6fcadc7c69229cf2319e92da5048b6022ba449910f570937ea2fff

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 a74b10f91d87349d0ad85555b45e3a2d
SHA1 84115151cf21431b92ba1b7c8250561ebcbca37e
SHA256 966167c885791679619a9de751b76d6463a63a0da9637d80ddac23ecb4e9eef9
SHA512 c0b5375c8ef9cea0d0f36973045ed117445e8b21ef9009d0c52c93aba3c0b4ed738993edbc79a4d3aa926ff38cbbdde965107f9d5dd5a40105394ca55667c53c

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State

MD5 68c0dfd118b7f3b8d40f805b9582f857
SHA1 cb5ff860c866dabc3825899ea96366a43104c9c9
SHA256 d87b8c708da54abd77612280235adc0b0a49aa68273b3f28f659ffe47b2f0729
SHA512 8d291c276790f016246cd5eaefea85cb9657ecf170877de2e45314798ffd94eab19a8b508a6d5eb4acfe273de6600ea356dc2a414c4d49db9d62a72491515071

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 e024461926d4bfdba18f849dfdbfed3b
SHA1 72898d7d36ae9c1ceb6c4bfa03065c8c180001fe
SHA256 1a7c94d1d0770460f804215e560230174738e9803940afbe017a81fc87ce4204
SHA512 0be5bfd0b30fa08dc4d1c35ea6fb8240ddd916b75e1f14912633d093a3e542b968c10413e0b5b83101722105439ecc2cdca816065f801731844948d76685a098

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 e32a76331bc51143200445a2554842c3
SHA1 8314ddda4eabf05af8930f6cd54ef36afb14fb53
SHA256 e4d5aac3933d31fab14c4dd303d772a14eb7e019a7b1e1d0846fbcc3f3dfa561
SHA512 7be0d7119a2e26b5f41c79695d76d762428a975ff9e6b5c6312114663ba0295822558ad11d630532a3b92e83778cce9d9027e594fddc6d7548a9e32e3a7efc9e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 0dcdede1d4a36056b6de62e22c2c60fd
SHA1 f84e767344392ef309343b2d3399d271d1d79ecd
SHA256 0a65618553e9743206fb7cd327eab0b954d068a78b52c6a9a3e8d5ef11c00a6c
SHA512 3fe14a81f634f35a5d921c522e446bb29a0b9231bb38a93d6cc711182daca5ab36f1255a54f88d36fe2f3b56e18220a663852067a325ee8c91f7ad6339670939

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State

MD5 fa3c172a49bb6aa4d5213efae4eff464
SHA1 f17d191852eb3cf7bac9bb8121b0eab6a6a822f8
SHA256 4eab861b92db4bd8e0031c6acea0477e19ac6fead3a910ef24503d22f6f4817e
SHA512 1d413b93b7f54f785e6029a1155cce2c5400bb4f0076a5e8ca069129089146c2d5e88861294d77049d286e05be60784e4db3c8e0feaf6257412c0cbf7ff7b26f