Analysis Overview
Threat Level: Likely malicious
The file https://chromewebstore.google.com/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi?hl=es-419 was found to be: Likely malicious.
Malicious Activity Summary
Possible privilege escalation attempt
Downloads MZ/PE file
Executes dropped EXE
Modifies file permissions
Loads dropped DLL
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Checks installed software on the system
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Uses Volume Shadow Copy service COM API
Checks SCSI registry key(s)
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
NTFS ADS
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-14 15:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-14 15:45
Reported
2024-10-14 15:51
Platform
win11-20241007-es
Max time kernel
308s
Max time network
310s
Command Line
Signatures
Downloads MZ/PE file
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
Checks installed software on the system
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\themeui.dll.backup | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File created | C:\Windows\System32\uxinit.dll.new | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File opened for modification | C:\Windows\system32\uxinit.dll.old | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File created | C:\Windows\System32\themeui.dll.backup | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File opened for modification | C:\Windows\system32\themeui.dll.new | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File opened for modification | C:\Windows\system32\themeui.dll.old | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File created | C:\Windows\System32\uxinit.dll.backup | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File opened for modification | C:\Windows\system32\uxinit.dll.new | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| File created | C:\Windows\System32\themeui.dll.new | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\UltraUXThemePatcher\Uninstall.exe | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\INF\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 000000000400000097e32746e391c5270000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff00000000270101000008000097e327460000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff00000000070001000068090097e32746000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d97e32746000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000097e3274600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "183" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133733943601990006" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://chromewebstore.google.com/detail/hack-tools/cmbndhnoonmghfofefkcccljbkdpamhi?hl=es-419
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffa6b38cc40,0x7ffa6b38cc4c,0x7ffa6b38cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1784,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1776 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2012 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2132 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4340,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4336 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4324,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4492 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4632,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4528,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4592 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3088,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4452,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4352,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5168,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5340,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5504,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5640,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5612,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5760,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5368 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5404,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5628 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5784,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5872,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5208,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6036,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3228,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3144,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4680,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5516 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5056,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4644,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=4692,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6308,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4656 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6408,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6448,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6600,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6724,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6988,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6996,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7164,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7188,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7476,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7864,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8068,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7716,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7824,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7488,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6568 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7512,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6488 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7960,i,15925263241583014313,13507842381556922353,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6572 /prefetch:8
C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe
"C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\system32\takeown.exe
"C:\Windows\system32\takeown.exe" /f "C:\Windows\system32\themeui.dll"
C:\Windows\system32\icacls.exe
"C:\Windows\system32\icacls.exe" "C:\Windows\system32\themeui.dll" /grant Admin:F
C:\Windows\system32\takeown.exe
"C:\Windows\system32\takeown.exe" /f "C:\Windows\system32\themeui.dll"
C:\Windows\system32\takeown.exe
"C:\Windows\system32\takeown.exe" /f "C:\Windows\system32\uxinit.dll"
C:\Windows\system32\icacls.exe
"C:\Windows\system32\icacls.exe" "C:\Windows\system32\uxinit.dll" /grant Admin:F
C:\Windows\system32\takeown.exe
"C:\Windows\system32\takeown.exe" /f "C:\Windows\system32\uxinit.dll"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3976855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | chromewebstore.google.com | udp |
| GB | 142.250.200.46:443 | chromewebstore.google.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.187.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | chromewebstore.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.46:443 | chromewebstore.google.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 35.211.148.231:443 | e2c49.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gvt2.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.14:443 | google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 104.21.1.188:443 | www.ultrauxthemepatcher.com | tcp |
| US | 104.21.1.188:443 | www.ultrauxthemepatcher.com | tcp |
| US | 172.67.152.83:443 | www.ultrauxthemepatcher.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.20.95.138:443 | secure.statcounter.com | tcp |
| US | 104.20.95.138:443 | secure.statcounter.com | udp |
| US | 104.21.75.251:443 | updov.com | tcp |
| US | 104.21.75.251:443 | updov.com | tcp |
| US | 104.21.75.251:443 | updov.com | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.129.181:443 | scripts.journeymv.com | tcp |
| US | 104.20.94.138:443 | secure.statcounter.com | tcp |
| US | 151.101.66.49:443 | api.grow.me | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 151.101.129.181:443 | scripts.journeymv.com | tcp |
| US | 151.101.129.181:443 | scripts.journeymv.com | tcp |
| US | 151.101.129.181:443 | scripts.journeymv.com | tcp |
| US | 151.101.130.49:443 | api.grow.me | tcp |
| US | 151.101.130.49:443 | api.grow.me | tcp |
| US | 151.101.130.49:443 | api.grow.me | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| BE | 74.125.206.154:443 | stats.g.doubleclick.net | tcp |
| US | 151.101.129.181:443 | scripts.journeymv.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| DE | 18.197.222.13:443 | exchange.journeymv.com | tcp |
| US | 151.101.65.181:443 | scripts.journeymv.com | tcp |
| US | 8.8.8.8:53 | 138.94.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.222.197.18.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | clients1.google.com | tcp |
| GB | 172.217.169.78:443 | clients1.google.com | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 104.21.40.41:443 | some.growplow.events | tcp |
| US | 104.21.40.41:443 | some.growplow.events | tcp |
| US | 172.67.164.44:443 | sda.fyi | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 104.21.40.41:443 | some.growplow.events | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 216.58.201.98:443 | partner.googleadservices.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 151.101.129.181:443 | scripts.adsbymediavine.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| DE | 18.195.63.146:443 | exchange.mediavine.com | tcp |
| NL | 18.239.69.109:443 | sync.intentiq.com | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 35.241.45.217:443 | pghub.io | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 18.239.83.98:443 | sb.scorecardresearch.com | tcp |
| NL | 18.239.83.67:443 | cdn.opecloud.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 172.217.169.78:443 | clients1.google.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| DE | 52.59.168.153:443 | pdmp.papi-public.eu-central-1.dmp.3lift.com | tcp |
| US | 52.5.223.116:443 | pdmp.dcapi.dmp.3lift.com | tcp |
| DE | 52.59.74.0:443 | exchange.adsbymediavine.com | tcp |
| NL | 18.238.243.122:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 18.239.88.34:443 | aax.amazon-adsystem.com | tcp |
| GB | 172.217.169.78:443 | clients1.google.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| GB | 2.23.204.244:443 | ads.pubmatic.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 18.239.18.44:443 | cs-rtb.minutemedia-prebid.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| GB | 2.17.4.21:443 | contextual.media.net | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 13.248.245.213:443 | eu-eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| DE | 18.193.235.168:443 | crb.kargo.com | tcp |
| IE | 54.72.226.164:443 | ice.360yield.com | tcp |
| IE | 34.255.21.89:443 | ads.yieldmo.com | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| IE | 54.73.12.34:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.45.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.74.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.168.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.88.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.223.5.52.in-addr.arpa | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 34.98.64.218:443 | eu-u.openx.net | udp |
| DE | 52.59.74.0:443 | exchange.adsbymediavine.com | tcp |
| GB | 2.17.5.216:443 | eus.rubiconproject.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| IE | 34.253.13.239:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| IE | 67.220.228.201:443 | aax-eu.amazon-adsystem.com | tcp |
| DK | 37.157.6.231:443 | c1.adform.net | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| IE | 34.241.151.18:443 | ap.lijit.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| IE | 67.220.228.201:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 34.12.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.226.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.21.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.5.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.13.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.228.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.151.241.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| IE | 54.77.205.105:443 | sync.crwdcntrl.net | tcp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| IE | 18.203.163.140:443 | cs.minutemedia-prebid.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 54.160.43.222:443 | sync.ipredictive.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| IE | 52.30.133.232:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.133.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| FR | 163.5.194.37:443 | prebid.a-mo.net | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| IE | 52.213.95.247:443 | ce.lijit.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 104.21.40.41:443 | some.growplow.events | udp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| DE | 130.61.243.57:443 | mhoefs.eu | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
Files
\??\pipe\crashpad_3592_ZMDICQHYAMUIRUWZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 33cc6dd071887b7573a0c4ea117febd1 |
| SHA1 | 3eba0e7e9476af0cc1e9f60f5b3838077d66c211 |
| SHA256 | 6630cc784083296c2587114b604aed8f2473aa3a4feb2ac6aeddd218fbbab1d9 |
| SHA512 | 652b55f148824f34e07b59245b70ca510f986e0d98071cbf089a1a44f1921010a4ea0fcae6d4f7592ac9d3149667f849888b436b28f556d21f65951448e40eaa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\769158c4-f91a-4807-bd42-3b1773de0287.tmp
| MD5 | 898456e52eaf98d502b55b11e7a5fe61 |
| SHA1 | 34ef4cfb6a8a9bd2e33755e20725937b750ca1e7 |
| SHA256 | 2bd8a7918ddc4ef687207bf9355002db1a61315070a1dfec0bbe3a3b14473838 |
| SHA512 | d5e7ec0aa3b6e3221ad391d5c1d942ca6f7b773b72dd819636270d58e4f1cba461dc366d08d1f6f44dd90ea578f1ef8c76cc255cacc36b4304dd7c654de8f8c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cef982557ef65bcbb5156303021f0315 |
| SHA1 | aaa536fe6a199c56780846684a3e1b8944af2e6a |
| SHA256 | c85c0a1cf7a7f9b38c2f522eb1811db17f87b206357649c7175843f792a936b7 |
| SHA512 | 8de724ba5ff9539b472ec677a3586ef2bc5c3ffb4c0064bb3e25ed333f0f980181235bb7fc3570cf32320ccbb1e511c52aed24ed2f3123f81e5bb12ef08e2f51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9e60a51adcc7b8a35dcc6abd2f31a788 |
| SHA1 | 3357c66d6f32412e58a2a7dd2b346a0a764ffa14 |
| SHA256 | 8e041dadf6758193adde0fa9ae9eeb840d999f7d627bb34b0aab4b86b75b74bc |
| SHA512 | ef4f98e81147ae383c765399ce3d048601014a2f0d9915a913bb2d40d6a7389c7ca83901f13cb102e2a4393230db5d8a477151c08368d1e7028a380f44d198ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e6827bc1116b8a5101e2c7c7de81c7a |
| SHA1 | 8c9a2de9ec2b1c576753c51982b4498c0527164f |
| SHA256 | 99b18a1a53a54e89a75863c445ba45421effacbce212002b872505885a8eddf2 |
| SHA512 | 58b5b8fe103f1965f623ea17f5f82aa6b334ed2aee9a4e110b58de65075016c03208e70c83eb7d0e60c5a581a41736b3df4e740ed412bcfa4f6ce8d31f6dc356 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dac48998aafd7e9357dfb20aedeaad50 |
| SHA1 | 4fefd071721b2ff985afc189bbf7fc0de12cac6d |
| SHA256 | 8be3d537b5cb2be002f7b178ed2a1d88e4f41157e0d890cf94cba7c796c2c739 |
| SHA512 | 0c76f88b132c3eaab9df18ef3cde0a780ca4138ee0feb5210e0940bdc897553aa2c48d96752ab4ff10cbf43b0adcf3f966c51bc3dc1e2044e0528b6396370955 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c0bcd4f4edd5f8ddd0f7f232a40b527e |
| SHA1 | 71dce60a07eed3783ca1ae5b062227bd24e26287 |
| SHA256 | 0f9c077c5631b635f270507e0f5e735b9aa6697b4744828ac0b5b271c66824c1 |
| SHA512 | a81ea50dc0019dbce1062152004cdc1f622e34a09161e86edd0a064996b1c053ed8b18175e50b6e454bc15ed1d1bff8c971046f54a12118eb28bd0dc794e79dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | abda4d3a17526328b95aad4cfbf82980 |
| SHA1 | f0e1d7c57c6504d2712cec813bc6fd92446ec9e8 |
| SHA256 | ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476 |
| SHA512 | 91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 395620e36d3ed5bdfed0277f2fba7368 |
| SHA1 | d5444f528c03a7ea87282ff6df618708ba38f6d4 |
| SHA256 | 2a3f1b7b784657bb82d0b344ea5328068cab56a4005ed5f97fd45bbdc3053f41 |
| SHA512 | 9ae151b70c899f480cf0bff1623fe7271d8a5d38697c864e885db0fa97b782f6fa4a35d709e3ffc005c065438818985def6a37437d533347231c6ba4a2c6c6d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36d87d744fc2b7b0c08162bfccf6cd63 |
| SHA1 | 66ff2aeda3e46b951453cd2ac91a2d5d27f488ce |
| SHA256 | 7fc83a2c22d2c8d6017d1a82358d38355a5917c0f86d2717a4e451c74f8139da |
| SHA512 | cd29f82c9912dbc335265f02e873593293c9861cd5e325b37aeb9dec18270b140cf92b05d88b2cc5c1c689796e2f21f5a2f8e4361a901b4178436cc7e29aebd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2bd51f71d3bfda004bbee58eccf2dd66 |
| SHA1 | e03cc97a909db9be3df2c287b21db3b2a0dd9161 |
| SHA256 | 058f7b60fbf3d6ccf50d56ad3795da1bc47d526a4e2cb8bcf29b37a675cbe29d |
| SHA512 | c1895d428d49c3c604699d8fd468a51b21661ed2c5b20a2253f407432a2694a717a0639ebad35af35617837d41cb6b3cdf4650fd2c16714b517a6541dba2c6b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 051d5426b28b6a9a497c28bdd983f182 |
| SHA1 | 1db51a0ca13e095064d3e01fd4864ced98d93afd |
| SHA256 | 204ade27caa6df021ed3b07c4232e778f3c71bcc18d2cae1f95a48840606b71e |
| SHA512 | d8b77300d1e04a11b28d61f973ed8a2c0785e0499ebff74f39510fbfda850ebfc4c6dc4b068aaf006c89cbd00b0b1f9cf77d30a20bf807b8c24da9ae5f8aefcf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a5b60fb07582f6e83930831f8707fcb |
| SHA1 | 6930961f8e77f226a39f8cd746f0d8193dc31255 |
| SHA256 | 42a5b11dc264d9d58e5631b52b8129a2eac8cc704f1ec94d5e4875b463b3f2de |
| SHA512 | 7038934123b9e22a5d0b94a171df218d645957d4812a08fbcf9f15ddab416387b3294597bb7d1a95549a6a676ca015fd4b0c123c29c0eb1d6950bb3e787d97e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 172caa36ec6e4021fe12479ff6bd1666 |
| SHA1 | 77ad1630cae8121fc1998d034c9d279b1db502a6 |
| SHA256 | 093425a43df410587655b8f7ed32a6dc81b0114d02e71e38009ab915ab2bb5ba |
| SHA512 | 2f9a13b3816395cdaeba5e24ae895303c08cb8fb4b42e6553d6e255341ac9e819b6f2944207451a28fcca765a6d30d06b356b7b279aead4d5123d265216ef475 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a35a8fa5978a33bad78c3ea246e3634 |
| SHA1 | 5bc9fcfc923c0eef963c89416661ca9f4ab249f4 |
| SHA256 | ac52c9f67f9852d99e15f7add5e11f3fd26332866b746d7a4cf8b27a324341ae |
| SHA512 | dfd77559a17c35efeb12a11d64bc73360067ac961d622c13a549d555702746547f728dd3395ca95fb9e5c524636b1905807e9565b27c55659bbc2194c21b35b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae4155c689bebad9fe8eff14fedb8c01 |
| SHA1 | 4cbc84caf18d6e157f4f4845cac2203481a7d2fc |
| SHA256 | f359cacb39abd082114dbf7f6bacf2d40df042108b9bb61941916553f0ec80b1 |
| SHA512 | 3aa1c726562f36145fb9c301e350f947ab4241d26d2aef6e6dd607373b2021c2a4a7d4fd7426d2d52aa008ad4de5961bf791c267abc78a43f0e76065e9240930 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05928615614be2bc1ca0ed4a93419053 |
| SHA1 | 066b95f5e9f4ee0668c513d448fc536762ffbe8a |
| SHA256 | 9b75d46b011c6f750a72247a2e478a271213c226f697d795470c349b313e9369 |
| SHA512 | c781d0caa1d335eda6f62c0449892b7b9fb380c2a72698ab1b69bff7d4424f4b148872e3cfc2a11f61435417750857cbca3b6f6004c8ec088d5f5a9413d9b273 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a1492131a1fd0fc5bdaa85af2eb9d4f5 |
| SHA1 | 944ac43eb18f91ab94ed9b2e61cc1349638f04d0 |
| SHA256 | 2fb41299b4a30986ef16d5324a2d3b570b01e6e7b8d3c4fd2262fe42c413b83b |
| SHA512 | 57909729568d36af8284e7f5ded22f7ba4e0948b756cffedb689869692a9a6c253d1bd8e64e049b7aedac891faa296ce73e6317746f1a5b787c96a13eb749752 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6d2f4f59f3c468fe2c04b6768696ae9b |
| SHA1 | e7b60871321559b80a35ba97fafc3d62d5b7c124 |
| SHA256 | 1a6bddf8565eda04b4d0ae3d68b7a5813b1dbdbb0013d49c132ebf770ec4d094 |
| SHA512 | e6f3a7f24687eb2dafc8a3ba8e878b2d1ea9d050923996dac5b730b1bb62658bab97ce4b80ea042840a1228a97604e4f1de62dc637bc105f0dfddece007f4ee9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 627e21572e996539128f1bb4e84ce738 |
| SHA1 | 29522e0c340262398f5167c01fe0592e81be045f |
| SHA256 | 23c10ff52f8b3dd2c169ffdae0c7d038e393f95223b704c014c534f5d1d2547b |
| SHA512 | b10365e073ca956cb286578159311240bdd1cd0d53aecfa5b3669304899ac70628a1ce854768e1ca39fd87a918d5e8fbf7bc5654023dca28cfff1a670366deee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 51cf5ed4b0c72c2133526cb91f4c63c5 |
| SHA1 | 1a48b5a4757cb74d776ae7840639f1994be2e36f |
| SHA256 | 1b32be02071a02955ce02e2bcef79505e9b2904bded2c258856edac4e47aba2f |
| SHA512 | 4543a331a581bc3e191176adeca358e05592abc5af79ff8c92bea54a74ee7ac59e61989a0108adc3b1e2be7820cf256366fcdd8bcce419a82118d817888dee0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5fcfca100a5fe8356826bb48938a6aba |
| SHA1 | c71166b9b0b232a4ade24a04c5b80b08141ac545 |
| SHA256 | 3f1ae303cb4a0d8010912f0a5a1257acd871968b73b895f8a512e6a1f454b85b |
| SHA512 | 99e9ee61fd8ffcd4618b3cee128b9a59ca2f32d22b0cd431843354a0dc96953cd3d5963c43cdd29f9a308af26848d68c21e0f2fc525b2a33c97ff35b47c0fd7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ab58c2bc31dd9e720beb24f3d308b0b |
| SHA1 | 5b33e491aa11d04bc7e87a75f965a2f6e8750770 |
| SHA256 | b5c00d9a1574c4bd9e91af50b4fd6801effa35378d598d23c8adda67745850bf |
| SHA512 | 558094313dba9697a559d0db002b9ec12642c117bae980dcf3080ceced54fd938ba80b97058799ed58ef785f93762c9c1ab7ba5557f2d3f900a07555342b2a0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8a79555b860e1d038423c7403b13632b |
| SHA1 | 9458320dfb4fdf61410d2ad3ed8bc58f258cae37 |
| SHA256 | 95f48691078e3d633257c306e906cddf607b2aef7dcbb11644b6a3fa49fcb72c |
| SHA512 | 3f547f71b71092fa36c376eeb2bb3c097e19ccc2ce71c78a7509ecc54835eedfbea6f92eb7bee99bfe1afd3d66181dc521e46ebf5aea00f325d8e1aede661882 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5623e7c23a71e2a087ec54e51e0c007f |
| SHA1 | 609180c4f64cb57ae7a1af010746279a3805b65a |
| SHA256 | a9ce78531f28b9c1735b4e35e119149874ea1ab590f409db63d537b82a5eb7fb |
| SHA512 | faca2a9678fba1abe43ba578c5600e72763dfd173ede5ec309a182cec49a47dbebf02fc86dcfedf8d27c3f36c6911f9f0c8dace02b86e05d4161ca08fb3375cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1fd8823b18648756c7bada19aad952c3 |
| SHA1 | aacf8a8206e9a1e3c93aa7918b9db1a59b310c9a |
| SHA256 | 3625b70618d6b6123a7c384ee40a2cee824e4d7a5d8abe9351e7306d7b64c777 |
| SHA512 | d6e1024efa9597b93f5119985c2a774698439978019ef76eb7aa6d20cf605e565cc8866660a9ce1f646c090e6ac021eed308045b414e62a8c013df5b9706a3f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aac978468700ef9970d81b65a627872e |
| SHA1 | 756e6135313fa099ebd3f7ffe0bb40855c0fa7fc |
| SHA256 | d4a0e2ad9bd9f05f462745bba1c1e605432da1c98ccfcc0a67bc0e8bbe313bd5 |
| SHA512 | 3651fa7d1847c97ba12fe6f428d3a054391e5d301b83c6d38f5d7a322f94583aed10554278e051c8fd680d51bedea14df55871b0a9b29aaf4fe1dbec73f5483e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | d1e095d7dd717c21b3fef48bc0eddea2 |
| SHA1 | 37a92d3d7653035452988b19107682bc2c99d840 |
| SHA256 | 372d52e73a106349b90681b7cb3909037dcf38afa45ed5e8aa64a3fb1a35682c |
| SHA512 | c9df8f918b85480e43950b2727300bfcd6f246afbaafdf01f185699882f4ab0a86a8a0ad9b035472d0122bee427e26cdf7d159d9f39026b6577f52f514dd6005 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5ad468.TMP
| MD5 | 1f721e315ad9eb38e4c5c2ee3c4833b7 |
| SHA1 | fba9bbc37e1a595096c2dce5a0b6f2c0f92d13a1 |
| SHA256 | 903058e894116c9d926c9f456eece3a26b9d938a6ac7e3247540e941762f9e29 |
| SHA512 | 96e1bb6bb5962ed90b308ee08c188dfc7c5c1395a969340035d7760afe6763e716a9aa88b4462db28154ede543586a6164bb2753050d468c2d2fc2a1408c7deb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3360c8d4868f347312765ff133a88041 |
| SHA1 | 7d708ef07560d1cdacd23d290cc81abd44d8cc94 |
| SHA256 | 011f77bdad694fc118992c9f60906c3e92a6f40006c03b627323100524983877 |
| SHA512 | 9ab3a2910853c68d39065e9d642506e091ccfbef175b92cb04b0336f6f8c0e6a3cd5968c12d09178b2e5845404734965b9e4bf3bfdf61c5c12620005e95f0edf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8947439b3206c121fd4d02e6ea36461 |
| SHA1 | c7f95a9aca0b752cb914fd5d363df12c0cc387f9 |
| SHA256 | 608642c8d246ff6621b55c737b7d2695f6334e6427e253ba7e02941ac0ba1d5b |
| SHA512 | 6fb88230237f4e933d89899e3ae055b7bbbb78f2cdd28d7af136b8534bdc5e6bf5340966b99329bc296f84157f0fc3c0c0304d0f2d3df4200698f53494f8fbaf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a73278e9e62bf810d133620f4515b96d |
| SHA1 | ce63762bc50e4008e69060b45c16d2bed103090c |
| SHA256 | 8fb750c69fdb6c5c08e01269c214a22c6f6e3530f948bc7a97b749f4788de2b2 |
| SHA512 | cedd777644da09249c7a2755045db0d6c9dae2da0118731a9f58f1294380816b816a57bb0ff7a726d434a6b5638828db17fbf3662c3679754eb44c2d2657e57b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\37e87baadd2f722d2dbb950717028b6348f3d503\779dfffb-a92c-4875-818b-7e2b6d7f54c4\index-dir\the-real-index
| MD5 | da8660263c208c0ffb12b472b07bd221 |
| SHA1 | 2b889aef65f9cbbb9e07a3249253a9ff1e0b24f7 |
| SHA256 | 119c1c530490298e8ab7369ab854bf79ffd278d59c854e137f11fd0d913b8939 |
| SHA512 | 9f63ee5853532c2d2a04a22b97aa19378b738d3757c5d6c99163deea8606a2f21b42fa21ea66a479f2de02d13806483aee0e3938367bdac34df4a910035d7693 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\37e87baadd2f722d2dbb950717028b6348f3d503\779dfffb-a92c-4875-818b-7e2b6d7f54c4\index-dir\the-real-index~RFe5b2835.TMP
| MD5 | 5da0e9e41c9000fe8aca30afa2b857c0 |
| SHA1 | 5b7fb36af4e83d235f01bd09839449deabd4e3f6 |
| SHA256 | 7cff8421c41b9050ac30ba1d29681efa2e3c44c9c1524341b5552f8ef9db2520 |
| SHA512 | eaf93b70fa38336d7154accffff7aa11da2268e4b6e493fc79b096e387ffb9415dd85336d76253e65fc75e8a2f1f8c24cddeee1f57b1e5c3fd8e9da71b49cc40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\37e87baadd2f722d2dbb950717028b6348f3d503\index.txt
| MD5 | eba9e79ff7f58ed29800b3903f175d50 |
| SHA1 | 3f2ee9078a594548bfd4ac0805a05162c077c89c |
| SHA256 | 94a1ac58ad3883b704ba376c549a2779ee160bbe4a4cac8435e6eb5f56047595 |
| SHA512 | 20d0eb4bcacf91d31078e605f364e2bc05efcb919addc0e12b1530f8ccbacb3b854fd8493647939c690f99edbfa19dd1237f85ad24d2c840f574406bd15f9ac1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\37e87baadd2f722d2dbb950717028b6348f3d503\index.txt~RFe5b2864.TMP
| MD5 | a88f78f7a9850874491f0892205e2809 |
| SHA1 | f645508c8770a29ec10d32d1d307c94c6dac5da6 |
| SHA256 | bf9cb8815b03254198b2103cccac7a02adc4173c936d739c2984a12306242047 |
| SHA512 | ddb01ea917974f72182b414c463a0b721c6ce03af74e6f737eb0d98fbfe1dba43d14acc715d425eb606f6af74a38f1978abc70c22adb160bbae8b3dafbc8b2c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cff2af8ec6eb9c8fbfdb8d1ee441261c |
| SHA1 | 2b778cf7b438b188babe3899b1f8c1bec9991676 |
| SHA256 | 83c0eafe20f0dda64d12f2c6280058dcd5beec495853773de76127a7951d0931 |
| SHA512 | db1da365f0e80932267e55067d103b99f3474165bffeced7e8113cb79018e47c9f66793141c4f000238ddb313750b74e43b7561e59c71ab350d2683663478781 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d6d4e108682d28e5f779fed3e524f7cb |
| SHA1 | 2ad717d783f60fd7ff2076caed480e081890d84b |
| SHA256 | 0790f67989408df0aff9bed2c2ecd013f4eac224c2d865ac5a9f2f4bbf523fc3 |
| SHA512 | 9ed79b761698d90433084a5925ab867f0d625805da1fc7dcc825a8928cf7a3c9b6833f653d3f61db1598b8f44949f479fbb9a2fe9d10013cb0682a3a4984b87d |
C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe:Zone.Identifier
| MD5 | c258a8babb6ad32c04162d393e34c916 |
| SHA1 | 25c1b926287c721e5a8b18cf89c782fc59f4e3a8 |
| SHA256 | 79d37e72e6ef64a21a959104cb610976c7651ba14f3a2296fb85c5f0ddb6a129 |
| SHA512 | 6372a9958382aa0b884c0b26e9d26f7e89208c73705ef144e8852d8ab1683755719737074127093974d134f440c5fe65789f36dcbbad78ef593ab3ab45015740 |
C:\Users\Admin\Downloads\UltraUXThemePatcher_4.4.3.exe
| MD5 | 8992718c128b589e19216ef1609c50c3 |
| SHA1 | dee042937934ae88ba0adb59752ef5ed13edb0ad |
| SHA256 | 431675fcbb448567fafc83fee2b93c620ab7a7f5d3d7a7c7b922fec52d58deb2 |
| SHA512 | b517d678e8590fc100a9aae590f6d37d440452cfab97397a8b62f592a164598cbc0f5a21f65bab22e3c623faeff205d1b137d1f6d104a4792b472682767d65c9 |
C:\Users\Admin\AppData\Local\Temp\nsn78A9.tmp\System.dll
| MD5 | 192639861e3dc2dc5c08bb8f8c7260d5 |
| SHA1 | 58d30e460609e22fa0098bc27d928b689ef9af78 |
| SHA256 | 23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6 |
| SHA512 | 6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc |
C:\Users\Admin\AppData\Local\Temp\nsn78A9.tmp\nsisFile.dll
| MD5 | b7d0d765c151d235165823b48554e442 |
| SHA1 | fe530e6c6fd60392d4ce611b21ec9daad3f1bc84 |
| SHA256 | a820a32e5ce89e3e336afc71aa1bf42a357ec542c2bc6e50c6255c1333812587 |
| SHA512 | 5d801c24dfa1b7326f72f9c0acf3a330ef0cc3fce25ceee200bb12eab8c2b653025602e610e0cecda1e7cbd851ce1b66252531220b557a378ddb0b4a1741fa66 |
C:\Users\Admin\AppData\Local\Temp\nsn78A9.tmp\nsDialogs.dll
| MD5 | b7d61f3f56abf7b7ff0d4e7da3ad783d |
| SHA1 | 15ab5219c0e77fd9652bc62ff390b8e6846c8e3e |
| SHA256 | 89a82c4849c21dfe765052681e1fad02d2d7b13c8b5075880c52423dca72a912 |
| SHA512 | 6467c0de680fadb8078bdaa0d560d2b228f5a22d4d8358a1c7d564c6ebceface5d377b870eaf8985fbee727001da569867554154d568e3b37f674096bbafafb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2259671ea8321bfbf11df3b09b7cdced |
| SHA1 | bfe86553ccc4cf2481d68bdb0265b14c7aa40154 |
| SHA256 | 837ac4ae8c93b6bb65c185909ce62a3a34bab9a28a1bdf573754ffdeff482404 |
| SHA512 | 1a97b17b2aacf1dfdfb4f70c6ac95a41771e32ea8260a16045354bc51559757811cdc73bd7b2688bb3e7e3ed2671cdf4783baa9c7de1ee2fc6172b25b8ea1725 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9573460a9c0e72a8f87e6c03087c0b80 |
| SHA1 | a07f42f85625a94a5d4dc5cde4f38eb0b6ea2709 |
| SHA256 | b06f8f4a808d52af822e314a9ccf6e477df8578e4d7f6eaf3f3d9b0850cdb7fe |
| SHA512 | 4dee66698bcd36edc36ad13f5e8b1e95aa1b02684f97946f9e57543002d835f33412ade74bed4deab7476363f8f9fe48cc78934f7619654132330cbe20c4a2ad |
C:\Users\Admin\AppData\Local\Temp\nsn78A9.tmp\SysRestore.dll
| MD5 | 4310bd09fc2300b106f0437b6e995330 |
| SHA1 | c6790a68e410d4a619b9b59e7540b702a98ad661 |
| SHA256 | c686b4df9b4db50fc1ddb7be4cd50d4b1d75894288f4dc50571b79937d7c0d7e |
| SHA512 | 49e286ccd285871db74867810c9cf243e3c1522ce7b4c0d1d01bafe72552692234cf4b4d787b900e9c041b8a2c12f193b36a6a35c64ffd5deef0e1be9958b1f7 |
C:\Windows\System32\themeui.dll.new
| MD5 | 48359e4ea17198c341697a50bd359ea3 |
| SHA1 | b178b6b3317ec0365b10f4b493fd80fbc85c709e |
| SHA256 | a168df5b361469e957a8470d68fe2c4a1b664f519e6811b3ce7931ca7f01b669 |
| SHA512 | 24ddd3c396630ce820d599168f856575bec19c065f73535565898d2eefc63b7c0515d56a4defee693328cb4b8e830ad1640b33e5ab316d8cd98be3aebc958075 |
C:\Windows\System32\uxinit.dll.new
| MD5 | 83f209434ea9b3f4f48f0dc498dc9a7a |
| SHA1 | 49ef0f3c6d6e76e121a4cc480737677d303f5f9b |
| SHA256 | 59a124cff1d4ebd1a0043d7652ec3a241d736489626f05415f65bae3a45a13a2 |
| SHA512 | 15b58125e0803bcf1e2b0827a9544d4390c6721931b82d238f856dab07a51db11f27d64f9595bd625999863a2160934119edf5537e67799206ed248e89c438c1 |
C:\Program Files (x86)\UltraUXThemePatcher\Uninstall.exe
| MD5 | 8e187b402237716626aa8c04f8b4d2dd |
| SHA1 | b45e2664ed8b674e254e1a1df52784d9c99abad3 |
| SHA256 | 663b8e497819e8a2254cbb1cae1d5f0ed7aae5de8e84f56c5a96d5ce9ddb6dd0 |
| SHA512 | 38c011f731687cde7834d12a41a70d787e9128000643c1193d308638069e9467061c2d71a12aeb92bcab2f7bdb4dca59562e89ae9462fff6487fa9fec68660cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bf85ef92d820af0a1123ebb82d46a78f |
| SHA1 | ddb015638e48da82f6e5517f0cdd60593f6c6d25 |
| SHA256 | 888348b014124e288cf837585c8837aa69794b07812f51ade377f9edd184c3bc |
| SHA512 | 7caaaf902ef6683d09bf7e62d18b197dccc3a391a59e03ca1a87539b2856b2309467ae2661f8bd8cdd80f1f5a03ed6b7fda8a1350aed52e8956d90ced2fbe260 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4497ef67ca90f1efe19e6c7f2b72bc2 |
| SHA1 | 6c0cc95052dcdb4e308ea47678c5a94c02943516 |
| SHA256 | aca1b8460a30463ad368c32c0e7f9f700cd84c22798d47c47c7fa89cc12f9521 |
| SHA512 | a1ab0532436469950f38e18f6534131f16ee775b130578201cd8c08d70d82adbf571a006e16e203fa119662c559c4c347c52fe1ebd5e0bef156dac28089c87f4 |
C:\Users\Admin\AppData\Local\Temp\nsn78A9.tmp\modern-wizard.bmp
| MD5 | 5f728e4e6b970db76c64be8ca3cafc87 |
| SHA1 | b7481efd9f6938903214451d792a8b13a645c922 |
| SHA256 | aea40659bdb08337064640ea8b4f171881d37456b37b3e2899349ac04f0889c5 |
| SHA512 | 2cc4e870290f8faddc8eca1a03a1efb34711b3951e263a79f259fd998a9a1f957dbf58c110c5fe64febd414ec7a22e125353f9d5c363866bd0d4298452fdadc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e77c1e16a26c91535e5ec8a2fece9358 |
| SHA1 | 565546849a692f95a23ba858f0083646512a2ca9 |
| SHA256 | 8def70ea6b7ef6456940fedbaeb318308002b33f2d3d313e98b087611c3a6b8d |
| SHA512 | 8dcfaeaac9f049a65f5ea0ee06adb496d749c38ed4955f45a5a2704371d79b8699b2301ac1a20462aa5123cf9368859785513b0ee6970565fcba7b7a45cebbbf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b5c733809d3020d35b7c9cf5285a25d |
| SHA1 | 518a67f03e719baa7db404a2fa4f8ecef16297e7 |
| SHA256 | f0687bb5e40717124472b292a6ddca54a672efce176145e0e9c63665cfbe8d36 |
| SHA512 | 336ec90b21da55929f4bb617a9ddb76e5dfe8c78c0af774b908248f77d7e24594fed8694521d5c9990af5c9b3a345d718d925188cd83782fe9a36f0a7cf7e507 |