Analysis Overview
Threat Level: Shows suspicious behavior
The file https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w was found to be: Shows suspicious behavior.
Malicious Activity Summary
Modifies system executable filetype association
Loads dropped DLL
Executes dropped EXE
Reads user/profile data of web browsers
Event Triggered Execution: Component Object Model Hijacking
Drops desktop.ini file(s)
Checks whether UAC is enabled
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Adds Run key to start application
Checks installed software on the system
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Enumerates system info in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Uses Task Scheduler COM API
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Checks processor information in registry
Modifies Control Panel
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 07:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 07:02
Reported
2024-08-25 07:48
Platform
win11-20240802-en
Max time kernel
2700s
Max time network
2602s
Command Line
Signatures
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\default-browser-agent.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe | N/A |
Loads dropped DLL
Modifies system executable filetype association
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\Update\\OneDriveSetup.exe\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Standalone Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\StandaloneUpdater\\OneDriveSetup.exe\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Uninstall 18.151.0729.0013 = "C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\18.151.0729.0013\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Users\Admin\OneDrive\desktop.ini | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\omni.ja | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\freebl3.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\default-browser-agent.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\wmfclearkey.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\omni.ja | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\VisualElements\PrivateBrowsing_150.png | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\install.log | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\private_browsing.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\installation_telemetry.json | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\tobedeleted\nsl6B8.tmp | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\removed-files | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\locale.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe.moz-delete | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\crashreporter.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\application.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nssckbi.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\updater.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\postSigningData | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini.moz-delete | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nsvEDE0.tmp | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\pingsender.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\xul.dll.sig | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\features\[email protected] | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\default-browser-agent.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\browser\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\uninstall\uninstall.log | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\update-settings.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-uninstall.log | C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\nszF83F.tmp\AccessibleMarshal.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\updater.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\Mozilla Firefox\platform.ini | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe.moz-delete | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| File created | C:\Program Files\Mozilla Firefox\nszF83F.tmp\updater.exe | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Mozilla Firefox\uninstall\helper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Control Panel\Colors | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Control Panel\Colors | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19 | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography | C:\Windows\system32\wwahost.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\NucleusToastActivator.NucleusToastActivator\CurVer\ = "NucleusToastActivator.NucleusToastActivator.1" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\ProgID\ = "FileSyncClient.FileSyncClient.1" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{0f872661-c863-47a4-863f-c065c182858a}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\ = "SyncEngineStorageProviderHandlerProxy Class" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ProgID | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\LocalServer32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}\1.0\0\win32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\FILESYNCCLIENT.AUTOPLAYHANDLER\SHELL\IMPORT\DROPTARGET | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\mssharepointclient | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{c1439245-96b4-47fc-b391-679386c5d40f}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{9D613F8A-B30E-4938-8490-CB5677701EBF}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\VersionIndependentProgID | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\FileCoAuth.exe\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\FileSyncClient.AutoPlayHandler.1 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\ProgID\ = "OOBERequestHandler.OOBERequestHandler.1" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}\ = "IAlbumMetadataCallback" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\INTERFACE\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\PROXYSTUBCLSID32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\InitPropertyBag\TargetKnownFolder = "{a52bba46-e9e1-435f-b3d9-28daa648c0f6}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{638805C3-4BA3-4AC8-8AAC-71A0BA2BC284}\1.0\0\win32\ = "C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\FileCoAuth.exe\\1" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{ACDB5DB0-C9D5-461C-BAAA-5DCE0B980E40}\ = "ILaunchUXInterface" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}\ = "IIsMappingValidCallback" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}\1.0\ = "FileSyncLibrary 1.0 Type Library" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{F062BA81-ADFE-4A92-886A-23FD851D6406}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\firefox.exe\shell | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\INTERFACE\{F062BA81-ADFE-4A92-886A-23FD851D6406}\PROXYSTUBCLSID32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\CLSID\{2E7C0A19-0438-41E9-81E3-3AD3D64F55BA}\LOCALSERVER32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{082D3FEC-D0D0-4DF6-A988-053FECE7B884}\1.0\HELPDIR | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{049FED7E-C3EA-4B66-9D92-10E8085D60FB} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\INTERFACE\{944903E8-B03F-43A0-8341-872200D2DA9C}\TYPELIB | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\VersionIndependentProgID\ = "NucleusToastActivator.NucleusToastActivator" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\INTERFACE\{E9DE26A1-51B2-47B4-B1BF-C87059CC02A7}\PROXYSTUBCLSID32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ = "IDeviceHeroShotCallback" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\ContextMenuOptIn | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}\TypeLib\ = "{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{da82e55e-fa2f-45b3-aec3-e7294106ef52}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /cci /client=Personal" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{944903E8-B03F-43A0-8341-872200D2DA9C}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}\ = "IFileSyncClient3" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{31508CC7-9BC7-494B-9D0F-7B1C7F144182}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Windows\system32\control.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\system32\control.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\wwahost.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\wwahost.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\wwahost.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Windows\system32\wwahost.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=9676 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11008 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004F0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1
C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" /name Microsoft.AdministrativeTools
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
C:\Windows\system32\WSReset.exe
"C:\Windows\system32\WSReset.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
C:\Windows\system32\WSReset.exe
"C:\Windows\system32\WSReset.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7752 /prefetch:1
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11428 /prefetch:1
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe
"C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe"
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=C:\Program Files\Mozilla Firefox\uninstall\
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask uninstall
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask uninstall
C:\Program Files\Mozilla Firefox\default-browser-agent.exe
"C:\Program Files\Mozilla Firefox\default-browser-agent.exe" uninstall 308046B0AF4A39CB
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask defaultagent uninstall 308046B0AF4A39CB
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask defaultagent uninstall 308046B0AF4A39CB
C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe
"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" /S
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe
"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe" /S _?=C:\Program Files (x86)\Mozilla Maintenance Service\
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" uninstall
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13456 /prefetch:1
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13536 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe"
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" /update /restart
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe /update /restart /peruser /childprocess /extractFilesWithLessThreadCount /renameReplaceOneDriveExe /renameReplaceODSUExe /removeNonCurrentVersions /enableODSUReportingMode
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
/updateInstalled /background
C:\Windows\SysWOW64\DllHost.exe
"C:\Windows\SysWOW64\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xdc,0x104,0x108,0x100,0x10c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 /prefetch:8
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" -Embedding
C:\Windows\system32\wwahost.exe
"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://www.bing.com/search?q=how%20to%20create%20users%20in%20windows%2011%20site:microsoft.com&form=B00032&ocid=SettingsHAQ-BingIA&mkt=en-US
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4068 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediaexpert.pl | udp |
| US | 172.66.40.47:443 | app.mediaexpert.pl | tcp |
| GB | 2.17.209.154:80 | repository.certum.pl | tcp |
| US | 8.8.8.8:53 | assets.mediaexpert.pl | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 172.66.43.209:443 | assets.mediaexpert.pl | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| FR | 142.250.74.226:443 | ade.googlesyndication.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| FR | 142.250.74.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 152.199.21.175:443 | upload.snrcdn.net | tcp |
| US | 152.199.21.175:443 | upload.snrcdn.net | tcp |
| US | 152.199.21.175:443 | upload.snrcdn.net | tcp |
| NL | 51.145.180.18:443 | ai-api.synerise.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.201.166:443 | 8877512.fls.doubleclick.net | tcp |
| FR | 142.250.201.166:443 | 8877512.fls.doubleclick.net | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | cdngazeta.pl | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| GB | 18.165.242.98:443 | ec.monplat-cdn.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 178.250.1.13:443 | dynamic.criteo.com | tcp |
| US | 172.67.145.161:443 | cdngazeta.pl | tcp |
| GB | 84.17.50.9:443 | tags.creativecdn.com | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| FR | 142.250.201.166:443 | 8877512.fls.doubleclick.net | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| GB | 143.204.176.83:443 | js.go2sdk.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| PL | 212.77.100.84:443 | pixel.wp.pl | tcp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| PL | 80.252.6.19:443 | px.leadexpert.pl | tcp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | udp |
| GB | 18.245.143.84:443 | csr.onet.pl | tcp |
| FR | 185.235.86.130:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.40:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.6.252.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 34.117.157.22:443 | matching.ivitrack.com | tcp |
| NL | 141.226.228.48:443 | sync-t1.taboola.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| IE | 52.18.139.160:443 | ad.360yield.com | tcp |
| IE | 34.253.116.68:443 | dpm.demdex.net | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| GB | 92.123.143.201:80 | apps.identrust.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| DE | 3.121.168.212:443 | exchange.mediavine.com | tcp |
| IE | 34.253.170.144:443 | jadserve.postrelease.com | tcp |
| US | 50.31.142.95:443 | sync.outbrain.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| GB | 2.18.109.35:443 | criteo-sync.teads.tv | tcp |
| US | 52.205.245.26:443 | criteo-partners.tremorhub.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| GB | 2.18.109.192:443 | ad.yieldlab.net | tcp |
| IE | 52.17.104.16:443 | sync-criteo.ads.yieldmo.com | tcp |
| DE | 52.28.106.95:443 | e1.emxdgt.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 52.28.106.95:443 | e1.emxdgt.com | tcp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.168.121.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.170.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.245.205.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.104.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| GB | 92.123.142.114:443 | www.bing.com | tcp |
| GB | 92.123.142.114:443 | www.bing.com | tcp |
| GB | 92.123.142.154:443 | r.bing.com | tcp |
| GB | 92.123.142.154:443 | r.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.154:443 | r.bing.com | tcp |
| GB | 92.123.142.154:443 | r.bing.com | tcp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 204.79.197.200:443 | bing.com | tcp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | tcp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.65.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| GB | 13.224.222.87:443 | sdk.privacy-center.org | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 13.224.222.87:443 | sdk.privacy-center.org | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| FR | 142.250.201.187:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.148.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.201.250.142.in-addr.arpa | udp |
| GB | 108.156.39.35:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 104.26.6.141:443 | api.btmessage.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| GB | 108.138.233.67:443 | api.privacy-center.org | tcp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | udp |
| FR | 142.250.179.65:443 | 2b36f25c70d20e92d46cc6fce2108049.safeframe.googlesyndication.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| FR | 142.250.75.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| IE | 54.74.68.84:443 | ap.lijit.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 142.250.201.162:443 | partner.googleadservices.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| IE | 54.220.6.201:443 | id.crwdcntrl.net | tcp |
| FR | 216.58.213.66:443 | ep1.adtrafficquality.google | tcp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| FR | 216.58.213.78:443 | ampcid.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.68.74.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.6.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.213.58.216.in-addr.arpa | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 172.64.149.180:443 | cdn.indexww.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 52.207.51.223:443 | cs-server-s2s.yellowblue.io | tcp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| FR | 178.32.197.52:443 | ssbsync.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| IE | 34.253.170.144:443 | jadserve.postrelease.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| US | 18.213.195.227:443 | api-2-0.spot.im | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.254.135.1:443 | ce.lijit.com | tcp |
| GB | 108.156.39.126:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.147.205.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.195.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| FR | 142.250.74.226:443 | cm.g.doubleclick.net | udp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| US | 199.232.209.91:443 | softonic.com | udp |
| US | 104.26.6.141:443 | api.btmessage.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 52.95.126.160:443 | aax-eu.amazon-adsystem.com | tcp |
| FR | 216.58.213.66:443 | ep1.adtrafficquality.google | udp |
| DE | 216.58.206.35:443 | csi.gstatic.com | tcp |
| DE | 216.58.206.35:443 | csi.gstatic.com | tcp |
| DE | 216.58.206.35:443 | csi.gstatic.com | tcp |
| DE | 216.58.206.35:443 | csi.gstatic.com | tcp |
| DE | 216.58.206.35:443 | csi.gstatic.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 13.107.246.64:443 | apps.microsoft.com | tcp |
| GB | 2.18.108.7:443 | images-eds-ssl.xboxlive.com | tcp |
| US | 152.199.19.161:443 | sparkcdneus2.azureedge.net | tcp |
| GB | 2.18.108.7:443 | images-eds-ssl.xboxlive.com | tcp |
| GB | 2.18.109.103:443 | store-images.microsoft.com | tcp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 18.245.143.7:443 | js.adscale.de | tcp |
| GB | 18.245.143.7:443 | js.adscale.de | tcp |
| US | 52.182.143.208:443 | browser.events.data.microsoft.com | tcp |
| US | 52.182.143.208:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.246.64:443 | apps.microsoft.com | tcp |
| US | 52.182.143.208:443 | browser.events.data.microsoft.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| DE | 3.126.235.164:443 | ih.adscale.de | tcp |
| DE | 3.126.235.164:443 | ih.adscale.de | tcp |
| US | 13.107.246.64:443 | apps.microsoft.com | tcp |
| US | 52.240.245.67:443 | northcentralus-0.in.applicationinsights.azure.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| DE | 23.88.8.123:443 | uidsync.net | tcp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| FR | 178.32.197.52:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 216.58.213.66:443 | ep1.adtrafficquality.google | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| GB | 92.123.142.170:443 | th.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 151.101.65.91:443 | snip-sketch.en.softonic.com | tcp |
| US | 151.101.65.91:443 | snip-sketch.en.softonic.com | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 104.18.11.248:443 | adengine.snigelweb.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| FR | 216.58.214.162:443 | www.googletagservices.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 143.244.38.136:443 | cdnx.snigelweb.com | tcp |
| US | 199.232.196.134:443 | helpdeskgeek.disqus.com | tcp |
| US | 172.67.25.151:443 | cdn.pbstck.com | tcp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.18.11.248:443 | adengine.snigelweb.com | tcp |
| US | 151.101.192.134:443 | disqus.com | tcp |
| GB | 18.244.140.59:443 | c.disquscdn.com | tcp |
| GB | 18.168.121.224:443 | floor.pbxai.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 104.18.21.111:443 | js.getlasso.co | tcp |
| US | 8.8.8.8:53 | 111.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.25.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.192.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.121.168.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.0.22.104.in-addr.arpa | udp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 18.245.255.11:443 | cdn.prod.uidapi.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 104.22.31.209:443 | static.smilewanted.com | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| NL | 147.75.80.51:443 | sync.a-mo.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| IE | 34.251.115.174:443 | hb.minutemedia-prebid.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| IE | 54.72.42.145:443 | bcp.crwdcntrl.net | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| GB | 13.224.222.60:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | 51.80.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.115.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.42.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.60.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 172.67.178.44:443 | lasso.link | tcp |
| GB | 92.123.140.19:443 | player.aniview.com | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| FR | 178.32.197.52:443 | ssbsync-global.smartadserver.com | tcp |
| DK | 37.157.2.228:443 | cm.adform.net | tcp |
| US | 64.227.16.92:443 | exchange.kueezrtb.com | tcp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| IE | 34.247.108.243:443 | match.prod.bidr.io | tcp |
| US | 52.7.6.179:443 | sync.srv.stackadapt.com | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 142.250.74.226:443 | cm.g.doubleclick.net | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | 228.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.227.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.108.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.6.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.236.74.64.in-addr.arpa | udp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 54.88.142.103:443 | pxl.iqm.com | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| FR | 185.235.86.40:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.130:443 | gem.gbc.criteo.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | udp |
| GB | 95.100.245.168:80 | x2.i.lencr.org | tcp |
| GB | 23.214.142.107:443 | tg1.aniview.com | tcp |
| US | 34.149.40.38:443 | u.4dex.io | udp |
| US | 54.85.55.108:443 | api.pbxai.com | tcp |
| US | 172.240.45.75:443 | track1.aniview.com | tcp |
| DE | 57.129.18.121:443 | wt.rqtrk.eu | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| US | 172.240.45.81:80 | go1.aniview.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| NL | 35.214.222.169:443 | csync.loopme.me | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| IE | 34.243.49.39:443 | pbs-cs.yellowblue.io | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| IE | 52.212.55.120:443 | ms-cookie-sync.presage.io | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 63.215.202.137:443 | equativ-match.dotomi.com | tcp |
| US | 165.227.81.133:443 | sync.kueezrtb.com | tcp |
| NL | 145.40.97.77:443 | sync.a-mo.net | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| FR | 217.182.178.233:443 | sync.smartadserver.com | tcp |
| US | 159.223.126.40:443 | sync.illumin.com | tcp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.81.227.165.in-addr.arpa | udp |
| IE | 108.128.33.72:443 | ice.360yield.com | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| IE | 18.200.89.214:443 | ads.yieldmo.com | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| FR | 178.32.197.52:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| US | 52.207.124.73:443 | ssp.disqus.com | tcp |
| US | 52.207.124.73:443 | ssp.disqus.com | tcp |
| US | 8.2.110.134:443 | cs.krushmedia.com | tcp |
| DE | 116.202.167.155:443 | inv-nets.admixer.net | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| IE | 34.247.108.243:443 | match.prod.bidr.io | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| GB | 95.100.245.39:443 | a.teads.tv | tcp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | tcp |
| US | 208.68.37.219:443 | sync.cootlogix.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| US | 208.68.37.219:443 | sync.cootlogix.com | tcp |
| DE | 162.55.233.28:443 | sync.richaudience.com | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | tcp |
| GB | 18.172.153.58:443 | cs-rtb.minutemedia-prebid.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 216.58.206.35:443 | csi.gstatic.com | udp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| FR | 172.217.20.202:443 | ajax.googleapis.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.22.0.93:443 | cdn.pbstck.com | tcp |
| GB | 54.192.139.162:443 | c.amazon-adsystem.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | udp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 185.235.86.40:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.130:443 | gem.gbc.criteo.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| FR | 164.132.25.185:443 | sync.smartadserver.com | tcp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| US | 34.224.250.73:443 | i.liadm.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| FR | 178.32.197.52:443 | ssbsync-global.smartadserver.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.247.108.243:443 | match.prod.bidr.io | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| US | 52.7.6.179:443 | sync.srv.stackadapt.com | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| FR | 217.182.178.233:443 | sync.smartadserver.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 64.74.236.255:443 | b1sync.zemanta.com | tcp |
| NL | 35.214.222.169:443 | csync.loopme.me | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | udp |
| GB | 74.125.175.233:443 | rr4---sn-aigzrnze.googlevideo.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.98.64.218:443 | snigel-d.openx.net | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| GB | 2.18.66.177:443 | tcp | |
| US | 20.189.173.7:443 | browser.pipe.aria.microsoft.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| GB | 2.18.66.177:443 | tcp | |
| GB | 2.18.66.177:443 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.225:443 | prg.smartadserver.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| BE | 142.250.110.155:443 | bid.g.doubleclick.net | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| IE | 34.241.137.76:443 | unified.adsafeprotected.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | cpm.aserve1.net | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| GB | 18.245.253.100:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | gcdn.2mdn.net | udp |
| IE | 108.128.38.203:443 | pixel.adsafeprotected.com | tcp |
| IE | 108.128.38.203:443 | pixel.adsafeprotected.com | tcp |
| FR | 216.58.214.174:443 | gcdn.2mdn.net | tcp |
| GB | 74.125.175.38:443 | r1---sn-aigzrnsr.c.2mdn.net | tcp |
| FR | 216.58.214.174:443 | gcdn.2mdn.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 52.20.98.173:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 203.38.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.175.125.74.in-addr.arpa | udp |
| GB | 74.125.175.38:443 | r1---sn-aigzrnsr.c.2mdn.net | udp |
| US | 8.8.8.8:53 | 173.98.20.52.in-addr.arpa | udp |
| IE | 34.241.137.76:443 | unified.adsafeprotected.com | tcp |
| FR | 142.250.74.226:443 | cm.g.doubleclick.net | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 216.58.206.35:443 | csi.gstatic.com | udp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| FR | 164.132.25.176:443 | prg.smartadserver.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| US | 64.227.16.92:443 | exchange.kueezrtb.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| GB | 2.18.109.123:443 | z.moatads.com | tcp |
| BE | 142.250.110.155:443 | bid.g.doubleclick.net | udp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| FR | 142.250.178.138:443 | imasdk.googleapis.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| GB | 2.18.66.177:443 | tcp | |
| US | 152.199.19.161:443 | fp-vs.azureedge.net | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| FR | 152.199.21.118:443 | static-ecst.licdn.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 20.111.38.59:443 | 3b3b4c6f664b9304bfdf6551c352a8ae.azr.footprintdns.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | adrta.com | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | ox-rtb-europe-west4.openx.net | udp |
| US | 34.98.84.165:443 | ox-rtb-europe-west4.openx.net | tcp |
| US | 44.216.22.136:443 | adrta.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| GB | 95.100.245.12:443 | stags.bluekai.com | tcp |
| US | 8.8.8.8:53 | ipds.adrta.com | udp |
| US | 3.82.79.213:443 | ipds.adrta.com | tcp |
| GB | 141.147.81.223:443 | mb.moatads.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 3.218.78.156:443 | api.pbxai.com | tcp |
| US | 54.70.103.160:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| US | 54.70.103.160:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 34.98.84.165:443 | ox-rtb-europe-west4.openx.net | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| DE | 54.93.228.39:443 | btlr.sharethrough.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:54919 | tcp | |
| N/A | 127.0.0.1:54925 | tcp | |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| DE | 54.93.228.39:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| FR | 91.134.110.129:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| DE | 54.93.228.39:443 | btlr.sharethrough.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 23.53.175.107:443 | servedby.flashtalking.com | tcp |
| GB | 18.245.143.113:443 | ajs-assets.ftstatic.com | tcp |
| IT | 18.65.82.42:443 | agen-assets.ftstatic.com | tcp |
| IT | 18.65.82.42:443 | agen-assets.ftstatic.com | tcp |
| IE | 54.194.50.108:443 | d9.flashtalking.com | tcp |
| IT | 108.139.229.102:443 | js.ad-score.com | tcp |
| GB | 18.165.227.105:443 | cdn.flashtalking.com | tcp |
| GB | 18.165.227.105:443 | cdn.flashtalking.com | tcp |
| GB | 18.165.227.105:443 | cdn.flashtalking.com | tcp |
| US | 8.8.8.8:53 | 108.50.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.229.139.108.in-addr.arpa | udp |
| GB | 13.43.169.70:443 | ad-events.flashtalking.com | tcp |
| GB | 95.100.244.38:443 | stat.flashtalking.com | tcp |
| GB | 95.100.244.38:443 | stat.flashtalking.com | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| GB | 95.100.244.38:443 | stat.flashtalking.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 142.93.118.230:443 | exchange.kueezrtb.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| GB | 2.18.66.177:443 | tcp | |
| US | 20.140.48.70:443 | fp-afd.azureedge.us | tcp |
| AU | 20.190.97.11:443 | 788dad8feb3fbad97a24e71dd42cff20.azr.footprintdns.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| FR | 152.199.21.118:443 | static-ecst.licdn.com | tcp |
| US | 20.189.173.7:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| US | 142.93.118.230:443 | exchange.kueezrtb.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| US | 178.128.135.33:443 | exchange.cootlogix.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 3.218.78.156:443 | api.pbxai.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| IE | 54.239.38.253:443 | aax-eu.amazon-adsystem.com | tcp |
| IT | 13.35.243.127:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | tcp |
| US | 8.8.8.8:53 | 90.43.18.104.in-addr.arpa | udp |
| CA | 185.170.62.74:443 | a5052.casalemedia.com | tcp |
| GB | 18.245.218.86:443 | ts.amazon-adsystem.com | tcp |
| IE | 108.128.95.74:443 | protected-by.clarium.io | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.134:443 | s0.2mdn.net | udp |
| IE | 54.247.62.190:443 | fw.adsafeprotected.com | tcp |
| US | 34.205.126.68:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | 190.62.247.54.in-addr.arpa | udp |
| IE | 3.254.236.147:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| NL | 77.245.57.72:443 | cpm.aserve1.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 95.101.143.219:443 | www.bing.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| US | 13.107.42.22:443 | account.live.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 20.42.65.90:443 | browser.events.data.microsoft.com | tcp |
| US | 52.167.30.171:443 | fpt.live.com | tcp |
| GB | 95.101.143.219:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.135.27:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 88.221.135.27:443 | th.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9f081a02d8bbd5d800828ed8c769f5d9 |
| SHA1 | 978d807096b7e7a4962a001b7bba6b2e77ce419a |
| SHA256 | a7645e1b16115e9afec86efa139d35d5fecc6c5c7c59174c9901b4213b1fae0e |
| SHA512 | 7f3045f276f5bd8d3c65a23592419c3b98f1311c214c8e54a4dfe09122a08afb08ab7967b49bd413bc748ce6363658640bc87958d5e0a78974680a8f9beadf44 |
\??\pipe\LOCAL\crashpad_2840_NOJZYWSWPUBYJDPI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3e681bda746d695b173a54033103efa8 |
| SHA1 | ae07be487e65914bb068174b99660fb8deb11a1d |
| SHA256 | fee5f7377e5ca213c1d8d7827b788723d0dd2538e7ce3f35581fc613fde834c2 |
| SHA512 | 0f4381c769d4ae18ff3ac93fd97e8d879043b8ec825611db27f08bd44c08babc1710672c3f93435a61e40db1ccbf5b74c6363aaaf5f4a7fc95a6a7786d1aced8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc3a96d6fcb4a73d7ddbdf1c0c84643a |
| SHA1 | e67fa482a5f0c26c53152a13a613a47e3e4c5f08 |
| SHA256 | 7dad1ef17a723cb22a16ff125bfbda2842c7097070d89c0fefc411ad50a807f3 |
| SHA512 | dae26f8c21b54be5324a0b94061e9d1a4e2a0c9b1d2e9e5d0f952b5196c024061e9328130ea07fff8060bdaa8999d3251d0bb2aad1f291a6cf44032d126ff2e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 31e1e53e44da23ba0ecfef6a65771bf4 |
| SHA1 | e8aac68572a156f533d441aad45a1b6e07a7466f |
| SHA256 | b5de328547863150bf498bd62525965bbb9b97e43a32e7b4c1468248331524f5 |
| SHA512 | 211405535231f013b36a62f7e550128957dee1a81228629a832f97e6a738679e6fbcaf422b2e38f20792ec015b1c76b4e2a30d77b7b63ef7ecf28fa54941fbb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ebc8f3d2e11431ad7c1cbb4074fcc7e4 |
| SHA1 | 67460a0d9e6efec071d009592bd15e42296c3e54 |
| SHA256 | de829b67d75c0efa51dfcd8d8f2575ef1c11f4f10abc7ace814f6f9ab80dfc07 |
| SHA512 | d4099d4f8db89d55ed0e57b506f763cee91588ac4d2a52c9f8356d4226e4c8fd7daa9ab0e0262cb08af88d19b6617f11ac3cb16bc01e02e240b092acde06e8fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2d6cd65002f0097a31d7799339734184 |
| SHA1 | 974504199464cf1be11d7434023aeff15bfc8cad |
| SHA256 | e715f5e2640fbab91cf7e80ae4ad3a82c8ac173b76281f2a22997bd1ec8d9ce7 |
| SHA512 | cb57b859dde57d3b6624fd80d412f9b808c61b5d4f26ff34da8a4709baf61e75d8e62736aa1231b8a54125f88ffb259624ee24f8597f93e4686f760fa91ffd24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 399b87b65a444b1f23fe6f90b75a0cc6 |
| SHA1 | ec438907f3cf8323aa4b8bb35f001b0f0ac7aa29 |
| SHA256 | 8533581e926814b700ccaf4711382a7242136dbdf91f38e4e467cd046f2a74dc |
| SHA512 | 3ddff9ecc8cdf578ebb4ca039ff29da888b6e32754abe7d4130d818258ae445f3526273ca1139306a819033cfb775865b0f31ee8b130eb99ce723224fbaff9e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e7b0.TMP
| MD5 | 0a8d96adfe9a2bdbf1bec3048e67c0d5 |
| SHA1 | 3829f438fdb2436d28342439e8b6a80e72bdf745 |
| SHA256 | db40642c7b09111f3007dd3f2267a6801e3d7afb9ee2121a8bf033f8581eab24 |
| SHA512 | e285168d04c648b12e94a4cd633c63599b5fd2838b34e1cf2d70cd5a7ef45af6812ff8dc25fddf244e0e21df9dee8dc00603aa5b73d732bc5286d7c253fd79a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 16205a407f53321f19de15c3730aca39 |
| SHA1 | b15c8f6b01b3a4b708ee40a277ac3685d3e444f3 |
| SHA256 | 7a55b583a4bf75bb088beb2e54b6e34df2ed9e2b2e70b18f19c4237876b152db |
| SHA512 | 74039e50a86d01367104674d0b8e040decfaad8be588d69407e7f48a6cd0580f68a5970ccb4c6e8bb00ca8b0cb11cf43405502fdb0b0685b3830ed26b3c759cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f6b4.TMP
| MD5 | e0808e56402fd69d2f9d4296327d9c2c |
| SHA1 | 420404122c0cf4729c438dd82ecfd39ea11be61c |
| SHA256 | e03f0d91350a39bdc951087db8100ca2a4b77001a69e616e5be4e6e567e2127d |
| SHA512 | 34ec16291e05bb5713d0a8458e179780f83dd642040ba06c7b427c3fc1088455d1da020274f583c13167cb7a90a3f9dfccc7610506da307d4fe7bbf0fb176985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\de506464-32ff-4f6b-ae09-af1a947543f8\index-dir\the-real-index~RFe57f750.TMP
| MD5 | 98fab20e4b6a77381f299a5bb89dc7a4 |
| SHA1 | 85ce77a084f92e7034a174c087b7e23db7df0854 |
| SHA256 | 8b317f04d5020d45cb196290ef8ed7f1f7ab16b5e6b52aefdefad03e499b4343 |
| SHA512 | f32ae5b322b9937e69449f5d9015a1755aa8dac4920ee14dbfd025c1f0003b004ab7b3644931f583db4bc121ed890e10a8fdabd1816ed4e58553f54493ebd868 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\de506464-32ff-4f6b-ae09-af1a947543f8\index-dir\the-real-index
| MD5 | 9bf1b7904c77126b752e624d30e707eb |
| SHA1 | 71cfa152a8763b59a8d0489248da30fbc5b28ca0 |
| SHA256 | 9291001c02026e1bd7d7cd1052b711131bb3e82ce0d476a77361bc27899186b4 |
| SHA512 | 1bcda77d4b4c12cd6c43962628a14a67e9bbc9d6dcbd0b6130fa445bab5597975709dc7121aa27d919eace5a4f63a11a562f19f22c3c419f5dc420541187ad75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\index.txt
| MD5 | c6cb5055e47f84818c576df2623c038e |
| SHA1 | 49aa31c95fa66e40ced82959446a4d58220b0f57 |
| SHA256 | 0f0fbcb390cf25995cf6d26f9f1ecc073ff8ffc4e57e71e3dffe4d0410d805f8 |
| SHA512 | 0c9ea8f3735cd927643cc6cd698e57df1264f530b69b6a1d7d1f78686eebed06a422ded75b35123546cb8cf5366e21aee23f125bff881842f3ba3230c8e7844b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\index.txt~RFe57f78f.TMP
| MD5 | 8f54e2974a15a677ea87185e018f9a34 |
| SHA1 | 9ab6708b6cfe203dcd4c3007af76fa71ad6f44af |
| SHA256 | a8439504beab6681d314adbd5d026cd5351a796f336175897778dd9aef18062e |
| SHA512 | 10b2083231d175fa534ef07bf058c68a8c7b64b4863663109a14c9091030d325635b17c26e459106ae263942994167a62b8ac7e05552e9075f91e9e577728dcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 188405cba56d58b202cfec5b05e0dcb9 |
| SHA1 | 74eb4b007a8b381ba8497b3bf7ca3af8e7d957c8 |
| SHA256 | c06859a8c24226134ead9477a3e4181b8004fc398e61746ae49dfbb2c684afec |
| SHA512 | 38314cb76e5cf1c00c604f1353dbe5f84d1a803417ca74f49feafdaf7931018ab75da0a2d6748e2e5fb38727c6958b8cbbb83fb543bba07b57cde34af518a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fba125e638bf32d101de3d4c56426e59 |
| SHA1 | 063e4e3b8c5c95bdf3f4ddbffac4cac3dd2b1c71 |
| SHA256 | 3e02f39d85a17f3fd108728a286c30be4eecb017904913e14075e41286ae461a |
| SHA512 | 782408ab198298b9a91a4593a6443998737a0c8090034f74d1614f29e30af694451604dbc3922ab0275a7b4492f97c6a052986702c871752abf275ff4aeeda12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a5a5f21a9b20e4caeed5b8d6ef0c9b1 |
| SHA1 | e7a41c95843150edab2ed3279bece0a2d9af3243 |
| SHA256 | 152d4ff8c19cd89cfe557557ae9475b20f4ebbed7132e1dd728e54f85cba4ba3 |
| SHA512 | bfc5bcb5ae98c77e7ed06ac36e1a86ec07f3acc4d74712516fdffbb927b4e7d86ec72e5d1f05aacdfebbef1838829faa710716cddbd165719becea42f399e366 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 74e33b4b54f4d1f3da06ab47c5936a13 |
| SHA1 | 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c |
| SHA256 | 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287 |
| SHA512 | 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 038c1f469deb6932520d09a340856ebc |
| SHA1 | 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e |
| SHA256 | 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451 |
| SHA512 | fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a159512f55eafbd3de61f7eb04f29f13 |
| SHA1 | 9dc9669a3de705c114e7b8fbe9dac150bff4c54f |
| SHA256 | 9e6fffdf342d4651d83161299a19fdb9ce4495e5940a91838c057197ba095b57 |
| SHA512 | b38db8fe9da2765919a6840ca1f96245e9e9847e0681addf84040e824e4b860de2f7cd05f9f6bbc25e21c0ec3b154da896c695f7b47e9d184ba9d8ef4b34fddc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a3697642a3446382c39991ebc0ef0dfd |
| SHA1 | 0a558b4ef1f1046741cfd6d52e467686330d4e87 |
| SHA256 | d229e424988785324dce86ac5187fd900478d03542bdd3afc1a218549627e5bc |
| SHA512 | e13e47a1d7277d9f8900d37a2351755d20c8f09119bea276cdc4d98187bcb1ada2c45ba24259468696fce32a2313bb970c8a973ea3257e6529cdb4ee53da7816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a5afed178642ccbab03470f434b5be10 |
| SHA1 | ee9549f7b79bc05c3422436d09fbb8687cbe2cc8 |
| SHA256 | 20e9c39405c968a5421735122c30b35cb50ceb6f712cfa8f8e37cf6551f24c20 |
| SHA512 | 9897bf7d4dd02945629553c268e027f1f4a6088aa788b2d9d51f99fbd15a27194e35aae9a3e56e4ae46265e49ceb99fe2523213b223fd084af1e3b273d4529d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 993635ade85a4fd5bd0ee9e86070c542 |
| SHA1 | e32a41067ea5039cd24985de4ceab5cbc2ee109f |
| SHA256 | 66e4db62d3205504d855cd66b68253006a8c6055205cf43177ec6c6e68606171 |
| SHA512 | f32b48a5492f0a025a9e5734418d53f032e9613b07a94fba8b3fceebb54ab5b545ffc901692a9ff5da04acd3b64366ff7885946526cfebcf656c45c2aebd7469 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7c2d3dcc88dd874aba97ef9f4850e4ff |
| SHA1 | 3f1824f1a98613831e95585eae309c4d94786aa0 |
| SHA256 | 5758294aaf95dec9142dc7ad089651f9581bda25ed23b28b6967c6f5943eef28 |
| SHA512 | e40202487ab6e34000bf2c68af201fef343e51c0d2eb2634a1cfca7c2072b5c23a15f06fc8401afde472694d73e84fb2ebab2ddc147f2310877faacc900b2ef1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | a1afe33ce7442502a96deee597945384 |
| SHA1 | fe34cd78635f5617cf238de6dc746058d6f88899 |
| SHA256 | f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa |
| SHA512 | f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a8127293de595a972be0b29b794c27f2 |
| SHA1 | e2151e1c6de3fc3dfd2131b4f2e4aa623eb8b1e8 |
| SHA256 | 949e5a2eef13d3e28e391dde727b170234863a6781f74acbc1ee49187282f1de |
| SHA512 | 823c8a6cee04b1454f287a8d40f8de4d7f003a7e7621f6c4a4f6f6de7632ce4f252e25ad6293731aa2ca6d6e3ddaf7206ff87831720fc0b726942c1956d18f97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8f4b5cd2ce37ecb9e15481a495ac6aa2 |
| SHA1 | a63b005adb7f63ea8a53e992a84b1959b12ed6f7 |
| SHA256 | b4dfa84c9f5d8e4e46d1506aeb1a080dd320112c1524f0e3d95b0910cdb1c495 |
| SHA512 | 45f175531ab1e704685925c2af357791789774c7e0aefe3f293bc42ea6b0785654287362d513a8d45739118c22164ef6fa664702502daa526ea5dba8ab06d3d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | 17ddc750dd57883d3faf7b75cd41c157 |
| SHA1 | b0c89f4dec8eb75256ca7168fe102c55b0c0f67a |
| SHA256 | a0afa8178767a4e9906103cd6d9843853ab1654599c840fe8fffcd459d0e52ac |
| SHA512 | 94548fc52f8b932a8e2e6b814122a3f4b9081042aadfc534a13afd3090aa9cf5eb1689296c2c3b1d24047d42d205cb8272919681b5c0f00fbea14a58a30f9a9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c
| MD5 | 67e30bbc30fa4e58ef6c33781b4e835c |
| SHA1 | 18125beb2b3f1a747f39ed999ff0edd5a52980ee |
| SHA256 | 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba |
| SHA512 | 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | b44ae10069bcc3f69241236bf77cf12a |
| SHA1 | 84460f394a5de239b92735cfa2295fa91317c071 |
| SHA256 | 13a04a3904e9c14f5e191f247ebc229d2af511e3a036b79ce3ea5ba0bac3c84d |
| SHA512 | 61588590e2a1022bb8eb4830f8785ecdf9d2a3ae17007f2cf0460f1f46fc08ec579c682c08ff19c45d0caf0099ad520a110e2e1fd783fac4715b1af3b8ebffe0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 78280e0728c2021056c93954af683365 |
| SHA1 | f422d6f6682d904f7905b1cd7308f9f59062db44 |
| SHA256 | d5424e6657f959e1c026b7c119249cffedeff2e272912dfd6d0e0f7e04bcbd81 |
| SHA512 | aa64da37e187cac342d5c5cdd33d76d2bdf1bfd8cc49257ce1a4c0877a527aedab28ecfa0eaefc5c7f803bf3f51d94544bf8662430be50d2101c32c5d11f4b93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 4ba86a857f7f8f6cdbba7ec4142795e0 |
| SHA1 | d0aa9ec6fab3987d917bf506c2680880f8d195f0 |
| SHA256 | f51b70163eda0b588c9c21ab3339cc81ad8d07917b69dfd0e3b5769d4c726026 |
| SHA512 | 6c6daa54055f147f735aa100ca99df97d63087fe87e53eaca17ff37b404307b5810626914c37a8e643a4f9574d50d8fcfd308b4dea96162d0badc8803ef03d66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 447d1cb54315f8c7a8f8bc5f4a70ed9b |
| SHA1 | 854048abb64ebf1deaf7e3886fb1505c4b8e109b |
| SHA256 | 4be1d9a5f7ce8035b742bcfd364a554bda2c3b8dfbccafd354819603ab9172e4 |
| SHA512 | 1b1b623e943bb7f71dc431640f8bb182bf629b9db942e37306ca1d47781c15fc161c805817082bb8810f29b6a8e3bca8675945d4df1695dc619c356edd1a1736 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | 960cb6ab2a2bb6312446349a02a9710b |
| SHA1 | 173358c73a9eefaf08cb704d65de9e2724376ffb |
| SHA256 | e50eb14a9b5d6d2e114be116b113ff4d83f65e91ee0369d8eec201a013202e53 |
| SHA512 | e80a6d36e77fe4d71f73eaa220f3c44a0667202d12bf4f95448ec189fbe63e55d0a49ad156c350a240b7a71b3e7b8e670688284917a8f363c8bcba770c999008 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | 7651b1187bb58ac4c7be625337b35e5b |
| SHA1 | 307d969ef4137a66fe2793737dc1c546587c7f43 |
| SHA256 | 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968 |
| SHA512 | a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | c7499ca185afb8a4b149196d729b7d1a |
| SHA1 | 515a63fde84030ddad31b84390f9ab655637705a |
| SHA256 | 517f12733d8c3f36f4acf51221bba37f77af472a283b7e65e9c6fa6ec8615ead |
| SHA512 | 4737416dae70e637999ec218c38d176ce2571cfe892b704bcb3a68cfe4c0a8a2deea50f9e1cfc2f70da05126d748df73747e19d72f983eb335ddd350068e23e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | 26de01c292b9e6fd61dc6d172562b773 |
| SHA1 | 29f6191e8c908c5dea0522f850de37f3429af7d6 |
| SHA256 | 9e43c2c303496c4a33a90e3c271b58c405b79f11fee2c4d40b80f7f128c4ccc9 |
| SHA512 | c9c8b7304f0054289574830b6308452b5cdfabc0ad4205d232e4b9000ac237b422c7489ebb918b5921fa99ab158ae06c9535d84db090f18be5aac0192d0096a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | 77ab25c056c0260dce5b931b61b781ee |
| SHA1 | 2263c37806629de0cb54f033e3cdffaae50bab4d |
| SHA256 | 181417dc5c87fc38b887ef2f3e716da06a7c915c17d6cae8772cc85c4d4b0318 |
| SHA512 | 0cafd9b63b39888ab7d718480b5c2eec584f56192024100837833a452f44bebbbdf3d51901e12d751e828a144a0f601fd389001891d77e21295ca55376ec861b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 3859fdcc9dfc8ee238149b68a1cb2f98 |
| SHA1 | 4c78ac8554c35cdd4ec8a0318bde9bba8b670b67 |
| SHA256 | 9a2ec9b64eee6bfdf104fe6b873c26c8ae22b90c9ef77ce61217030f16d81d31 |
| SHA512 | dc15c3e84175327f6e99ac1130927b0cd1f194e4759553151bb54b6f7b3256f35a690f8650a3d0806a34f3b4855b6936c3373180b9f9c838dac8c7fbfe6e681f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | e196281b26bf6eb7b5bb26915f25f74c |
| SHA1 | bae2e3928f507991ab06b2d7c79b7763a3ac4bf8 |
| SHA256 | 64e3118073fdf08b7c39660d586bae109c6d19e7a4214bd8c9cb6d1080d43230 |
| SHA512 | 38bfc11d7e488917d4e8ad06a8694369ce33ac2cb078ddd0174b08d04a4fade51c0276dfa2794c0767cf640885944040b331da0a6bfbcfcda0b4cdff9148f15f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | b787bd69348e38aad5a2c0f0c899e1d7 |
| SHA1 | bb99c84d3929a939f79ca1caa9a4922ea9367b8b |
| SHA256 | e3957b9ca5ebaa433f3516423ceb881b6828c757a613ff8889f01836adfc33c6 |
| SHA512 | d5e26f83e0778a086109794defc26a3f23bcd86427c37e26d7de565d061649d5a7a8cf22c0b7e9120210b78f87fe003bc45a352a2914537776e2a5f2e7f46c8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | d92d00f1c7b41441862fbca0b14bd475 |
| SHA1 | 179157c5e152a8d3493f825ee92b2a476ccb79fa |
| SHA256 | c695767ac4317044b37bd3b983fd362571589986ed88bb5bf813b143c43708e1 |
| SHA512 | c8522f3607feaaed621fe5157fd3f060a98594fdf1739ed367745397c1d0173a72a2ec21b8907eaa24c9c11e1104de6f3cdc50e30586212ff6ba8bbef3c64ed9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | 97a3bed6457d042c94c28ed74ec2d887 |
| SHA1 | 02ce7a6171fb1261fde13a8c7cbb58992e9d5299 |
| SHA256 | ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67 |
| SHA512 | 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | d44b00eaf066eb7050989509fd4e36c7 |
| SHA1 | f9c5a6144aefdc63afdadfdfba432a7f2921aa72 |
| SHA256 | 81d81f58eace71c343daf95f8a2756fa914556bcad33ca241c127c4ae68c215f |
| SHA512 | 99f9f4b102f6eb4c6ff8868fc598c536397d247de9764a67548739662ae302ea79cc2f730d63b8ff40c8c285b2c9783bba96e37c72d9922623fae83219d6694d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | afac8e1637ab602a801c85789cf0ad24 |
| SHA1 | 6924151c1b368d9ad1acf5da0da31a760022dd15 |
| SHA256 | db32db9030a0facc7526142d2235640480b349ca6efcf9ffc7da8b6444d6cfbc |
| SHA512 | 88fff0287e47ecc520d567cc0e9833af9136d729c8bf587971dacdfedbca92e047ca0c9b10b9258670966c2996b266db8cc779ba4037bf04d3c276577ee7944e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | 79cf44db94eb465700d65a45a527b379 |
| SHA1 | a9ea6a3d2b3a3a61bf80caa643b077dc7fc10787 |
| SHA256 | 78996e6ffff1656b85b4b50393b4a9f1133550694f87e66f9c2b937bc7dd2c4e |
| SHA512 | 7a2edf730c401e21b69b86528489adf587f4b830ceba0af2834bc7c69937e754c0a3e18ee9a174910391846a94394fc87bf927fb101fe899275bf072c804a519 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 08b717a1f454c847ff7202cd594d7cdc |
| SHA1 | b225b755063859473cf98bc8c9f7f34ce2d815c4 |
| SHA256 | a2d2e6f31ac66411cd2a7eb453e7647f8e58866053943e811a54de41f3c32917 |
| SHA512 | 815a91a012666acbaed35a048f319b972351ea585181bcf568682da06f6d02d5065eb7e26796d144b16df1ea83a20e177ec67f3e8159ed5aaa0088c23dffedd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
| MD5 | fb5cddbe143e3a64d965d2cdffe4786b |
| SHA1 | f2ca924f258b232f8d76e815e01bc0bd4f6ecf9d |
| SHA256 | c110fb8c08ead1ea6831bfb514d43a7386f24b37608a4b787f97300da423235e |
| SHA512 | 69eb69afc3d1fec34112324d6cdb6ea2423a7c290145bdc92e4a1afeafd6f36471afb7fcb34a92161ffaac419e56c22b7ea2e740007304c79c399175ab4a9665 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt~RFe5900f0.TMP
| MD5 | 04481898326f43e446251e78a9dcf5ce |
| SHA1 | 1e97c4fafe677b0f2528c38ad4d600527b4b0165 |
| SHA256 | 08db6045f01407a244176761c5a9d344ec3a49a0d50dfea31ca3f00670f2a6b8 |
| SHA512 | 14c610c444d39eaf5ffae3ed456417728590505b02ac3c7de0be0c3294e22809a9d508b56d9c3af1459659bfb7a798b75ca8c8af8a70b53578612e5555ed4ceb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 16d354546d6658f2029a370d26690267 |
| SHA1 | 973eae7990d3e90ca1553b5bcd3f080ff2b08c54 |
| SHA256 | 636a05d161369f8dc421247421209ba05ecb64d157663bdd546553fd10688bbf |
| SHA512 | 8f2f6379c19bac75e09af912d001a748941ecc447d6ec1e400a99c65b52c42c4bb8a07a52c83848c3b1b81da7a877e2a77da8188882ac36a2c28c4dedb606592 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6ebfd5832dbd1230ac06d2a21797b374 |
| SHA1 | fc321115fc1bab94685fe5bb08d8cd88a884b6c2 |
| SHA256 | 0e8bd792d30bb7fdcb606d771238cf6383350d23066dbecd8fbafc133203aca1 |
| SHA512 | 0f12b83f7372df3ff6f62ffa8680f205cbcc4dc0716b2dd34e8a3420b2ef2031ae59c52614fc0bd27ccac441befcc372068b445e527a2ad63f6d90a6d9aea0d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d22742071da52e1689f52b75ace8131c |
| SHA1 | fa64906d3229817729bcf16589f251edb283b4c4 |
| SHA256 | 90eb3a4a5cdc0da284297c00518f5076d42308647f20058a6b0c280b9bedbe18 |
| SHA512 | dcf84237f979de4a54c69cda6db00397722b3b86e2472ffdd6af735ecba2c4eedcc027dc16e776474c012692dbec4e14ce73deee02dff50b9859793b53ce406d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 30a32cc156b709b2d66484758f24bb47 |
| SHA1 | f1b46795ca417e9846549c391df5d56c60d0ada4 |
| SHA256 | dd689e1aa188129b08b6b766b68a2b5820b972f10d14624d55146457a9ecd070 |
| SHA512 | a2add4a11c30dc5df4ce2549a5b4e2fb4920da246780833df358169fbf171694d79f019b37c2c7755a961eaa56e3a503dc0b6ab9cfbf48494bdb886727203c9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e4692297-6f0f-40c5-9b95-44beebc8d1e1\index-dir\the-real-index
| MD5 | 320550d87ed1cd2720b938cffc25eff2 |
| SHA1 | 5aa43d27e6b47a0cf2396ddea1689cf35ef929d2 |
| SHA256 | 28a7e215f3eb954dac03a9e27025a15efa6f9a5c05ea97c6a1b4e9a9d8ea777c |
| SHA512 | fa9ba666e376c35bbdb0b6542aa4b8567872b9bfd8acf9630c27199cb759c6874d1f363eb3a7375a7a4ac91154984294861e2445eccc5d1b22efe5156d4df9af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e4692297-6f0f-40c5-9b95-44beebc8d1e1\index-dir\the-real-index~RFe594f20.TMP
| MD5 | c6ebb07cc9721fb7efd73b7576f6ccee |
| SHA1 | d0d4ab5f7685ddc0b7f317b44fc86332efc5a4ca |
| SHA256 | a52bbd2d357be088cc26fb2ed73b91cf31849df646ab78bc0a118316c934d363 |
| SHA512 | 72f330b177352642e7284b1644a1a2a920faeb2dd2c056afd4758ce4387d9a59a8e00fddf6763e68989cb26d60e60e1ed24d390619f4bf7926d8c908f617d013 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 109e35e9a60ede2a401a142e79cfa602 |
| SHA1 | 7910aa40e46fdb06e8a1849a77430d8fde49fc79 |
| SHA256 | 45214e87273846ab2444ee1e1a1ff0a00b5f2964f4de48598ffcdeb91ce0c186 |
| SHA512 | 76621f15b14df6d5251d80d1521d9c4a79123c56beba65b625cec5234e799970818fc858350e96254427eadfeb227d2c245eab6c635a6a39f8d04aa2722f03ff |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0b2c71afb16fa032d9e49fb46e630027 |
| SHA1 | 862dd238aaf501a644f4b636c28f109447a0b128 |
| SHA256 | 4ed7b3579c475e01e6206e1495bf47778f4a2c538b8c220e9308d52bcad3e7ca |
| SHA512 | 9de547db2888ec5ef9e4845c036afde20d1202e8ea61928aca105cc8cbd10fb903f1ac9ac08236634c9ae52cd1f8f42fbbbba8f5690a052b2a4b74e5590aa8a6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 72b4f0d5f3ade430bb94a348a8be4d31 |
| SHA1 | 764364077f2fc7af3688ea94a3a99b0851a1c0fb |
| SHA256 | 1b5186eb83dc85bce9c24f9646f925905dab9d428a96733404a580754fb7a0bc |
| SHA512 | 388c84f6425a2d0dc9a1bb69a0c1ca1e5c2d0d1cdae2f58673344ff84051fc654bfdeed3e0e54522a9c4608464a3dfaa91615b60aa0921c7f7a92cd3f5b2dd88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\4b204668-7d75-423f-ab33-d06cbc40d905\index-dir\the-real-index~RFe596cd9.TMP
| MD5 | b33fb981de62a661422e797ad4b86ca7 |
| SHA1 | 59b6691e10ca9a90f7c3ce254be82b2f931b4a6b |
| SHA256 | f56c9f7bf7b2222666832f375f4a8249ef9caaca5d6256dcd3558aeb2c8b544d |
| SHA512 | edfc5174e6eb0a9b8bb674ddef64af13e21384f3120276244f0d6fbda9153d565221fa4c43ec83b5f3a79d40caced5cf5e762c26dbf7290317138bdf3148bf48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\4b204668-7d75-423f-ab33-d06cbc40d905\index-dir\the-real-index
| MD5 | 8785aae340e7192db36c091a37998032 |
| SHA1 | 50b5ab0cdbea1f5c73ef49b2425c06d6c17d1d65 |
| SHA256 | effb67bb7aadf3b480b667caf9ee909eb522fcfc7af53588abf665a016c276c1 |
| SHA512 | 6e8683190476e16dcbb4b8a79dd3b438b8383351280f969bc1969ef651836eeb2705ba966890b9164139bf992a0ed9ecec731460489fde1acb3c81e1fd7fd533 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
| MD5 | e47677569cdad43b8a0802cac40774bb |
| SHA1 | ece208c6fe59035bc138298e0fd6525448e5c083 |
| SHA256 | d5407c81df9122c54db1601502a5b76da7dfe090f6a0364b70b387e5fba43797 |
| SHA512 | 8ff6983482c78173bcedbe085a5b2f08e017e14918b70cb7a075cdea31b272899d0d343819768ff72a77b6f29b5232276a9e6b5219decf6a8027688139a3e68e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 0d2283b0df70bc0217118f5c6d1fd836 |
| SHA1 | 0aaa2e0daa0f0671fbf7817e222fcd777be523d0 |
| SHA256 | fb02c03e84b9a15ea357644f15643bc90eb9c6ef6532e1c82ecd052df34c2abb |
| SHA512 | 16071fce7468cc47fd7a57dc6913cbf41e142fd16b3f145dc30b13fb4a84a05fa3211d3b435ace7378c76682a1afc49e45d180eb88f6d32b0deaa2266196b2f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087
| MD5 | 1247620ae04ed8ed079747ef67573169 |
| SHA1 | 948187573e89a7dc288a89c80051082592868b50 |
| SHA256 | 78fe5f98387be39c3a985add082c97f1b2fbe600ab81a689a59dc64341aa1829 |
| SHA512 | f0a02137cbdbf7b9da9b8d35aba56376c034dca3e2ae73faa12cd9b8706b8210cd75e86f4f2684b99a4cd47cc0a111cfb44c3498b6709e0887f727671db983fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d6ebbb1b0ed9768421581444b6b61ca8 |
| SHA1 | d15e5c5960b33f356f91253e2f1f8695a9a9e409 |
| SHA256 | 7264c3ad97972282fae58dccf65ff9dd263a0745bbc7d2f01fda5996c07fafe4 |
| SHA512 | eac57634750dcb6152adb34202daefd53b4561b8fdc3f96a6fb26d89e234014d065a85dcd1ba5d5d1591205702165659c9ef8a88ca2055ff794d95a72655d387 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3bd3b1d78a572438ad3ab6f613b4ef59 |
| SHA1 | 7feeb46a8ee268943169e98fc35be9b8d3f1cefa |
| SHA256 | 27d0164cfdc283c94c9d0e3c8dee3ce99f58058a391fdd4f5d33184b5eb5be20 |
| SHA512 | 0b1bf451b1cef6852a03658e4e2220ce0249818d0aa40b1b6e2b8d012ac93d5ad48d4e57a3bba016589aee0e4d9734366a14f798b26b128e37631d6fbb2577c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 79ef5a9d3a74a8de855e7c3baba7da13 |
| SHA1 | 6545b2e4843dfdefd5d3ba57b7318bf427a93a86 |
| SHA256 | 1896cde1c1034dea296064b0e435fb4e3c9490ca64352145c6cd1f90c37c545b |
| SHA512 | 21513d4da263b4d7ec8df975651eae88f8fc70ba4a27aa857e40aef9ab80769551e1e69c9bdc459900cf9d3f65973a6ff756617e24af942fdf8aa99b96838187 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | ee6b108927b9f12e8f566407e86ae0b2 |
| SHA1 | 531439e0f62bedf6ab40180622b85068b8a83ddb |
| SHA256 | 3ee6121c6efad902cbfa470aa62d1ceb21c008dcd27a4b4ca9efabdf9f7fc593 |
| SHA512 | 06fcdbcb1d956a1bad813bc827fc1cce99402163d0625466e61768c6fa731233c38a5bdee4cba3ff6f168c9f3ba6a3a79a6920fcccbbf859ab77bb30d33aa4d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0c71056e9e3544f_0
| MD5 | bba01420abafaa40a7ea4bf6bb58dcbf |
| SHA1 | f7858d1c8f9ceb3959e8e5665e776d6ab2dd0b89 |
| SHA256 | 16524e1d6883bbb071e888a2930abe228ebca59d7cef6662a462bf8160a2f0bb |
| SHA512 | 5188b64dd93bcfd4ef1c24f32a74a33f95c24b66a1e736bd31e527356a48733282dddbfcac532d351f0f50aa1ac2767b49cb2adccfd413c5afd94fd5dd46913b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5
| MD5 | 9708e5224c10eb91f435950128a72070 |
| SHA1 | cc66f87dad487f1db80dc78942a7016d26725ae9 |
| SHA256 | 834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d |
| SHA512 | 8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f99788edd93f3c7db3deba96d79967f7 |
| SHA1 | 988ebac9e6453a67b2077cd21d7e7708a200a01a |
| SHA256 | 9d68364981aed123c255d938f277aed8b7d25ad0026a2e9da2beda8861da7c55 |
| SHA512 | 908a67ef43e87e3e7585e35e7d3478acc44847875090c2a8a88de7d92fa321d3eb67347b9235f81c29a903de3fa7305cd97fd54d135129aa85c5f3fa0860ce84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 52523de0b6a2d43ec0b851021e4172da |
| SHA1 | 09b5feb3a2fc3ff6d3bb7d963583031618989dd4 |
| SHA256 | a7c076ff68b48bbf69f7bf2c725d0d2f936df9ebe06dfb60ab39f30270b74b09 |
| SHA512 | 6f38bb9679e79e48c801df4a958726536b684b1623c194c27d9400c297e7b66d51bc2db07108a0d9ab4d51422197eefaca60b3fddf928d5efaa255fa0a6f72e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae
| MD5 | a4da976dde535a4f11ff4c9d57a8a56c |
| SHA1 | fc4c29049db6d81135507dc3736cb638340f55aa |
| SHA256 | 6b85680498d0061e6b748f0fd9c904c74eb9f265f7d6ff6b33a37a0656164bf9 |
| SHA512 | e3db7eb080a2c927ec3a223d16d818cc76f9da51525a91b8eb3cc9e15106e2939ef6d550121b8cdf76d38c001971662d833d70a269ccf35d36278d25cf42aa18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac
| MD5 | c0b6bb8bf06770448a0226486a3fa5c5 |
| SHA1 | 11324fc181adb507aae8bd8f06018dd0980f4cf2 |
| SHA256 | 51b8e76e663104d57b8772579bdd2803c2f0d92e9420f576729e0147d383530b |
| SHA512 | 4e47255d0cc444f87e367f61a245d83aacb82a911ca0045a25e3aa4ce9bd9c000a4e0d80092b57662cd3c054c3677c0848b5c23afb466ca9b70357ed27b7a097 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0
| MD5 | 59780de1d6e52e643800bda1bcde8712 |
| SHA1 | 650a3d9c00306d8cd7a857b1404d5f446e68fbe6 |
| SHA256 | 5f7fb647c535a9c4052079691c03c1d0455823fe939453939f90a5a50e801110 |
| SHA512 | 11b28dea0282b5cd28b318bde9166f6222bd2f1b2908218a7dc9ce9d52aaac8f29e1f3d771f285bded9e1d052ce42b2de0ef07f30104c434192f0377a317560f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b48f3c240c7b8844_0
| MD5 | 1c7abaffc2abecbe0804eb3472d1c16c |
| SHA1 | 4f5c46954b48ea584d9287d806a1b0193e9c3109 |
| SHA256 | ce0443ed202a84de28dc6f16f99c8cb3a4f200f681c0165ad0e652a4325ffc59 |
| SHA512 | 0392f1c42d75899f9892d28874afe6e59e14558fb85984cb6ad5fa5f6a9f5414f009aaf55d418a29922e979241046445231fb66b03c8c0da015ecfbca00e18d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e98c4c1271cf5686_0
| MD5 | 225f187ab6cab14b1f4557bf4bbbca76 |
| SHA1 | 397bf3db6438bbcda4b80e3785dc46b2179fbd14 |
| SHA256 | 43dd533ec66d12a208a75f8a6d9440bd8ffe03656fc2629a0731a2b9326cb9e8 |
| SHA512 | 6f5275b47ec733b130d053e460856b5b3b13fe30767948638b646b1fe20e68c097312e0f8d953aeb363e7e15bcfa8a5d5254b6d0b4a6df93381eb272fb6d2ac5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e98c4c1271cf5686_0
| MD5 | ee3f50b11ee451cd54dad87218dc8be0 |
| SHA1 | e1e85b9ad22f97922f0d9f03d0aa923e51dda261 |
| SHA256 | f1a75f00e3764270305eb4ff6416ea5880a6926e83179156445fe290267ebe2d |
| SHA512 | ebdd6ed214fc05ff7825a088395095b9be37cf0c1568a4ae8660b7507455a32d5811bfb9dca6260f9823b75fc5204eb7919b86bedf6e6abbf0f401cda034ab8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2880427b60e5e7134abb914ab4bc88c |
| SHA1 | e7429a549fa88fbe96f254d96c56b04a2a3358d3 |
| SHA256 | 4b8d1658a95e12187de0187527953d6cdb354513f48aea9de0cc63d4a4caa65c |
| SHA512 | aa31ea72bb565bca7d0ee1961894cb46e6ce7e8029f364119365f59159af08c1b04c6f5305a9b911d41aea4acad95084acd392bff65c0544e144e3d25510cc6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | c55dbb2a5e2048f8ac7b88cafbe13ab6 |
| SHA1 | 6629572a0fd059184b4e5c57687fa414fa7283d3 |
| SHA256 | a82abfaf7dd683f673153324de1295a2a952e5b40fbbc581b5fc39603883f5cb |
| SHA512 | 61336d53f5f14636ad0552e92bafec6ab262faea08d28143dbe6f631bd6be86ed1b6b2dd5a2127cde53a1405ee4bc8384c3327521571917dc22c7fd553f108aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8
| MD5 | ce6feb6f6085205b7369a1c1e3c9e2a1 |
| SHA1 | 5e6120b24f2666a6d5e5314fc37af671670f9a7d |
| SHA256 | e12cf9c81f908205383a0c0b733470a2b72cf6c67bf9ecf8eaafc28cea72f26d |
| SHA512 | ccefb248bcd778504a6e02a4adbc5caeb995b0eb2d5b5502110db5f2ef765c2065805f7b01d303bb7d30ee5ceae915c8b4dbfe943af018fcdf501b9ad8876d71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29d6898ea9d03b46_0
| MD5 | af50c57fde61397803922c4cb60000c7 |
| SHA1 | f183b1b75c530ff67300cb3205baa5c43f3908e5 |
| SHA256 | 3eb1eaac35752d86e464ec6c512ee9e363ae853bc124530742c7393e02b77964 |
| SHA512 | 9c5d1755e67436123a656ef40dc718c69fe95f3b5ae8be97ce1474de0a5e6a5caf96cbd2c21038f57b989f779a962ac51b8531ef5da89cd07848e840335f5015 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\79f72482b4142266_0
| MD5 | b2311cf6b7f5b457e9f4fa53374b9cec |
| SHA1 | f978ca3d3db479abd54298770886e998ef00a869 |
| SHA256 | eac278cd9dae0205f024d2d6fb7b2504e20a4fafbe808a9cbb5679902ba1755e |
| SHA512 | 728cba7391034d3fe0e7931bef84d74e84d7f63112f83eb728e4b0e5300792e8c509e0778d431276731e6f1e0977e6eb845f0c6e8d19fc6de58017f6e316db60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffb6c7a2e61c0c63_0
| MD5 | bf06777b9960d6cfc138f1d555869553 |
| SHA1 | 26f9d0bdf8695e07dc3eb0c005df1767123f0ca1 |
| SHA256 | f0df261b7eed285e7eb1fa04412f0832b4e14f0e343a70b5181bb6dd982fa8b4 |
| SHA512 | 87f87c7fa65517476463da21889d2c5c8599e3ff4d4324556f4ac83adff973b135d91e7213bb81e01b5befd8ac5ab7da536845d591fd4fb38e03e07aef8e6a94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8f4762cac3f4ee4a_0
| MD5 | 8b95867661af113592863b6397981a1e |
| SHA1 | 6d4b4766d1cda76c336bf35da0ecdea0c204bc2a |
| SHA256 | ea7e35a2551ca324de0cc07f656b1cad3a2f878e18f51f54d8b2f58d86398111 |
| SHA512 | f15ee75439af965559dfc08ec594e5c001770691c3769cd36b8a7d04cf9aa68f256ec054d5c082ad908fa7ae21eee67fe92827f43d76756cec28134321a4618a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f0a349138656c356_0
| MD5 | b32eb235cccab91e1b795cd133af9e96 |
| SHA1 | a6a7267e4be7a0eb093a12586d4243b1d996e973 |
| SHA256 | c34a9379b8383f40dd00712fc71e08bf72771eafb85dfe5bbabdc126420f754f |
| SHA512 | 12bb9c46ce9ff7d9f945691bafb5792174d8775119b9377d2b5d2e26d4bc399b583025928ee1a501eca704e637ffc4d70ae791b3f83f8121a468704c6e117525 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a76e3b92146dbf4c_0
| MD5 | 3088919a7d54dad8142c1b61cb80ff55 |
| SHA1 | ce6afb9c09f61723497d12a2df28baaff4ca4194 |
| SHA256 | 6007ef899b6b877babde164e3dbb79f40ff5786c755cd95330d90449706b0bec |
| SHA512 | cb3e0b46f23953441eeb9a33564e3dbf44fe8d9deaf5d18a230da4920183b23a6f32e2743415bbc6e4d1e6ad5fd72d52b6d598c699d95c5966a2a302ecd1252b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\88f205107c3af64a_0
| MD5 | 10001e72e220fab6656435d5f89f2143 |
| SHA1 | 43a7c73e202ae10f46bf5541a7407fd6b1ea938f |
| SHA256 | 76e177bcabc33ed32726351a67cf4a4266b3d9521862c19464c4b92a4239fcf6 |
| SHA512 | 905bb285b5e3e71248a6eaa6446fb8c0a845d023e546460eecb5c144ddf96fc57c4c74dd49805a681f2bd99a8bd27dbceeb23cc907d7e23e798c1fec99ce78cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0165d9644855f8db8bc773d9a7103086 |
| SHA1 | 67df4eb05ce6394b21e791ad4cf7144501a5fb0f |
| SHA256 | eddb3e4a7544d900730e6919f461e1651b345e05a83534585c477543a48c006b |
| SHA512 | b36a314223f0b18370ae800c0ef1d50035647951f0836a543df396f0d02bf5344fdb59337a6b0a9ddeebeaaa96eb2dfc9cce8638af980cc4a0996f186b22095f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f048b74858d0bbb6011b318276ffe46 |
| SHA1 | 13a97c67748d784b91431b0b3cfc9eba086ff1fe |
| SHA256 | 493c1123bca923a08555e91942c76f033be234a18728a8c8b6819c8b8e56adad |
| SHA512 | e6a07e1623716ec9e6e0f6d0d068bc40ace7b57c10a826e09f30d6d03012bc0f4751399e37fdba6142126e357858bed81ac7f627d036b0abb1622f84e097cd84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9
| MD5 | deb04fe2a35d2981313f891baaa32654 |
| SHA1 | 69e5aaef4a2f447878824d905832a08a9c596d83 |
| SHA256 | 93dedb17602e315ba495c99be747f3d5717b4f49306c55326f4570b43c9bc1c8 |
| SHA512 | 8c32d572a8f108079263b9ab5230467b454518b60932db7a2cc855a350130d93db5b8f2cc5c82a9b3011e572d80d67e23c777145fd45e6467b0b2caafe92378a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41a8c80489065e661537f29ee3fc69ea |
| SHA1 | fab9a64efe22256cf7c84d30e6dc6cacd3fd22cc |
| SHA256 | 023ff0c0f5cd14e2f2616c37ea5bb7d35525e8572eefdf8caa3ede8253974c41 |
| SHA512 | 3dc1112bb9b68328840b19bb3c5880f718142fcf9b6ae528b2eef302a5edf004a0129ed7738697786e8abcf81160dd209c1e1c8e501bbbf10c07fa4fa3ddbc05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 279b73a61d20f394268ab2f7bef29d0a |
| SHA1 | 341251370fe6d6b08a874912dc03946e20dddc40 |
| SHA256 | aaea4fef16bbdc8374388eafdb1abd76889330c71b5d2cbf6f2151c614e6b603 |
| SHA512 | e73685085537354bb04fab3cbeb62de334eb7b89a4e736fa85eeb2493d3000b25759897e4d8f7376d8cf978d73e7c52fb754413cc73807520c5d8ea98de0e6ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 03f9e82cae08b467360f6c864c90b890 |
| SHA1 | e9f39d7a633bc6291a87057105c543ee5688cf4a |
| SHA256 | 4c249802a91dcba3bfefe0977bd0061c1907d917980f4e3f128f14205ea83fea |
| SHA512 | a81e1cf27174be080b1e2df40d0ed685c185fe3d08746a4d8a5a211aa055b9b0cb93bde26429a3c6a639f47073ac016599bd96eadda36d9e10d47671f85f9d4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 009fac9a770f182ca8cb8d87f8b1ceef |
| SHA1 | 820e2c292fce3fea0b98d6e5b788ad0f3ce15b06 |
| SHA256 | a7f68dbe54357766d7703c4343b407ef910be062e9d9686cb85d10ae0f1cf644 |
| SHA512 | 256c70cf68fd75c07274f6221f59b4eea359f5738142ec44605d1b8e7dcf74b8b85e5b54987789ae9de7f43edd78e29af3d3206a75c2a898374dc777f1f623ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9b37f8b31c84a60d0dc25ba84945fb03 |
| SHA1 | d465d622254304709016edf4591881b6513f9d66 |
| SHA256 | 15bb7d7d309806d92c7ba1a8adeae03e11af06f68259cf7044936a3e41e78c4e |
| SHA512 | 3c27630c7112359415bc0dc4748ac119b8615f113269c4984ad46116cfa94b0385d02c4b7cabbe2a12a3757fdf5f9e0991dcf9e6fcc4bd36bae60f36e6c0e6a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3ba37ecf333a81c9981940f63a3dde84 |
| SHA1 | b2edcd5f8815dc5baa983b90db154e0f2d469a5d |
| SHA256 | 883e2453b8dd91ab29c6bedcb0cb9d616ef1bd3b8bb13282eaaf53b8231eefcc |
| SHA512 | 32bb701b9c9d38fbe931acccc5af028e86dfa8bacc822359f96caf48bd3106c5ff921bd7eda3de93f36a45601e88f008d06a2019b08dd38010cbbe5f59074958 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d4f61781dc6873eddac01aef70532ae7 |
| SHA1 | f3813e5d26df703ed758bd07e4ef5117c7aa8e68 |
| SHA256 | 0a440d127f26c9ee4dee6099bd87e7f82bcd648a1040d198234b50a760ceb722 |
| SHA512 | e0f823e3d857692a8f3067cb7430ae202867c69471e1a39d9c1819b97d58d11c11edc1183a87cab3cd4bfe3f82e86c800790fdb8f3a176bd006fa02dc3499492 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d19f94b69af8bb65280d9bba62b36724 |
| SHA1 | 34d1dcf9d0bbc274fc62f72d9cba9374826e3bfa |
| SHA256 | d4e11c6cfab02d263ff8d277bc8a045ba1d128efd826f6aa37abf344765ee707 |
| SHA512 | d67f57750f4d2515a1c9118c963b41b41b05e642b93f8d3c8cca42800db26e6746a33c6aca6cdb69375a4dd60ec326928d674a01a4ea30d9c1b4a739bf606b9e |
memory/2340-3110-0x00000139E9680000-0x00000139E96A2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_wuzrp5ev.chs.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/2340-3111-0x00000139E9A90000-0x00000139E9AD6000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d8e781424a372be0e72eef00d132974e |
| SHA1 | e02b9d7453a5408c02bc9d6ef0aa95d9376adf71 |
| SHA256 | 3d4ad09554b154030771dca02d3ed72680ee96da502cade6a49eb21d8f559c9a |
| SHA512 | 99b5232a0eb6d234e2f0b98732229191638b3dae5c392489a5aeecf3f603cec4ec0c53cb8da46baef65bd0b86170a222050cb818d1bb74fcfdb6f3c9acb421da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7
| MD5 | 4e86b949f3f0620c7ee37d3558821a23 |
| SHA1 | e65d2070bea4500329eee720e68c36eb9b6baace |
| SHA256 | f293211312c2050f102154147d47bec093df2969fd69d3e15f2a1b3ec77379b3 |
| SHA512 | 8c67ce92b918077681563898d2851853c52683919329d2d83fbece90a7783b334b4db867c117d469bff7d1436fd2fb19f376c5492e159855e1649b7dc436a10e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8
| MD5 | 49295de6ccd23cf80b6418a2d209868f |
| SHA1 | 42a955b4560bb22cb9b5b39577f7a691ea345018 |
| SHA256 | d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa |
| SHA512 | 2954ab185fd84a08933bb6e79d91e301021fce4e632b477e765c172cacf72913561e101ed2f7e66bfbdc5946b35f2b63eb2b6f878e0afc9d26ffe71ee112a1c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\13025bdf-f0fa-4582-a5a5-9ea9bb4b8163.tmp
| MD5 | b7d115ddb2ced37e0467568228414d77 |
| SHA1 | 85ba1b066adf5e7ae52169ab46b59eddf08b38b1 |
| SHA256 | 69020d4084720390bee1f4db48753192cf6d44a71f26b402f97c5a8ce624a0ff |
| SHA512 | c239eec6936dbf00e3a0894209207b62d851fc482b14465e39ce8966c9b9f66576ae97263bfd8b31ee3114ce907d32465c69ccdc6cfe6b578257c087d568aa3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae8350944f279382215df1226a9431e0 |
| SHA1 | 8fff68532290052f951da3df3658accfa23d462a |
| SHA256 | 64dcfcdd636af4a2585a69294e075902c0b0f188980b765561517a251baa8b3a |
| SHA512 | cce39224f51a86c664c63fe59f1cbe29fa5061cb47a02797720a45163c1c2b33900e45a729d48c5486e8a40c27fff0bb4c7d3795574cf9220230dcf51d58952a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_helpdeskgeek.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms
| MD5 | a8a9d41573027eb9df755078fed26e9a |
| SHA1 | 10343d11c1aaed5ddc48217aab87e436927a2152 |
| SHA256 | 0a3582ea9cfd39a81a8ef8f99e0091bc5162b3cfbfca8665ac51c47d7a89270d |
| SHA512 | cc80922c06aaf25330e65790059e29bcb35c6f9e88a34313a46804fd0b151b9c02d08eea4a5959f827f432409a63c4f7b339424f5ec91f36abda745530a6509e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b750bb41971fb042ca9317d334d2cf5 |
| SHA1 | 5f1400ef56147e55596eea632be6d5c4c7a9e713 |
| SHA256 | e5863b9b71091f57b0fe1593967c21a2f99cd8f961170bf2b5766f70b98732ce |
| SHA512 | 2882eeed798e3d00d70aa76db2d4d9bcda2079420f1770827ce4cb3064c497c94265a56cb21282a033b2f580e27e2273ee5c10fdcecef29394f2b917cc578f26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b1d4c1e06173842b93de073cbc69474a |
| SHA1 | 05ae2647e81a687b325a38a369e3d7166efae202 |
| SHA256 | ab86bf14aa2ff83e4c86c08d23c0a3731e985e8da945a5611061e963329eebf3 |
| SHA512 | 2cf22ea32fb8c12592730035ea73312b667af7dcc7a038fa2c3f1d68af55c6322c33c4a566267a4d1a33a2756b502f3abba43a0871ecef9f72270b84961bb79c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\12f42c4b-6699-4fc9-98b0-dd1a57542175.tmp
| MD5 | c322523b8f8e67ddb0aac7c15fc45fd8 |
| SHA1 | 7412bbc9aa44ddf8bd851cbb4dd436dd85752ea5 |
| SHA256 | 6b08eaab041fa8ff2f8ac6737ffe1a891671a50247af2a980f40b7b20a468c69 |
| SHA512 | 8f7cc868a082058a5a17bb74499122d6eea30fe1459da1385c7bad12f093eab8e3596db8b8f6a00249a11ded0136325e9c55a36ca195fbbc2d45fb63e75bf4aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e36b6fd2a653fd6_0
| MD5 | fe345615596f17e533b56e7fc18750bd |
| SHA1 | 96be0314baa2360910a81979e0c9c02a7b8021f9 |
| SHA256 | 171563e8d47a66da60b7cb4ce50fc63b2b5684d05f2585f9d029ef020e30b700 |
| SHA512 | 2d696b1af953a6426fcd6a86e29c9dd57daf151f37bfa522b043c1749508ce5c5e89d496357fd32fc5cde6ca434b4d9e2f21bb1d2e6acbe72148d5b7831142e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e0
| MD5 | fa049f5c487f9b3f75ca3f075f6847df |
| SHA1 | 9ebde1123c1f8b77720a8ccfac8e0eba54cd86f7 |
| SHA256 | cb7fb57be0ca5afa3e1f2f1d70c8f97f11d41ce9230989014204356c588651f2 |
| SHA512 | 99bbab4894047ec503ab2600ca6907bf8245a72a0981e6dcd05ef016cb40fc553a7a49effca7a42c41a9675d4c6f7aa19d1d2b8267beeb8d57cb23e7f12512b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b92fd206140c9b8b19a6561e79816ab2 |
| SHA1 | 3089ecb8874eca50654e0e4249be29e65b4332c1 |
| SHA256 | a1f7f6f3773742eeefd432748f50d38d5f4fa2ef299400b8b0d48c8a3e07cb5e |
| SHA512 | b85ed580db7e8ff0c09ddcb4c1e2f0768d7a02465266b41551cca3c78d0cd2b194953101948ead2dcb3def7d5a487a8dd992f4bf067c4ffe6d03d18746a341f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8eac0a05406cbf0ff079438ef081bd53 |
| SHA1 | fe89a9d507ebfa3e35e25518dd00258ac756fff7 |
| SHA256 | 7ec0e16cd468131a19cb87080cbb92d5fa5a0d25f6c09f2a2c84ba8fa63c548b |
| SHA512 | 4996779f2d88716d2035b6cefee92ab91446ccd5dabf14040393398ae4ecb884d3e74a7a31427c9a215bed2dda2fc6bbc801b51748ea0a9206a966250c4f8926 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0c71056e9e3544f_0
| MD5 | dd10e921f754e8620c812e90f542e1ae |
| SHA1 | 90dcf854518dc279c673efd1612a97bb3a87dfcb |
| SHA256 | 87f6ce352425673de51560425099f6fc620d4da67e29a58a55b915611ef1fb5f |
| SHA512 | 8b605aee6a6e7e02ecbedb2bdc3cd537462e871c5de058f3208d69a98781b48305c9ad71a42374de3dd951f5a27bbf5487f58e331168096ea1fbaefa1c47859c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7a577eae2ac64f3ad1ad914c37f256e7 |
| SHA1 | ed653d4d5c43813891f198d47a49e52d43b42143 |
| SHA256 | fb456f04440d06ac6531d32c9a5261630d3aa0544b4ffdf8055cdf81df9f959f |
| SHA512 | 97f9cd1caab789c291d53f7d85e4e0e94688950332c3fa8aa1098980eaf347692b7c4f9eed0341e5d090ff06e737042fdad53afb45be9f214a475bae201eeffe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 85d57fef2408ec0d97f01c5059a6925f |
| SHA1 | 95c54fd828d1d4ca59d0a95d2e8b403310004f8a |
| SHA256 | 7323cd6297b54d8b0fd356458759ec5ab7b25fd6df5e555651b6b9c70582cdd7 |
| SHA512 | bb8e8b5bc168fd846980d9195c6051ee5a08f803ba0a24509c1dd97732a0b22cb5f473162ec18831659e03f68459fea3120e9a565cd2373740d51b0e8beef8c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c75534063904c0eb4b76655fca73bd41 |
| SHA1 | 1953f0cd6401b5172b31b0a4466d0c43d1e9bb55 |
| SHA256 | 1f94e490c39c260e872abf9a581d0ba1060e424eb699934dbd30d1052ab21a97 |
| SHA512 | d1f20d163f30afc0f0fe9b03c117aa1d9d2e056a63983f92d5986d14e33c79f25431bb3cd661d70e137f726a17ed1f450e9cd32b8b65fe1137a44769e2685048 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | de8ad80bb7749ef22329940e84ab9b3b |
| SHA1 | e14cc7d826d9900920b2c7bd50b50f3295c1a06b |
| SHA256 | 4706a62c4b77f2ac047b637d67a6d29b72913f423b524983106f4e03865c60aa |
| SHA512 | 5bc0971b76ed05b9646082c736f94f7db029500099edc665b6c386ee2a219bd7fa090e9ce4036bf33b780169d7a676a2746a47be49abba0bda45f1c97b4382d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 40ed444b243c853540a586cf1e2b5a7d |
| SHA1 | 3ccf3da95524ce84ef2f27b2ae0cd8fc0ef5c1a0 |
| SHA256 | 3897663e9a7336ae9881f802bafd914e16e0e7c5776841225d91b277a53876e2 |
| SHA512 | fa9ea7a44fb6f4cb88c1480b20941e950328e603e0ae39d1e402af5f5a5a201ece797fd98a580ec59fe5b3ce481bc51fce8068ae51706484e93b229b01cd95e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dd29f3b43500f5a712a091618f051371 |
| SHA1 | 122d1d7ddec88ff04716522b579b96069df15039 |
| SHA256 | 912894e27370f2728d49391eca46f8cccc7e25fe37026a66b94c1753c6ebb9e2 |
| SHA512 | 413a76d1393c2bad0e3e044396b061250085c5960bc24bbe7812f9ed4930092729d59c01c661fe1d2999cc6b09e10c35c70508fd90eca2eaa24e7bc95edec4df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa7ace2f6772fff76824794afc2f3b79 |
| SHA1 | 8f0859ddb8a3bf23725404eb4e33740091a166ce |
| SHA256 | 491b11c4f8f9a892f24d0ca2b0872c36141dcec7e22f84ce9562d77a69c6abbc |
| SHA512 | 4f794953e87268a2c3b8746830312c8f9e79df38daafa1a64a9ea849f6c911996ea1ba03e2663ee918dc50ab8b4baeb750157961d96cc5b3a087b70f021efdb6 |
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
| MD5 | 28ccf15ea46074d78f6bcc5be86057c5 |
| SHA1 | 26fd7745a2faeee058a1b688ff72a9211eb1125f |
| SHA256 | e993ccd63d1eca188f9fa95760e2478f9c9ef5fb4da1548b10bd03d8734d8b95 |
| SHA512 | ca75af1f2d2bbd27e5c99782f0db76fb9ce7fb3f587c18c11d60c57c95de2b9922b5c5469aa3fd0662f362bcc9aa388c28aba50e47557d47ecc5a337d77ba462 |
C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\UAC.dll
| MD5 | d23b256e9c12fe37d984bae5017c5f8c |
| SHA1 | fd698b58a563816b2260bbc50d7f864b33523121 |
| SHA256 | ec6a56d981892bf251df1439bea425a5f6c7e1c7312d44bedd5e2957f270338c |
| SHA512 | 13f284821324ffaeadafd3651f64d896186f47cf9a68735642cf37b37de777dba197067fbccd3a7411b5dc7976e510439253bd24c9be1d36c0a59d924c17ae8e |
C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\System.dll
| MD5 | b361682fa5e6a1906e754cfa08aa8d90 |
| SHA1 | c6701aee0c866565de1b7c1f81fd88da56b395d3 |
| SHA256 | b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04 |
| SHA512 | 2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9 |
C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\ServicesHelper.dll
| MD5 | b9e8c2212ac8dae4b0eaf97c048529fa |
| SHA1 | 331d172323480b0518abdb0cc9e256dc7f46c357 |
| SHA256 | d6f6758adac2c073bec481e8de762af3a5574789bce3f43de02356afc9911e0f |
| SHA512 | d93aa032e27c8268a4f6883711cf41f7ee2b5d33673a26d78db24456f2c548af39b7b98ed4b4737245c278d524fffb3e4bf708b6815dc866acd371427ff6be96 |
C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\CityHash.dll
| MD5 | 2021acc65fa998daa98131e20c4605be |
| SHA1 | 2e8407cfe3b1a9d839ea391cfc423e8df8d8a390 |
| SHA256 | c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14 |
| SHA512 | cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\BitsUtils.dll
| MD5 | 8dd17c172a24ebf9601308b949a9ea22 |
| SHA1 | 507e586c9f69ddc7e58442631efc44f3fe58089c |
| SHA256 | ab77c0a6c79e76ab0f509d655273b2ee5c682c702217f4f884bbab3d2fdfc4c0 |
| SHA512 | 7de5a35771ac8ead2e3096de29bdedd8e94696d35dc304388c1cff2a14bb264e389a576dae21aaf9cbac79de6c99606b61f1dc5f0ba35fd261b2f5553d389e59 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\InstallOptions.dll
| MD5 | fd249bc508706f04a18e0bc0afddec82 |
| SHA1 | b94efda9f41c89fc6120ed385867125d03f28bea |
| SHA256 | c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad |
| SHA512 | c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini
| MD5 | 121f9faab517f98fe7ba53a2ebb97dc5 |
| SHA1 | c409f0a3f947b526cb9e30b8e9c7ade7c90eb387 |
| SHA256 | 1cbe6e0d2551a5a1d91fb92397f2950f693e432e6b882c818870c15cac0cfcde |
| SHA512 | 836cb9189e92cf76b2e052959f919be6518a0cd6b8e4b5fe49a010e295cc19b31b469607097684079eaa9ac10e81639e3c28ec11424d5af6ae5cd439fac61f4d |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\modern-wizard.bmp
| MD5 | 49ff8ad8f51875597f3e919e8770c24c |
| SHA1 | 1e840ce0f68281e312317bcbdbc10fdfcd3959c3 |
| SHA256 | 76da716588b8e51e36ee7a674cd873a8069e27fef73851d1e190face5a67fc66 |
| SHA512 | dcf29bbef46b1bd8d9f6c6221955ab06da23bc6661c603c188ce34fed80984a3b6d2006ab38b49aa9d1908d714cc0f40e63b6230244e4d4a0c9baebbbda1ddb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ceae6506-6b70-452f-b7c4-a37bac0d1a8a.tmp
| MD5 | 78028c10c7fcd2361c60c22caab813b4 |
| SHA1 | 420a8cfa4e66aff7c6adb7a4726b24f2ad238716 |
| SHA256 | 4265c9948bfd3879f05832fe376076ef4a05470bc48abe924dbb5821035e88b3 |
| SHA512 | d7cf98195dfc23d147540897ed3ce07a4c1b6ba747aaf037cdcae345fdf9a55d517eb74050f426843e5e82f3a592b5f94193331a746930715afbf2488c72ebb9 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\crashreporter.exe
| MD5 | aa9c1de3041eb75aeee90b85ff66c9dd |
| SHA1 | 83cba1e082732d95f278434fd25374104e25c668 |
| SHA256 | 57b8145816b5d189842e350fc030e5a4def3a8990e489aa68dafec2b34e50171 |
| SHA512 | fa75c0de232e497540cce6f27dc0b0457860255a0822a6db297942ae91159dffaf4d35367aabcf9b2e235766a204210afee13e2e00cd0016403956a8a63a78a2 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\minidump-analyzer.exe
| MD5 | 27339083fea7fd6d8363f7fa88ca7b80 |
| SHA1 | 6582a65dc5d306964236ce560a85b6a3826ae9ee |
| SHA256 | f18e014b7127345cd9462e3da9299d3a57fd64dddd60e6c9f088b8b9c30161a7 |
| SHA512 | e9987041bc8a2ed5eadeee525db19e415cd96a19b2a7a4aca1372cbd072c88f64f8fe5ce4b1ebe4ba75f3f436de33173a363cf2a64f459500563cf529894a777 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\updater.exe
| MD5 | 792c5ab789d8efb1631dfe12fb6e64fc |
| SHA1 | 9337c863c834c8f9e5fdbde04702ab4bdabaa7e4 |
| SHA256 | d3c76e6e1f3e34197d108404fc9c8b6179ab01afff6c6803713d320a3b480ede |
| SHA512 | 18d7a4f77ea238325795ff95b5af1e59104d96b71c98b44f0bc1c246bcf8c0a4389c9d4275ecb62f93bbe82bbd00067af41056bfd121ef441fb3154d51586059 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\pingsender.exe
| MD5 | 69a30d1e4195aff22f15bbc590e9b5e3 |
| SHA1 | 7547128630487c8cb3e3ae03bb58841ea848e94b |
| SHA256 | 08d8cf85c548ac664d6f39d5518bebd41e1a9e5f51153eba33ab91e3da52cea6 |
| SHA512 | c921f78620d8e8c79c82e24fa17997a6a4874b8707ad7ff42dfd22b824a9eae2e3fb43d5c136924295757b27ade4f3e625b8c77d97c91f7fa60519d67a56129b |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll
| MD5 | e96c86eba0f9fdc4582dc0e3b9b0e5b2 |
| SHA1 | 65279d8939a18620751ecf4ebf3715aeee8a5331 |
| SHA256 | 5fda066b1a6bab8a3d432a3e5e3d8a886a9488db8ed2b9f2afc55c7e0f38428f |
| SHA512 | f4212fc7b64a5f5632ddb73105334a5f43f05a65603b55bc248434ac21927942b9fb5d7af3a2e03061604e95505976e268bb6583be748e067dbd4ff3b570f135 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll
| MD5 | 4c178b42e7ac23c2670f9062140db18b |
| SHA1 | 1866da5ff5ac76b6d48f5cbd906969e44de254aa |
| SHA256 | b80ff8b4a8a53bb5c0b811899005923e57567823914b90c8ebf978be75db82f2 |
| SHA512 | 86147e368d86f927ea203b3dd56c20d516a3598af3e27d4a51dce9b4090f0bc159f92c7182cf2f910034ccfed1c713b7b59db8c650328f79b5783ea01ad9091a |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll
| MD5 | 079f48ed995b415d79f99d7f5facacc2 |
| SHA1 | 06eff6d1482c5a35a85a82dd37660b237e5e76b6 |
| SHA256 | f5465f6b92a425a2a8e42726976a435cc5f7ce93a2dccc670dce597db26962df |
| SHA512 | 9a1366aa0c744492bd40a8b9b225946017f3db76a7f6e75dca8006dc220f78b3db7338feffa2b8f3d55a5de42b4811250297d6158270925b4baf5b10f172aad5 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\firefox.exe
| MD5 | 470443e44566ecfc7ac2ddbec240a73f |
| SHA1 | 27bb8d2fc02cd2bbc184d07357aaa9903d88b425 |
| SHA256 | 006652da0745d8672ec56598368c1f8a4896cd4a0aa5b61499d574870f94b705 |
| SHA512 | 22c9bc36874abb015a7e1a28e26f186f2abbd559aad53fdcf493f2178dbc6cfe5a7324d0acadcf4a641028e61787d2f4237a8c034a3a7a6d0a7162f31e05a618 |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\default-browser-agent.exe
| MD5 | 4c6887f8c8c66f0b2db5a8b347931b70 |
| SHA1 | 1a71320873155f84de67bc16324c8ca0e503be04 |
| SHA256 | a080df509685780d81ee32d86eac7ab15b5831090678f63b5741b57fd8a9969c |
| SHA512 | 3e1cc423bcde71a24457b5f9756241c0bc0f9b1f434eafc84ec733f124bbcf6f9a1e104caf402ef2d60a96b895842a8e6b18cffc59936e6c4873a3be92cace8f |
C:\Program Files\Mozilla Firefox\nszF83F.tmp\AccessibleMarshal.dll
| MD5 | eb0c475124ce894398ead3733efbd451 |
| SHA1 | 5413979dcaaaff24b5d47d2ff6430f229c4abb6e |
| SHA256 | 46b72bd02816965cd29d9c50c6afcd6b75b7a7b278605a1700ecc0a1e1492766 |
| SHA512 | 2bddafc036331a89b5e4d5fce6d1d62805f04f37bdc1dc3a95b4644955a983aefde6a371b8d18f4432882473c907f2dbe55c31f6e47a54006b73070534f3644b |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\modern-header.bmp
| MD5 | d74f354a7dff27324b463404f4eec99b |
| SHA1 | c0cd9ec50ef163bb868f574db8ca97ccbaa109e4 |
| SHA256 | bc08eabb8b11b7693ac5de4db4d787ae31fdc9f29f6020536c838793bb2d4438 |
| SHA512 | 09116cfc89e16c0cb104e13292976fe8cb97131f309228fd6488a13d2afff4b902ed490f12cb633be232654ceadaee00f23cbe6206677e61c0a9642c72486c4e |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\unconfirm.ini
| MD5 | 43f3186fb707f6d3b7f1e1e18ba92efc |
| SHA1 | e7bf6f489b59c3b43e28f2ef641a40b84aff4a08 |
| SHA256 | 0635f0f643336254dbd698d55a6dee78fd08b74fef4e228397b06d9524bca9fe |
| SHA512 | 5e69f20c72db8bd8047c1bf3eecc57537016ac8b52e33697932197ce5998587caca16bb0322320273e210da45665c8c750a4b182e6a25122642f9de706eba19e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\db\data.safe.tmp
| MD5 | 5a72184df9a79979f67f13a261536366 |
| SHA1 | 2bc22d6ddc2bf092af68b3ac46817a47d1669172 |
| SHA256 | 1a5f2f87330edd9f05bb8f3ccf4849c021e74f0eb1e9dd4d1edbcf889f4cf1bd |
| SHA512 | 733873f462926afe7d614b458c4ccf092f3aea2c0d77814001c0eb91ab0f3800d08100a68b20a1ee2404db4eb0f96ea4b072613032875580e96e38bf4a41f3d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\pending_pings\8189a82f-985f-47c4-9afd-ddbaa0caa474
| MD5 | cdc8af46a494a780ca96e29cbfbb1de8 |
| SHA1 | 3e8c284444893cd38290cfffc50bb62a3dfd17ce |
| SHA256 | 1016b6c55b84600f80cc3a69a5698440f8ac7fdab1568c90265c0f26cdebdb07 |
| SHA512 | d9bac60db96cbab6b908f948fcf00a2fa50d6b9c5a16143de86c85b9559e5fa35eba5d28a5e3c62d5bc9311ece5899657a75c39955de838f75113713314a0738 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\pending_pings\235b804e-efcc-4856-a3ad-ab4244e275f5
| MD5 | c85a0653740c1ee326b7816aabfa8009 |
| SHA1 | 186479e99a83ef8c45271257eead21499b11edd3 |
| SHA256 | cb032d9af504c126004695c7783e6853e694a4451190ad690478f0f1bae31c9a |
| SHA512 | 57dc30b062b1389c3ee95207456c619fbcbf864735e47d589396481e524487979819d66d334a101ab46961b7a86a9e2fb709671056331ca0488678a93d08eefd |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ShellLink.dll
| MD5 | fa94d120efb029b43217c66bbc8c650c |
| SHA1 | 1fcf2d76adf69b403b7400681ac91d50ed20385f |
| SHA256 | 5f6f414b412c72b10f49eb92af1d368ede531b58fb200d539fd2b45e371612db |
| SHA512 | 07ed0771d5bbb651ea7421a5f6b08fa234f9cc041315d9360a7135ba12180064fc99a27725385a8ecd3ceb25bed5c00de169f7dabb3ccf6e987f45254dff8158 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ApplicationID.dll
| MD5 | fdc0338e6faeaf6f7c271982e103473b |
| SHA1 | 9a41f7932abe8be7e32c6371f085cf14de355d00 |
| SHA256 | a9dad9fdaae93d10dc2ee346b231913445e731049554b8bb1506827e46f8a44e |
| SHA512 | a766eef11db4c94b1445d1cd70cf1d3b6141d6b3973562e9fa8d81c79195886b884dbc9b9f6952f8a6e8619534a6bf2d615d539d2cace9c8843dc19415051cc0 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini
| MD5 | 0617368de5766e73a0292367fe52abb4 |
| SHA1 | 2f3d95cff69d60fca30fb52258b8ba6e23ec3a2d |
| SHA256 | 75d606e92803767f6e56b5933578b78bf3653cc137bcd998cd4a0d5dd81ee09f |
| SHA512 | 6fef49610742ff398b4239c24c382e357b556977dd06cac944b65574e94c258df93ae57c00b93524348e55bb29b8294dd8a644dc88aa14c20e466990b442e279 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini
| MD5 | f426cd5d67bde1d751dddecc4396b794 |
| SHA1 | 8ec2ca48e37d9b7838b9ff5d78a44d438dd97ce4 |
| SHA256 | 330c7bfad46b0faa0b8efbb8cb6c07aa0a98555429280afff18a054e2bf694f0 |
| SHA512 | c675ead211948ae2609a11087bfb67cd24b7e3c9a91311aacad68f0c900b20abcb1a5e399226001a675a16eb10e65c863b7034a814edd0dfe1d2b7211c5b15ca |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\liteFirewallW.dll
| MD5 | f31ba98a8d87faba153eea134968c854 |
| SHA1 | da0865cc1a86a39367f22897e1f9fbf4fb1f804f |
| SHA256 | 708fb54cffb6aea3547fc5ac745d1435ecc814df563bef59ba7a94f57d082bbb |
| SHA512 | d991a2dd5ef537b25898afd7b7e73274a3cb8e6f5fca1621af22ee2761b82baf220aecb0c84434566742e2ab00b2f57a3740ce9831e76d4e1829bac3e044c8e9 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\unconfirm.ini
| MD5 | b94b690867427cd0168a19c112fbf507 |
| SHA1 | dcd877ce5c31dd3fcbe330b5221f5ceb28552026 |
| SHA256 | e6d3ab1d9034d192b644463fbffd53dedb594e8b1c934d9e33a4c65dff54afc4 |
| SHA512 | eb981201d861ccd4b5ea834aa4c5a7f371998a5c6695bf233d07e2bbec4918ebcafd7b1f057cfcf34cc58526075314a3ed87b6275b728f694fd9e9a7f00cf4ee |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\nsExec.dll
| MD5 | 0e584c7120bd474c616013c58d51dc6b |
| SHA1 | 0bc980892341b52985d92fb3d8fbb6be77951935 |
| SHA256 | 7fb626aa05bee1095633a75aeb7895ebd816a98e0aa1581a0154e4c196de5391 |
| SHA512 | aa3a471b3f33c3ffdbe1b1e3c1e5d04367bcab3c16049396a8dd12c5a8317e4b153761f74f39b756dd4fb1806aedc4f1bb38bfbc12f16480eed3fd3087a0d157 |
C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\Banner.dll
| MD5 | 2b3f617f22f70710aaf7f27efab15c40 |
| SHA1 | 66c2397748b46c0aa03f0de1d3b1ef0598512f7c |
| SHA256 | 2393ee61dff10c520fea62b5d6dc1c3a559fcad55f5cf15b22e1f408692a35f8 |
| SHA512 | 69295601e8c20a97b512a99afec2609997b589d46a507b2738a6c974ee5b68bde0e56fce150ab1fc4355aa561e8125335378a9c648bbc533bc5b44de1b85b3e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 16c43c286dc66bef5dff104464bb8f43 |
| SHA1 | 3a0adf444fd2fe7ceae4124ce0150cbc6b27c249 |
| SHA256 | 73fd1c140c44c75fe08e446c582ecb1553ce2d54e8c543cc186e0b927da28a17 |
| SHA512 | 7bc77756a0c71394e79cfbbccd08974cefe0299fae49bfceb91434d942e658a15478d43169b46b77b0a537a9a1242086e69e1ee9b4dddfcfaedfc29d69ab0283 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 16d93502f4b2e5243f987ae49d051200 |
| SHA1 | 95490db310297b8a044fec27357552f7a1fd470d |
| SHA256 | f3fa5b907c1cec8b3593626fa67c920175ae5bf8062c1c547e26996766528f74 |
| SHA512 | 5f7d0609a007538499f6c71eae19ee0c2289936b0c06d022c67e4b5e4895ab0408ab8164c0547a0febf9d796a6787c6875276da98208b7c9f9b579388e17a737 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf
| MD5 | e68dc41937e75b392b26998acb2d09be |
| SHA1 | b3ffd33f790eb21b8bae1c6c8f93c85765fc4e91 |
| SHA256 | e4b53b7fdd39514df81e6bb419cb980f00cbb8c95cd421f17cb702faf18af513 |
| SHA512 | 68eb5da95eca580e9d3040ea91717300e810e26cfed80f0765c2edc2e983d102671c358792c72c680f9a621304cfa542bb116cac9f6f1dc2fa28e39201210425 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9c974ebd4a66125bfa0a1d449aae8fba |
| SHA1 | e0076b3f148e69f9c233d5a888e9e04f261d5dbc |
| SHA256 | 0d9d2a71f76d63f1d48ae68a6177880c26832de6197373c8006540fbb13657b2 |
| SHA512 | 0ba4650fb7638133bed6713048d5571a14e8334c5d2f1915e0c9b8c090a1932bad8dc4899f760616af664f1e5ed6a3bc1687294b355bdccf1e35cb98f2b86908 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 677ff2d3439da61d836f3e09951467b2 |
| SHA1 | 031433dfe1686fccd030ef3e58e39e66c0469dbe |
| SHA256 | 98a268464b3f0dfe2d5a12ba02b8116a1a352f14af8e8bceecaccb6cc0790ca7 |
| SHA512 | b54e08e2e27395924720380f5f79d96b7ac72752fab9b8820930c58c23523ac76810838a59594692cefbe9fb4018e5afd73f4c292a1c67fb90f6ad3cbc63fdf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5adb122eee4bb10b8410091d664bf847 |
| SHA1 | 74f61785edd60275fbbe35bfb49e94005c9ac943 |
| SHA256 | ab602b460d77325fb0f0d6ab46c97c1deb147b0c0deb4b1030ac1640d65120e4 |
| SHA512 | 1c0694ecb7e2e1d686aa5875d0ea02279ec49f04b95d9de63168ba4310ad7cfa084ec3e4b475a319c4130ec034837f170107d10492ec40ff53e7e57e65bf3c9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 876d29bab8e20254d8274acb665419a4 |
| SHA1 | b7b78f2dd49f4645ff779a7dea5dea21d94496cb |
| SHA256 | 2e46ebf2040bee486aace7baaa25191d2070d960efc142eff75a4a9b38caac2d |
| SHA512 | a20a6e7da8f6a4e4dc0bcc1c7c0afa0ff9a303ee6aea75c5c41fcbda228ac2f19450b2a9264f43569211f3ec79b5b3fbe42b7df2aeff922bdbca8e0f2fa1d0e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 97d9ae982a0a1fa790bf3b1db0391f1b |
| SHA1 | 98604c5a9225419a7202f51b0cde3af8238ec559 |
| SHA256 | b98481dbbe06e8742a0118f19ea7f03664fea3e9b84858d2182429ad4295297a |
| SHA512 | 85010d296cb0a6bfe39bd405c74c4186ae6dc9b19e3c2dd159a2c012051e1f28051d6e0f8ed18ab859370db4cfdcb843339d2f8f6ab88c75ea1c11c321c719c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fd
| MD5 | ca261859ecbe65a1179e4357f1178f2d |
| SHA1 | e90ec7d9cda1fbcfeeba505caa26a931d803bead |
| SHA256 | 79af6556f47b1d878d3781041d50715046c3d5dd27d50fab76c1b4a103995fd3 |
| SHA512 | 81578ad6934a4d8917ad48295e01ff671da9e704b24897a9c9f2eb4e7a4519ebbd64d849ba7ebb964249cb6659361ea8f0f2d8f9f4998c1dd526be4c93aff0cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 97a59235834c0c26d629f7e9309a06e7 |
| SHA1 | f715cf024495dd10638c38163347751f2412e3b6 |
| SHA256 | 43623a6dbf2c48e98e17c59d9a9a347cad337964410d36e8292230aeb2bf3ea8 |
| SHA512 | 04429c07d3f51787b568ebbf48abef927cde2ee346447a744bb66e6681759b343b33d8b0220a73b6d97e232e2101f5d51ff8c648427fc4d83d8b12ae4dda8bd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f3998942a29d0b7fcc4037d815d62b2e |
| SHA1 | 23f9d2fe276319638f8d697acf683b9e7cdcc943 |
| SHA256 | c29ba127708b43e2b8b8069bcd4db434d202bde0991858a25abdf17a6cbd9c43 |
| SHA512 | 453ced9bbb39622d83da9d1adc22729ea2a0cebb47d28da1894bf53a6cbb273e0ac3a159ca2f077ed04c457ef54bafa26aee4cc5ee7549a30b69a82884ee6555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 809f397490b299e76a3129f83fef6f4a |
| SHA1 | 3b39dc632ae4b9aaeaf26247ecd28accfe58159f |
| SHA256 | be409b0a812a0a11b5c8364d0b63dc725fb4ecf5c8c896eb8b5b8b52c731259e |
| SHA512 | 1551e231217db3d0e9f85ee9ab9537872e905488f9c9f21ed88ce8e144920494becf600aa516980f2e1e9a2ba602025c052e202ee73ffbd33a2cd5235fda27e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cdbd0c245d68c209f42333b33f8ace76 |
| SHA1 | d7d08a8938df3318ffd585955df5eab7f6e69ccc |
| SHA256 | ce9be29fb2b2a2c5ab8b8695aa7de580f09facfb8f1d7b829ed1c4cc504c26c5 |
| SHA512 | a7d517a9ab75e6b4efe4f4ce0a0b07d103b66c2c9a653b1b875dfbae68d86e18475f9de1208bf21c9a61948d39b9067be194f26f1c42a2ce99f82805196a47da |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\PreSignInSettingsConfig.json
| MD5 | e516a60bc980095e8d156b1a99ab5eee |
| SHA1 | 238e243ffc12d4e012fd020c9822703109b987f6 |
| SHA256 | 543796a1b343b4ebc0285d89cb8eb70667ac7b513da37495e38003704e9d88d7 |
| SHA512 | 9b51e99ba20e9da56d1acc24a1cf9f9c9dbdeb742bec034e0ff2bc179a60f4aff249f40344f9ddd43229dcdefa1041940f65afb336d46c175ffeff725c638d58 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\T8J0KUQ8\update100[1].xml
| MD5 | 53244e542ddf6d280a2b03e28f0646b7 |
| SHA1 | d9925f810a95880c92974549deead18d56f19c37 |
| SHA256 | 36a6bd38a8a6f5a75b73caffae5ae66dfabcaefd83da65b493fa881ea8a64e7d |
| SHA512 | 4aa71d92ea2c46df86565d97aac75395371d3e17877ab252a297b84dca2ab251d50aaffc62eab9961f0df48de6f12be04a1f4a2cbde75b9ae7bcce6eb5450c62 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
| MD5 | fb4aa59c92c9b3263eb07e07b91568b5 |
| SHA1 | 6071a3e3c4338b90d892a8416b6a92fbfe25bb67 |
| SHA256 | e70e80dbbc9baba7ddcee70eda1bb8d0e6612dfb1d93827fe7b594a59f3b48b9 |
| SHA512 | 60aabbe2fd24c04c33e7892eab64f24f8c335a0dd9822eb01adc5459e850769fc200078c5ccee96c1f2013173bc41f5a2023def3f5fe36e380963db034924ace |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\setup\logs\DeviceHealthSummaryConfiguration.ini
| MD5 | 77de2ae2528ab228391c43cf41e90e90 |
| SHA1 | ca4b17cf4df37e0f448f65f410b85b889e0cecb3 |
| SHA256 | 355820173d9008a16dab77365b5036272f39b66184d375235c097ff5460be6fd |
| SHA512 | 8fdd259174e22b01946aba090cdd598b0e57c609a43bc32f9eb4efbe1ae7e3dd8f89be28136a2c7635420de6ca51feb90abf4ef3461a36c759ea5a056625b9ee |
C:\Users\Admin\AppData\Local\Temp\tmp7DBB.tmp
| MD5 | 5b16ef80abd2b4ace517c4e98f4ff551 |
| SHA1 | 438806a0256e075239aa8bbec9ba3d3fb634af55 |
| SHA256 | bbc70091b3834af5413b9658b07269badd4cae8d96724bf1f7919f6aab595009 |
| SHA512 | 69a22b063ab92ca7e941b826400c62be41ae0317143387c8aa8c727b5c9ee3528ddd4014de22a2a2e2cbae801cb041fe477d68d2684353cdf6c83d7ee97c43d4 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini
| MD5 | cc04d6015cd4395c9b980b280254156e |
| SHA1 | 87b176f1330dc08d4ffabe3f7e77da4121c8e749 |
| SHA256 | 884d272d16605590e511ae50c88842a8ce203a864f56061a3c554f8f8265866e |
| SHA512 | d3cb7853b69649c673814d5738247b5fbaaae5bb7b84e4c7b3ff5c4f1b1a85fc7261a35f0282d79076a9c862e5e1021d31a318d8b2e5a74b80500cb222642940 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.exe
| MD5 | c2938eb5ff932c2540a1514cc82c197c |
| SHA1 | 2d7da1c3bfa4755ba0efec5317260d239cbb51c3 |
| SHA256 | 5d8273bf98397e4c5053f8f154e5f838c7e8a798b125fcad33cab16e2515b665 |
| SHA512 | 5deb54462615e39cf7871418871856094031a383e9ad82d5a5993f1e67b7ade7c2217055b657c0d127189792c3bcf6c1fcfbd3c5606f6134adfafcccfa176441 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-150.png
| MD5 | 771bc7583fe704745a763cd3f46d75d2 |
| SHA1 | e38f9d7466eefc6d3d2aaa327f1bd42c5a5c7752 |
| SHA256 | 36a6aad9a9947ab3f6ac6af900192f5a55870d798bca70c46770ccf2108fd62d |
| SHA512 | 959ea603abec708895b7f4ef0639c3f2d270cfdd38d77ac9bab8289918cbd4dbac3c36c11bb52c6f01b0adae597b647bb784bba513d77875979270f4962b7884 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-125.png
| MD5 | b83ac69831fd735d5f3811cc214c7c43 |
| SHA1 | 5b549067fdd64dcb425b88fabe1b1ca46a9a8124 |
| SHA256 | cbdcf248f8a0fcd583b475562a7cdcb58f8d01236c7d06e4cdbfe28e08b2a185 |
| SHA512 | 4b2ee6b3987c048ab7cc827879b38fb3c216dab8e794239d189d1ba71122a74fdaa90336e2ea33abd06ba04f37ded967eb98fd742a02463b6eb68ab917155600 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-100.png
| MD5 | 72747c27b2f2a08700ece584c576af89 |
| SHA1 | 5301ca4813cd5ff2f8457635bc3c8944c1fb9f33 |
| SHA256 | 6f028542f6faeaaf1f564eab2605bedb20a2ee72cdd9930bde1a3539344d721b |
| SHA512 | 3e7f84d3483a25a52a036bf7fd87aac74ac5af327bb8e4695e39dada60c4d6607d1c04e7769a808be260db2af6e91b789008d276ccc6b7e13c80eb97e2818aba |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-200.png
| MD5 | 09773d7bb374aeec469367708fcfe442 |
| SHA1 | 2bfb6905321c0c1fd35e1b1161d2a7663e5203d6 |
| SHA256 | 67d1bb54fcb19c174de1936d08b5dbdb31b98cfdd280bcc5122fb0693675e4f2 |
| SHA512 | f500ea4a87a24437b60b0dc3ec69fcc5edbc39c2967743ddb41093b824d0845ffddd2df420a12e17e4594df39f63adad5abb69a29f8456fed03045a6b42388bc |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-400.png
| MD5 | e01cdbbd97eebc41c63a280f65db28e9 |
| SHA1 | 1c2657880dd1ea10caf86bd08312cd832a967be1 |
| SHA256 | 5cb8fd670585de8a7fc0ceede164847522d287ef17cd48806831ea18a0ceac1f |
| SHA512 | ffd928e289dc0e36fa406f0416fb07c2eb0f3725a9cdbb27225439d75b8582d68705ec508e3c4af1fc4982d06d70ef868cafbfc73a637724dee7f34828d14850 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-125.png
| MD5 | 8347d6f79f819fcf91e0c9d3791d6861 |
| SHA1 | 5591cf408f0adaa3b86a5a30b0112863ec3d6d28 |
| SHA256 | e8b30bfcee8041f1a70e61ca46764416fd1df2e6086ba4c280bfa2220c226750 |
| SHA512 | 9f658bc77131f4ac4f730ed56a44a406e09a3ceec215b7a0b2ed42d019d8b13d89ab117affb547a5107b5a84feb330329dc15e14644f2b52122acb063f2ba550 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-100.png
| MD5 | 19876b66df75a2c358c37be528f76991 |
| SHA1 | 181cab3db89f416f343bae9699bf868920240c8b |
| SHA256 | a024fc5dbe0973fd9267229da4ebfd8fc41d73ca27a2055715aafe0efb4f3425 |
| SHA512 | 78610a040bbbb026a165a5a50dfbaf4208ebef7407660eea1a20e95c30d0d42ef1d13f647802a2f0638443ae2253c49945ebe018c3499ddbf00cfdb1db42ced1 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-150.png
| MD5 | de5ba8348a73164c66750f70f4b59663 |
| SHA1 | 1d7a04b74bd36ecac2f5dae6921465fc27812fec |
| SHA256 | a0bbe33b798c3adac36396e877908874cffaadb240244095c68dff840dcbbf73 |
| SHA512 | 85197e0b13a1ae48f51660525557cceaeed7d893dd081939f62e6e8921bb036c6501d3bb41250649048a286ff6bac6c9c1a426d2f58f3e3b41521db26ef6a17c |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png
| MD5 | f4e9f958ed6436aef6d16ee6868fa657 |
| SHA1 | b14bc7aaca388f29570825010ebc17ca577b292f |
| SHA256 | 292cac291af7b45f12404f968759afc7145b2189e778b14d681449132b14f06b |
| SHA512 | cd5d78317e82127e9a62366fd33d5420a6f25d0a6e55552335e64dc39932238abd707fe75d4f62472bc28a388d32b70ff08b6aa366c092a7ace3367896a2bd98 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png
| MD5 | 552b0304f2e25a1283709ad56c4b1a85 |
| SHA1 | 92a9d0d795852ec45beae1d08f8327d02de8994e |
| SHA256 | 262b9a30bb8db4fc59b5bc348aa3813c75e113066a087135d0946ad916f72535 |
| SHA512 | 9559895b66ef533486f43274f7346ad3059c15f735c9ce5351adf1403c95c2b787372153d4827b03b6eb530f75efcf9ae89db1e9c69189e86d6383138ab9c839 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png
| MD5 | 3c29933ab3beda6803c4b704fba48c53 |
| SHA1 | 056fe7770a2ba171a54bd60b3c29c4fbb6d42f0c |
| SHA256 | 3a7ef7c0bda402fdaff19a479d6c18577c436a5f4e188da4c058a42ef09a7633 |
| SHA512 | 09408a000a6fa8046649c61ccef36afa1046869506f019f739f67f5c1c05d2e313b95a60bd43d9be882688df1610ad7979dd9d1f16a2170959b526ebd89b8ef7 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png
| MD5 | 22e17842b11cd1cb17b24aa743a74e67 |
| SHA1 | f230cb9e5a6cb027e6561fabf11a909aa3ba0207 |
| SHA256 | 9833b80def72b73fca150af17d4b98c8cd484401f0e2d44320ecd75b5bb57c42 |
| SHA512 | 8332fc72cd411f9d9fd65950d58bf6440563dc4bd5ce3622775306575802e20c967f0ee6bab2092769a11e2a4ea228dab91a02534beeb8afde8239dd2b90f23a |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png
| MD5 | 2c7a9e323a69409f4b13b1c3244074c4 |
| SHA1 | 3c77c1b013691fa3bdff5677c3a31b355d3e2205 |
| SHA256 | 8efeacefb92d64dfb1c4df2568165df6436777f176accfd24f4f7970605d16c2 |
| SHA512 | 087c12e225c1d791d7ad0bf7d3544b4bed8c4fb0daaa02aee0e379badae8954fe6120d61fdf1a11007cbcdb238b5a02c54f429b6cc692a145aa8fbd220c0cb2d |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-200.png
| MD5 | f1c75409c9a1b823e846cc746903e12c |
| SHA1 | f0e1f0cf35369544d88d8a2785570f55f6024779 |
| SHA256 | fba9104432cbb8ebbd45c18ef1ba46a45dd374773e5aa37d411bb023ded8efd6 |
| SHA512 | ed72eb547e0c03776f32e07191ce7022d08d4bcc66e7abca4772cdd8c22d8e7a423577805a4925c5e804ed6c15395f3df8aac7af62f1129e4982685d7e46bd85 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-400.png
| MD5 | e593676ee86a6183082112df974a4706 |
| SHA1 | c4e91440312dea1f89777c2856cb11e45d95fe55 |
| SHA256 | deb0ec0ee8f1c4f7ea4de2c28ff85087ee5ff8c7e3036c3b0a66d84bae32b6bb |
| SHA512 | 11d7ed45f461f44fa566449bb50bcfce35f73fc775744c2d45ea80aeb364fe40a68a731a2152f10edc059dea16b8bab9c9a47da0c9ffe3d954f57da0ff714681 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-200.png
| MD5 | 13e6baac125114e87f50c21017b9e010 |
| SHA1 | 561c84f767537d71c901a23a061213cf03b27a58 |
| SHA256 | 3384357b6110f418b175e2f0910cffe588c847c8e55f2fe3572d82999a62c18e |
| SHA512 | 673c3bec7c2cd99c07ebfca0f4ab14cd6341086c8702fe9e8b5028aed0174398d7c8a94583da40c32cd0934d784062ad6db71f49391f64122459f8bb00222e08 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-150.png
| MD5 | a23c55ae34e1b8d81aa34514ea792540 |
| SHA1 | 3b539dfb299d00b93525144fd2afd7dd9ba4ccbf |
| SHA256 | 3df4590386671e0d6fee7108e457eb805370a189f5fdfeaf2f2c32d5adc76abd |
| SHA512 | 1423a2534ae71174f34ee527fe3a0db38480a869cac50b08b60a2140b5587b3944967a95016f0b00e3ca9ced1f1452c613bb76c34d7ebd386290667084bce77d |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-125.png
| MD5 | d03b7edafe4cb7889418f28af439c9c1 |
| SHA1 | 16822a2ab6a15dda520f28472f6eeddb27f81178 |
| SHA256 | a5294e3c7cd855815f8d916849d87bd2357f5165eb4372f248fdf8b988601665 |
| SHA512 | 59d99f0b9a7813b28bae3ea1ae5bdbbf0d87d32ff621ff20cbe1b900c52bb480c722dd428578dea5d5351cc36f1fa56b2c1712f2724344f026fe534232812962 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-100.png
| MD5 | 57a6876000151c4303f99e9a05ab4265 |
| SHA1 | 1a63d3dd2b8bdc0061660d4add5a5b9af0ff0794 |
| SHA256 | 8acbdd41252595b7410ca2ed438d6d8ede10bd17fe3a18705eedc65f46e4c1c4 |
| SHA512 | c6a2a9124bc6bcf70d2977aaca7e3060380a4d9428a624cc6e5624c75ebb6d6993c6186651d4e54edf32f3491d413714ef97a4cdc42bae94045cd804f0ad7cba |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-400.png
| MD5 | adbbeb01272c8d8b14977481108400d6 |
| SHA1 | 1cc6868eec36764b249de193f0ce44787ba9dd45 |
| SHA256 | 9250ef25efc2a9765cf1126524256fdfc963c8687edfdc4a2ecde50d748ada85 |
| SHA512 | c15951cf2dc076ed508665cd7dac2251c8966c1550b78549b926e98c01899ad825535001bd65eeb2f8680cd6753cd47e95606ecf453919f5827ed12bca062887 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-100.png
| MD5 | 1f156044d43913efd88cad6aa6474d73 |
| SHA1 | 1f6bd3e15a4bdb052746cf9840bdc13e7e8eda26 |
| SHA256 | 4e11167708801727891e8dd9257152b7391fc483d46688d61f44b96360f76816 |
| SHA512 | df791d7c1e7a580e589613b5a56ba529005162d3564fffd4c8514e6afaa5eccea9cea9e1ac43bd9d74ee3971b2e94d985b103176db592e3c775d5feec7aac6d1 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-125.png
| MD5 | 09f3f8485e79f57f0a34abd5a67898ca |
| SHA1 | e68ae5685d5442c1b7acc567dc0b1939cad5f41a |
| SHA256 | 69e432d1eec44bed4aad35f72a912e1f0036a4b501a50aec401c9fa260a523e3 |
| SHA512 | 0eafeaf735cedc322719049db6325ccbf5e92de229cace927b78a08317e842261b7adbda03ec192f71ee36e35eb9bf9624589de01beaec2c5597a605fc224130 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-150.png
| MD5 | ed306d8b1c42995188866a80d6b761de |
| SHA1 | eadc119bec9fad65019909e8229584cd6b7e0a2b |
| SHA256 | 7e3f35d5eb05435be8d104a2eacf5bace8301853104a4ea4768601c607ddf301 |
| SHA512 | 972a42f7677d57fcb8c8cb0720b21a6ffe9303ea58dde276cfe2f26ee68fe4cc8ae6d29f3a21a400253de7c0a212edf29981e9e2bca49750b79dd439461c8335 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-200.png
| MD5 | d9d00ecb4bb933cdbb0cd1b5d511dcf5 |
| SHA1 | 4e41b1eda56c4ebe5534eb49e826289ebff99dd9 |
| SHA256 | 85823f7a5a4ebf8274f790a88b981e92ede57bde0ba804f00b03416ee4feda89 |
| SHA512 | 8b53dec59bba8b4033e5c6b2ff77f9ba6b929c412000184928978f13b475cd691a854fee7d55026e48eab8ac84cf34fc7cb38e3766bbf743cf07c4d59afb98f4 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Resources.pri
| MD5 | 7473be9c7899f2a2da99d09c596b2d6d |
| SHA1 | 0f76063651fe45bbc0b5c0532ad87d7dc7dc53ac |
| SHA256 | e1252527bc066da6838344d49660e4c6ff2d1ddfda036c5ec19b07fdfb90c8c3 |
| SHA512 | a4a5c97856e314eedbad38411f250d139a668c2256d917788697c8a009d5408d559772e0836713853704e6a3755601ae7ee433e07a34bd0e7f130a3e28729c45 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-400.png
| MD5 | 096d0e769212718b8de5237b3427aacc |
| SHA1 | 4b912a0f2192f44824057832d9bb08c1a2c76e72 |
| SHA256 | 9a0b901e97abe02036c782eb6a2471e18160b89fd5141a5a9909f0baab67b1ef |
| SHA512 | 99eb3d67e1a05ffa440e70b7e053b7d32e84326671b0b9d2fcfcea2633b8566155477b2a226521bf860b471c5926f8e1f8e3a52676cacb41b40e2b97cb3c1173 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.VisualElementsManifest.xml
| MD5 | 5ae2d05d894d1a55d9a1e4f593c68969 |
| SHA1 | a983584f58d68552e639601538af960a34fa1da7 |
| SHA256 | d21077ad0c29a4c939b8c25f1186e2b542d054bb787b1d3210e9cab48ec3080c |
| SHA512 | 152949f5b661980f33608a0804dd8c43d70e056ae0336e409006e764664496fef6e60daa09fecb8d74523d3e7928c0dbd5d8272d8be1cf276852d88370954adc |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDriveStandaloneUpdater.exe
| MD5 | 9cdabfbf75fd35e615c9f85fedafce8a |
| SHA1 | 57b7fc9bf59cf09a9c19ad0ce0a159746554d682 |
| SHA256 | 969fbb03015dd9f33baf45f2750e36b77003a7e18c3954fab890cddc94046673 |
| SHA512 | 348923f497e615a5cd0ed428eb1e30a792dea310585645b721235d48f3f890398ad51d8955c1e483df0a712ba2c0a18ad99b977be64f5ee6768f955b12a4a236 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe
| MD5 | 57bd9bd545af2b0f2ce14a33ca57ece9 |
| SHA1 | 15b4b5afff9abba2de64cbd4f0989f1b2fbc4bf1 |
| SHA256 | a3a4b648e4dcf3a4e5f7d13cc3d21b0353e496da75f83246cc8a15fada463bdf |
| SHA512 | d134f9881312ddbd0d61f39fd62af5443a4947d3de010fef3b0f6ebf17829bd4c2f13f6299d2a7aad35c868bb451ef6991c5093c2809e6be791f05f137324b39 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini
| MD5 | b0ea4a0dcac51dc1792835aa5282d0d2 |
| SHA1 | e4f08644a3f8698b5bed935811c069b2ab415d13 |
| SHA256 | 7379f715e7dabc67e74d9112863ddb0b0e42f5e2a8348452955c5dedc30ccbf3 |
| SHA512 | 195231c350ceb9b16cac2167827f9feab2427eb746c1bcdb1c35ac9e2cd5fa7fb56539c5ff12c0962eb052e8346abc7f10f41c5fe46f4c7406f60d651864b513 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 48bdcb266f69c7e6e311c6f324e3eda1 |
| SHA1 | e5ecbba603db4794747321a1f2bb0399760915bc |
| SHA256 | 4186b96dcecde88db79de1cf7a8ced84b6ab6537574f56930e96c9d22309196b |
| SHA512 | b796815d501c4c3eb3bc23dc8c93dd5b53c1b0326726c5d40a6e18b6dce9057e14b18cd22573335afea1cf78b46fecfe78432a0bd5b3070dfc4aec2aec387bec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 149156627178c3118bad440b08949fab |
| SHA1 | 3c5eec9817f1217d010c4dfa049a24a318256e09 |
| SHA256 | 5dde48aeaaadb0f747afc4aa0788b2ebf7c1bd6eab0366096b7b470eb015377c |
| SHA512 | 30ccc9f03079f8880be6ba97ca2180e76b6e090342f485e7c04a46a5caca9045d131857bad0e24030829c361f848f4280489d893be06c11eb9531be746d6c4fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 37effa50a7688440bf13c2b0ab5d3c21 |
| SHA1 | 6f4107d4c3991571e99e0722494db34c6e5d6164 |
| SHA256 | d60e4adc79acb912f284edfb5deb22a5f09ba500e43ce408102f0405cc9bac7a |
| SHA512 | 2fd6aab4622dd0729c536397112724415f6ec094a1033da9bf12357c77dfde777b765e76367c070d51b3e3e4ff4652c7ac285612d1a68f8789540c1a60347532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 229a70c1406b85372ad72bcade7b0add |
| SHA1 | f3b596d140c08d0558c5ea68539c13e89d520005 |
| SHA256 | ad68eda1d167bb004a7f3becaf5bb1d937f1dee7f480a3ac36c1c3b27d74a973 |
| SHA512 | 7c521a2a53f48e369693a8ee476481fffe24fc2679fde27c7ce92b73f59f5be25f491ba2b4f15610a3b5f8d20851b6823b26fbaf3a095be27dbbc743619a3031 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 55de3677d5d04aba4f700a772d12f897 |
| SHA1 | f7bb1fe9154e1df758240b109ddf5d377f42863f |
| SHA256 | e0b76e0d4fd1ab52d3ef58b8f92a5f392450f57117bd91278ab1e5ae724793a1 |
| SHA512 | 529526e16171dab2bf190f510c1a715b9df0f419997b61eb033cc7fe292b10544af252a7f0951da40203068168e6c087f9f39d728e28097247fa28bbb2275fed |
memory/6664-5995-0x000001E6634B0000-0x000001E6635B0000-memory.dmp
memory/6664-5994-0x000001E6634B0000-0x000001E6635B0000-memory.dmp
memory/6664-5993-0x000001E6634B0000-0x000001E6635B0000-memory.dmp
memory/6664-6167-0x000001E678C60000-0x000001E678C80000-memory.dmp
memory/6664-6234-0x000001E678CA0000-0x000001E678DA0000-memory.dmp
memory/6664-6271-0x000001E67BBA0000-0x000001E67BCA0000-memory.dmp
memory/6664-6272-0x000001E67BBA0000-0x000001E67BCA0000-memory.dmp
memory/6664-6267-0x000001E67B3C0000-0x000001E67B3E0000-memory.dmp
memory/6664-6285-0x000001E67BDF0000-0x000001E67BEF0000-memory.dmp
memory/6664-6326-0x000001E67BF40000-0x000001E67C040000-memory.dmp
memory/6664-6493-0x000001E67D580000-0x000001E67D680000-memory.dmp
memory/6664-6496-0x000001E67D580000-0x000001E67D680000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\GFS85U36\account.live[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
memory/6664-6695-0x000001E67E100000-0x000001E67E200000-memory.dmp
memory/6664-6776-0x000001E67F840000-0x000001E67F860000-memory.dmp
memory/6664-7243-0x000001E67D200000-0x000001E67D220000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 00e01639a0b901252fe6de5e3fdead87 |
| SHA1 | 5f423040a3091779b309b23f5f356488e98f1d74 |
| SHA256 | d682ee3769816ff4d3677f602f8cda40ee00ef2b50148714cd8b0bb7f343f8ea |
| SHA512 | 6d2121cedd075afb6e313b5a8e421c391524b66e3a568361a204aac493c2065eb71e1a6b7959da460144ec4548c37aad630becea7e134402e7d057e4afbfbc53 |
memory/6664-7364-0x000001E67CFD0000-0x000001E67CFF0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7574d392ab355e68442a89a7bfd328a |
| SHA1 | 9430fd3d0ff020a27d93ea6e349c2c34b8011727 |
| SHA256 | f53eaa3710c844f6d95f60e983c6c104c0355d69aa53be0ff83afa6266f4b320 |
| SHA512 | fc1ed00cb56c67638f39273711565df4fc18fc2f1df9f0945c2fbbf2a8e25613f984c018830c2a2949b72a9eee1a86e428c2f62401f57fa30b36c612e415098b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1b03be8073b7bf0611ca7bcd871885d0 |
| SHA1 | eb95fe1a5c50050df8b09963a5d83673a20c6e36 |
| SHA256 | 17a3b7252e14b56aeae76217876089d69a8becb8a9d228d60702ae158b79f32d |
| SHA512 | b142fa6562b6bcb9ba3ad37dc308d0785cc0195c291f7fa4f764eeb0d27d61d25f2a690fbd10b0803d734a280fa23b9008f90b0b1c6bc4a4989ffc2accd4cab8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fc54a89f02c84e9f0d862a2dc8b638aa |
| SHA1 | a71b40f4f666b4186a20abac8d7def1460e7a920 |
| SHA256 | d1ad91eae78b164faf2a56e3a7fbc8f561cb4b7ec8934f6084af457571e062b7 |
| SHA512 | fb7416991bdf1952cd459e7979b834df989252d35b648cdf5b125b7fe6b283ae5337aa9470d4dd4cdda1ff46999c5fc6fba375d2db154ece3643cc40cd3883d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cdb8440636a757e3c6f6d138c6c2fde5 |
| SHA1 | df655b0b3b8edf585a0cfb4375b16f17d9bbf166 |
| SHA256 | 4fb02aaf708bf80641931dcc032b7930a7186c0e6f9e562402ae5bf257e85304 |
| SHA512 | 59db2211a34fe85b583ba39102b03808f8259d2a4f19a2456fb46be0ea1957dffd611a0cb739ef291ced60fe62e4548dd8234c63fefefd3340599db1c71ae608 |