Analysis Overview
SHA256
91f37c2bd8ab718d13c2e9d0131a905eb5b33c025e66412f6697bac1950c3200
Threat Level: Known bad
The file image_2024-10-25_224430092.png was found to be: Known bad.
Malicious Activity Summary
Modifies WinLogon for persistence
Modifies RDP port number used by Windows
Drops file in Drivers directory
Creates new service(s)
Downloads MZ/PE file
Sets service image path in registry
Checks computer location settings
Credentials from Password Stores: Windows Credential Manager
Checks BIOS information in registry
Executes dropped EXE
Event Triggered Execution: Component Object Model Hijacking
Reads user/profile data of web browsers
Loads dropped DLL
Impair Defenses: Safe Mode Boot
Drops desktop.ini file(s)
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Checks installed software on the system
Adds Run key to start application
Enumerates connected drives
Drops file in System32 directory
Boot or Logon Autostart Execution: Authentication Package
AutoIT Executable
Checks system information in the registry
Drops file in Program Files directory
Drops file in Windows directory
Launches sc.exe
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Uses Task Scheduler COM API
Suspicious behavior: LoadsDriver
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Uses Volume Shadow Copy WMI provider
Runs net.exe
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Script User-Agent
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Modifies system certificate store
Modifies Internet Explorer settings
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy service COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-25 20:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-25 20:44
Reported
2024-10-25 21:14
Platform
win10v2004-20241007-en
Max time kernel
1799s
Max time network
1730s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe," | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Creates new service(s)
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\DRIVERS\SETC4CB.tmp | C:\Windows\system32\RunDLL32.Exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SETC4CB.tmp | C:\Windows\system32\RunDLL32.Exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\bddci.sys | C:\Windows\system32\RunDLL32.Exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies RDP port number used by Windows
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\mbamchameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Credentials from Password Stores: Windows Credential Manager
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService\ = "Service" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\GrpConv = "grpconv -o" | C:\Windows\system32\RunDLL32.Exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Program Files (x86)\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize " | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File created | C:\Windows\assembly\Desktop.ini | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| File opened for modification | C:\Windows\assembly\Desktop.ini | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Enumerates connected drives
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Boot or Logon Autostart Execution: Authentication Package
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Lsa\Notification Packages = 73006300650063006c00690000000000 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Lsa\Authentication Packages = 6d007300760031005f00300000000000 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\026A86A161D256DBB33076EDF20C0E5E_86AB612B21DEDF3B8CD155ED2E4114FF | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\21EA03E12A6F9D076B6BC3318EA9363E_6EF0095DA824AE045AE9FC5B645DF095 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0CF02A012C1A489E31B81E539D7738F | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1e64.inf_amd64_8d5ca5ab1472fc44\netl1e64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\e2xw10x64.inf_amd64_04c2ae40613a06ff\e2xw10x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\AF360AACB1570042DEFBC833317997D0_87D27E1CCFDEDF74AF806D4EBD94247C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\athw8x.inf_amd64_55014eff4ceefbdf\athw8x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netk57a.inf_amd64_d823e3edc27ae17c\netk57a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\229169D96B9C20761B929D428962A0A2_FC65190A8D1232A1711F16F9F20C5149 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\nete1g3e.inf_amd64_af58b4e19562a3f9\nete1g3e.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\wnetvsc.inf_amd64_9a5b429abc465278\wnetvsc.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvwifimp.inf_amd64_ec11d0ad3c5b262a\netvwifimp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\206742EA5671D0AFB286434AEACBAD29 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netv1x64.inf_amd64_30040c3eb9d7ade4\netv1x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1c63x64.inf_amd64_4d6630ce07a4fb42\netl1c63x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw02.inf_amd64_42e02bae858d0fbd\netwtw02.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0CF02A012C1A489E31B81E539D7738F | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\combase.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvwwanmp.inf_amd64_f9e30429669d7fff\netvwwanmp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwew01.inf_amd64_153e01d761813df2\netwew01.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw06.inf_amd64_2edd50e7a54d503b\netwtw06.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlans.inf_amd64_97cd1a72c2a7829c\netrtwlans.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_10CFC0D4C45D2E76B7EA49C8C22BEDFE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_amd64_3294fc34256dbb0e\dc21x4vm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netxex64.inf_amd64_ede00b448bfe8099\netxex64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\rpcrt4.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DAF1A231E66DA88458F6F9DA03F0934C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwew00.inf_amd64_325c0bd6349ed81c\netwew00.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_10CFC0D4C45D2E76B7EA49C8C22BEDFE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\Amsi.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7447D0CD4A15D8A8E94E184F8B1DF8DF | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\AF360AACB1570042DEFBC833317997D0_DF48483754A6AE209A217FF51855DB26 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de}\SET97C3.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de}\mbtun.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A37B8BA80004D3266CB4D93B2052DC10_EBDB5A7037F08CDFB408DBFC0D44B43D | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de} | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0F7456FD78DEB390E51DB22FDEB14606 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netbc64.inf_amd64_b96cdf411c43c00c\netbc64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\wbemcore.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\bthpan.inf_amd64_b06c3bc32f7db374\bthpan.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_2E01D413E600DA01958BFB19A6EF6010 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net9500-x64-n650f.inf_amd64_e92c5a65e41993f9\net9500-x64-n650f.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\rtwlanu_oldic.inf_amd64_1a82423cc076e882\rtwlanu_oldic.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de}\SET97C3.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.log | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_d6132e4c7fe2fac6\rtux64w10.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlane.inf_amd64_20caba88bd7f0bb3\netrtwlane.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt2.log | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| File opened for modification | C:\Windows\System32\Tasks\PC HelpSoft Driver Updater automatic scan and new device notifications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\ndisimplatformmp.inf_amd64_8de1181bfd1f1628\ndisimplatformmp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netmlx5.inf_amd64_101a408e6cb1d8f8\netmlx5.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-console-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\System.Windows.Controls.Ribbon.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\zh-Hans\System.Xaml.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLLShim.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Serilog.Sinks.File.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vccorlib140.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\mscorrc.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Security.Cryptography.Encoding.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Microsoft.Extensions.DependencyModel.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\HDMSchedule.exe | C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci_core.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Console.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\de\System.Windows.Forms.Design.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Interop.IWshRuntimeLibrary.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-core-synch-l1-2-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\vcruntime140_1.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-profile-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Collections.Specialized.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\it\UIAutomationProvider.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Application\DotNetZip.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\smb.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-F2P25.tmp | C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.IsolatedStorage.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Reflection.Metadata.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Text.Encoding.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ja\System.Windows.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ja\UIAutomationClient.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\clretwrc.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.Compression.FileSystem.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.FileSystem.Primitives.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\D3DCompiler_47_cor3.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\it\PresentationUI.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\UIAutomationTypes.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-errorhandling-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\api-ms-win-crt-conio-l1-1-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-timezone-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\cs\PresentationUI.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\System.Windows.Forms.Primitives.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Core.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-memory-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ko\WindowsFormsIntegration.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Application\ja-JP\WebCompanion.resources.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\de\System.Windows.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Application\ucrtbased.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Xml.XDocument.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\UIAutomationClientSideProviders.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.cat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-namedpipe-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\Microsoft.VisualBasic.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.Interop.Activation.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\http.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\mscordaccore_amd64_amd64_6.0.3324.36610.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\cs\UIAutomationClientSideProviders.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\Win32\api-ms-win-core-file-l2-1-0.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\scan.dll | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\enterprisesec.config.cch.new | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\security.config.cch.new | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| File created | C:\Windows\assembly\Desktop.ini | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\security.config.cch.new | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| File opened for modification | C:\Windows\assembly | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| File opened for modification | C:\Windows\assembly\Desktop.ini | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\enterprisesec.config.cch.new | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSF83.tmp\mbstub.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MB-SupportTool.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\WcInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AutoClicker-3.0.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\GSAutoClicker.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Driver_Updater_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Driver_Updater_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-GD96O.tmp\Driver_Updater_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\gs-auto-clicker.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Capabilities | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0065\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Driver | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0064 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceCharacteristics | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\DeviceCharacteristics | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ParentIdPrefix | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UINumberDescFormat | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Mfg | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\UINumberDescFormat | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Mfg | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ParentIdPrefix | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Driver | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceDesc | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\LocationInformation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Service | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\runonce.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\system32\runonce.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardProduct | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Malwarebytes.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1A173904-D20F-4872-93D5-CBC1336AE0D6}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E96FEF0-48F7-4ECB-B010-501044575477}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{19184D37-6938-4F54-BAFD-3240F0FA75E6}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{44ACF635-5275-4730-95E5-03E4D192D8C8}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C510D99-F27D-457F-9469-CFC179DBE0C7}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4412646D-16F5-4F3C-8348-0744CDEBCCBF}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B44D50B8-E459-4078-9249-3763459B2676}\TypeLib\ = "{332AFEBA-9341-4CEC-8EA6-DB155A99DF63}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F3968E6D-3FD5-4707-A5A8-4E8C3C042062}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\ = "IRTPControllerV13" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D51C573D-B305-4980-8DFF-076C1878CCFB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{78E69E6F-EC12-4B84-8431-1D68572C7A61}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{172ABF99-1426-47CA-895B-092E23728E8A}\TypeLib\ = "{F5BCAC7E-75E7-4971-B3F3-B197A510F495}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C0D8223D-D594-4147-BAD8-1E2B54ED1990}\TypeLib\ = "{74630AE8-C170-4A8F-A90A-F42D63EFE1E8}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7DD05E6E-FF07-4CD3-A7BA-200BEC812A5C}\TypeLib\ = "{2446F405-83F0-460F-B837-F04540BB330C}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3C871BA6-4662-4E17-ABF4-3B2276FC0FF4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{960F2BB5-E954-45C5-97DF-A770D9D8C24B} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{118F4330-CAF5-4A54-ABB0-DC936669ED2F}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{68E3012A-E3EC-4D66-9132-4E412F487165}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{735BE2C0-5A9B-457A-A0A9-4B27FCED2817} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{309BE0D9-B4CA-4610-B250-26CC9CDE7186}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{620A01DD-16D2-4A83-B02C-E29BE38B3029}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\VersionIndependentProgID | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{EF7DFB76-BA49-4191-8B62-0AC3571C56D7}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F927AD37-BA5F-4B86-AE22-FE2371B12955}\ = "_ILogControllerEntryEvents" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5091804-600E-4226-BF28-80ABFDF4AFAB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{63A6AB57-4679-4529-B78D-143547B22799}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B9F73DD6-F2A4-40F8-9109-67F6BB8D3704}\ = "IMWACController" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{08932AD2-C415-4DE8-821D-5AF7A5658483}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3B42C782-9650-4EFF-9618-91118DF96061}\ = "IScanControllerEventsV5" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DF39921A-6060-472F-A358-1CE8D2F8779C}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{59E42E77-5F19-4602-A559-3FFA9EE51202}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DC97FF29-5CE2-4897-8175-94672057E02D}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{346CF9BC-3AD5-43BA-B348-EFB88F75360F}\ = "IVPNControllerV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\Version\ = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{04F8CDB5-1E26-491C-8602-D2ADE2D8E17A} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{ED06E075-D1FD-4635-BA17-2F6D6BB0DFD6}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\ProgID\ = "MB.CleanController.1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5D448EF3-7261-4C0C-909C-6D56043C259D}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4A9108FB-A377-47EC-96E3-3CB8B1FB7272}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{97EB7268-0D7B-43F6-9C11-337287F960DF}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D2D1C2BC-3427-478E-A903-ADFBCF5711CD}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7995CBA9-83E0-4F28-A50B-DFDE85EBCCD1} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{ABC1D1AF-23ED-4483-BDA4-90BCC21DFBDB}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B9442AA1-AEB8-4FB4-B998-BFBC37BA8A99} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ADCD8BEB-8924-4876-AE14-2438FF14FA17}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49207D05-5DFE-4F52-9286-1856A92A5BFE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7995CBA9-83E0-4F28-A50B-DFDE85EBCCD1}\TypeLib\ = "{783B187E-360F-419C-B6DA-592892764A01}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{08932AD2-C415-4DE8-821D-5AF7A5658483} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{36BABBB6-6184-44EC-8109-76CBF522C9EF}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E149FEF9-F1DC-4894-8A8E-AA53F6807EFD}\ = "_ICleanControllerEventsV7" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A7FB145-B72D-466E-A3AC-21599BBE9E8C}\ = "ILicenseControllerV5" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{17A7CC72-3288-442A-ABE8-F8E049B3BE83}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{616E9BE3-358B-4C06-8AAB-0ACF8D089931}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CurVer\ = "MBAMExt.MBAMShlExt.1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EBA4A79D-9F4E-4E7A-AC00-49ECE23C20B6}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0468FE5A-FFDA-4F57-83F5-79116160E9B8}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications | C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D81C2A20-D03D-40D4-A371-A499633A2AD3}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\Programmable | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{36BABBB6-6184-44EC-8109-76CBF522C9EF}\ = "_IScanControllerEventsV13" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0400000001000000100000004be2c99196650cf40e5a9392a00afeb20f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d4190000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D772DA0874059418FCDAACE3F4FF2AC964A852FF\Blob = 030000000100000014000000d772da0874059418fcdaace3f4ff2ac964a852ff140000000100000014000000246593980801e84ed4d64cea6455e1c0fafbcfb3040000000100000010000000fe9ab1791f2f2a2a01fce48d6b2a093c0f000000010000003000000054de7e1f5b9b2c1834c8e4fedef7bec89e6e7117ef761a80d1bccec1d63888d0d4ad1b6c5c6a4ea556436ddd29aaf904190000000100000010000000ce4cfdd3ed415f0993c3c8bd5428ecbb5c0000000100000004000000000c0000180000000100000010000000ea6089055218053dd01e37e1d806eedf200000000100000048060000308206443082042ca0030201020211009e02b0e94aceb2109ca1e9836be0c2db300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3231303532353030303030305a170d3336303532343233353935395a304f310b300906035504061302474231183016060355040a130f5365637469676f204c696d69746564312630240603550403131d5365637469676f2052534120436f6465205369676e696e672043412032308201a2300d06092a864886f70d01010105000382018f003082018a0282018100bb7bff8fbf4b2d43b6f1661c00ff8d9d2a7840c4234c4349a709395a45510b16fdee6031f53470e363075bec932a725a16385216091d2f53efa83eec3aa07ba25348802d95959b14ddb213f617c13b2612049cde3d4c4a3d33c30c26256f3d6e0f9503b18433c690499ef9e636778f006324606f5d61e44d1b0df783548cbc4f8a7c20f42a20aa61a02d902877d351569c94cca6f421cad8be289a4a1e5486c3f6ec6c6ac10e69d339b273758ff0abf75b77391ea30672e23287f97fc61413e468911d33a9c7b3302db6a9c581ef21848aba96ec110364e5dfbaa9c18d4e7e2cdffbc380c1a8296a321225fa20451c29f5549adf8ae067f1310f0a11c63170afbc803b177ec3f23626be3c37cf37b85d795497b8bbc37f76056a359f8213194f2af37dc9b988166a4c38d82b61e5615b571a0ec7fd7bb76b0a42401ff30fe0ec70ba6a79571889c71df7309f430a0715067245a3575ebfa3ed584c62197566c21b0175a6560d1461b5765bf137b4040503c1c4a3ff5dcaf49dbae72f16f6b67b0203010001a382015f3082015b301f0603551d230418301680145379bf5aaa2b4acf5480e1d89bc09df2b20366cb301d0603551d0e04160414246593980801e84ed4d64cea6455e1c0fafbcfb3300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff02010030130603551d25040c300a06082b06010505070303301b0603551d200414301230060604551d20003008060667810c01040130500603551d1f044930473045a043a041863f687474703a2f2f63726c2e7573657274727573742e636f6d2f55534552547275737452534143657274696669636174696f6e417574686f726974792e63726c307106082b0601050507010104653063303a06082b06010505073002862e687474703a2f2f6372742e7573657274727573742e636f6d2f55534552547275737452534141414143412e637274302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c0500038202010055d1f2be5bc5485740e5ecd9faeffd6b92fca8754779e9cfc23d14f9a109e565b9ad9fbc4ef29da2e735cccfa2392b472bc0e0ba36902366d1126488d95751add00f6f5f8a90cf1bb17a6956fac2400a85bfe1bae0cd72337817684ef2eb0276135b8529532e1d3caf14b46c0333f437a1ed90453ff573bca9925017ebfe39ca4640eafba3b4179b585ac5004f6cd30cc05f6f867781a63d2516f62fa249f093bed557723cb3c8d21b129930221003f64a89e0928fa8c338600f2156d4ebab5733a777dd27e591539e2f671f4bc38bf4656392ce9512561e1daee2ed8074beec4dfeecc717d79493974c464cc54662e53b9d1a08c0630ad519cc0ab089cc8b2e084578d969ec7d0db7cf86a12ec3e0860e3709e44bc50c73c8f628dc9ed5959a235771ce406d9d5bea1bc3b2492444f41004caeda6925f54d6097b3ab992d310111499b6ce40ffe5c6a3776635adec33a03bc8c69e3ea19985587cb1a85a38e62e53ac7ffd133beb57d46dfdf21ce2f78cb42ef6d754ef23ed29b10ccb1f9a3cd82f9e0d66499f508786a0f1f9ca1cb01dc3f14c9efcd3a64feef466b642d170b95b948385bbd44479771188b1a071eafa4bf0ff8708cd8a8866ba87405c9488d8ad0a0742f7bee4cb993791318d9a6810fe9a03bc150226b79e70bd19804cecf00280fbff4ca2b76ebfe3d8e4dcf7c8856b986ed21371dceecac9ae317e7b05 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f10f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa2140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 19000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 040000000100000010000000cb17e431673ee209fe455793f30afa1c0f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c953000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030109000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df1400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331330b000000010000001200000056006500720069005300690067006e0000001d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3617e000000010000000800000000c0032f2df8d6016800000001000000000000000300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e5190000000100000010000000d8b5fb368468620275d142ffd2aade372000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 5c000000010000000400000000080000190000000100000010000000d8b5fb368468620275d142ffd2aade370300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e56800000001000000000000007e000000010000000800000000c0032f2df8d6011d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3610b000000010000001200000056006500720069005300690067006e0000001400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331336200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df09000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703017f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c9040000000100000010000000cb17e431673ee209fe455793f30afa1c2000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B52063CECFFAFA24B57993B8EFE7FB1E4D6D56BC\Blob = 4b0000000100000044000000300032003600410038003600410031003600310044003200350036004400420042003300330030003700360045004400460032003000430030004500350045005f000000030000000100000014000000b52063cecffafa24b57993b8efe7fb1e4d6d56bc140000000100000014000000ce894f8251aa15a28462ca312361d261fbf8fe78040000000100000010000000e628b7d39b49e3f1425ed199cd3166ad0f0000000100000040000000f3a88b3af739b6d92e4eb0b0971747a7b742ecbd82a83f9c7706776a3dc8ece0176b32b1225cab1287b84b3598af5eafdff55d86c288af4168d3fae76d286e9919000000010000001000000061d57caba7f7612872245a738ee7d15e5c000000010000000400000000100000180000000100000010000000188a164a11caa2378c0bcdec471f2673200000000100000087060000308206833082046ba003020102021035afb77b9d341f6afc8f8446ab31352b300d06092a864886f70d01010d05003069310b300906035504061302555331163014060355040a0c0d456e74727573742c20496e632e3142304006035504030c39456e747275737420436f6465205369676e696e6720526f6f742043657274696669636174696f6e20417574686f72697479202d204353425231301e170d3231303530373139313935325a170d3430313232393233353930305a3063310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e313c303a06035504031333456e747275737420457874656e6465642056616c69646174696f6e20436f6465205369676e696e67204341202d20455643533230820222300d06092a864886f70d01010105000382020f003082020a0282020100bebda739c9a57dec5d65f1f42ba987d0e7ad1ac51a3b18cee1a1518d72face581f5cb824420f46d53197d04a4de39b30c9ba97a89cfe4536cf2780e77bb86ec124b7dfa774dc85f2a3245845cc94943b02ebc48d7c46f55c6682e3a4c1d31fac6e0c53230ed43afada42f183545f353256f2b5789b5700481ea96161270e730343b6d67092fbd4859a30c6b3e69a5e4bef1d2ad866ab1646ff0bd80fa6894a025157413c41384e97c751326d678e66a15e4d9f3522afd56ab77f405f6835cc69faf105f0ea85a6ea3285cbc1c1ca8369454906dc096cba4965198cf9b737278c649e35e3e5ece707a09da872bc6f853a2ca6164e3d9ccf08e682f5447d28c0bd89ad6c2fdc2f787911d71c704bdd9d084c5e2efa8dbda7dd63f67ff05231846e3ad8d95c85449e630669d0865878899b87bb581ca4286cc6fe690a9c1eac11606a5ec969652eed432d69f178b73b2d35f2aa4fe21fe3016f9046aad5a80d0457a0b4ace36dbd9d1b28802746c7daaa6795f1d1877bc7c825e9840c8f8936d2be33e185c033d5a03c198baf38f2e59380bfc6c3ab7b93c43d9db9ee4576c0d4686f305e3cb436f9d74542e0120680dba521fce7057a288db48e607bf7c8b54a47ac146697a05a697231576b5384cd61ba730715703b7b01fca73f8c2d3d878cfb08d7e52f17837e82ab4f09f229e17e55776594051d59d40add937ee3145de2bb0203010001a382012b3082012730120603551d130101ff040830060101ff020100301d0603551d0e04160414ce894f8251aa15a28462ca312361d261fbf8fe78301f0603551d2304183016801482bad63d97ce9fcf71e89237affdb3b5693557cf303306082b0601050507010104273025302306082b060105050730018617687474703a2f2f6f6373702e656e74727573742e6e657430310603551d1f042a30283026a024a0228620687474703a2f2f63726c2e656e74727573742e6e65742f63736272312e63726c300e0603551d0f0101ff04040302018630130603551d25040c300a06082b0601050507030330440603551d20043d303b30300604551d20003028302606082b06010505070201161a687474703a2f2f7777772e656e74727573742e6e65742f7270613007060567810c0103300d06092a864886f70d01010d050003820201003e0054b82af38f66af6116c4589364f4418b64558d1b3533a19b91d8ab46caab5fbcbe7e70e4d2d707a89607d786d1570a08d0d0784df82adfb204f39ae1d77cf0c1007ac140a1df8a8cb7cbb41d0161f2989aa6ddb88305caa92c16dc9c2d0efea797e450a99795c14b2a8c51e3c402e06b7c354d53bc4b94138b5318165ea60aa7b834c16cb1eb2ce4317d0c2cc67ce1a456e82d76d5b21375ea8300ae0077c66fa93dee6314815016fc5b4f12190e5b0f8dea4bce064c894bae20cc8e47a675d665ee2f30e85d348f1f824d5c42a6f2144c50209c09a274245c39d88932853caf8ce56a9ee6043aa513ffaa1dcd474b2e0205b46a8feb854f81ef0adb7d9f298fa5c23f52385241953bbc3e5b543042230963de508d893545faabb80f8fa2ad7b7a1193f18f28847b6879476ae864294d1ff41d2f6d1ec894863cd35a997a6b7cab35f72b394b4fb93f1692ef298c8dabac011acc714439cb403e2012ce0870e347fedc80d70800d10b6aea21b5796617e96aaa56ddcd1578b103c014ad3e471875ed0a534b3293cdff80b190d613e5e4417822ed4182e50edfb0ce952145e68b01d319f7f42b55acd956736310e0b8a06dcb549698a099215106aaa60c3a2b63cb79da43b9d212ccde8f557ae909f3e29ad325c17b3692dae0e55267cde3e6540aa59dd473a3d32f5d06648503777f60d8c2bc74c9959168b7b77e611975 | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 5c000000010000000400000000080000190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd940400000001000000100000004be2c99196650cf40e5a9392a00afeb22000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf5140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa20f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e1900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B337B8FDB56ECB58BF5DBCF8C22C320107535A02 | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD\Blob = 0300000001000000140000001c58a3a8518e8759bf075b76b750d4f2df264fcd2000000001000000c2040000308204be308203a6a003020102021006d8d904d5584346f68a2fa754227ec4300d06092a864886f70d01010b05003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3231303431343030303030305a170d3331303431333233353935395a304f310b300906035504061302555331153013060355040a130c446967694365727420496e633129302706035504031320446967694365727420544c53205253412053484132353620323032302043413130820122300d06092a864886f70d01010105000382010f003082010a0282010100c14bb3654770bcdd4f58dbec9cedc366e51f311354ad4a66461f2c0aec6407e52edcdcb90a20eddfe3c4d09e9aa97a1d8288e51156db1e9f58c251e72c340d2ed292e156cbf1795fb3bb87ca25037b9a52416610604f571349f0e8376783dfe7d34b674c2251a6df0e9910ed57517426e27dc7ca622e131b7f238825536fc13458008b84fff8bea75849227b96ada2889b15bca07cdfe951a8d5b0ed37e236b4824b62b5499aecc767d6e33ef5e3d6125e44f1bf71427d58840380b18101faf9ca32bbb48e278727c52b74d4a8d697dec364f9cace53a256bc78178e490329aefb494fa415b9cef25c19576d6b79a72ba2272013b5d03d40d321300793ea99f50203010001a38201823082017e30120603551d130101ff040830060101ff020100301d0603551d0e04160414b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304006082b060105050730028634687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63727430420603551d1f043b30393037a035a0338631687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63726c303d0603551d2004363034300b06096086480186fd6c02013007060567810c01013008060667810c0102013008060667810c0102023008060667810c010203300d06092a864886f70d01010b050003820101008032ce5e0bdd6e5a0d0aafe1d684cbc08efa8570edda5db30cf72b7540fe850afaf33178b7704b1a8958ba80bdf36b1de97ecf0bba589c59d490d3fd6cfdd0986db771825bcf6d0b5a09d07bdec443d82aa4de9e41265fbb8f99cbddaee1a86f9f87fe74b71f1b20abb14fc6f5675d5d9b3ce9ff69f7616cd6d9f3fd36c6ab038876d24b2e7586e3fcd8557d26c21177df3e02b67cf3ab7b7a86366fb8f7d89371cf86df7330fa7babed2a59c842843b11171a52f3c90e147da25b7267ba71ed574766c5b8024a65345e8bd02a3c209c51994ce7529ef76b112b0d927e1de88aeb36164387ea2a63bf753febdec403bb0a3cf730efebaf4cfc8b3610733ef3a4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186820000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B52063CECFFAFA24B57993B8EFE7FB1E4D6D56BC\Blob = 4b0000000100000044000000300032003600410038003600410031003600310044003200350036004400420042003300330030003700360045004400460032003000430030004500350045005f000000180000000100000010000000188a164a11caa2378c0bcdec471f26735c00000001000000040000000010000019000000010000001000000061d57caba7f7612872245a738ee7d15e0f0000000100000040000000f3a88b3af739b6d92e4eb0b0971747a7b742ecbd82a83f9c7706776a3dc8ece0176b32b1225cab1287b84b3598af5eafdff55d86c288af4168d3fae76d286e99040000000100000010000000e628b7d39b49e3f1425ed199cd3166ad140000000100000014000000ce894f8251aa15a28462ca312361d261fbf8fe78030000000100000014000000b52063cecffafa24b57993b8efe7fb1e4d6d56bc200000000100000087060000308206833082046ba003020102021035afb77b9d341f6afc8f8446ab31352b300d06092a864886f70d01010d05003069310b300906035504061302555331163014060355040a0c0d456e74727573742c20496e632e3142304006035504030c39456e747275737420436f6465205369676e696e6720526f6f742043657274696669636174696f6e20417574686f72697479202d204353425231301e170d3231303530373139313935325a170d3430313232393233353930305a3063310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e313c303a06035504031333456e747275737420457874656e6465642056616c69646174696f6e20436f6465205369676e696e67204341202d20455643533230820222300d06092a864886f70d01010105000382020f003082020a0282020100bebda739c9a57dec5d65f1f42ba987d0e7ad1ac51a3b18cee1a1518d72face581f5cb824420f46d53197d04a4de39b30c9ba97a89cfe4536cf2780e77bb86ec124b7dfa774dc85f2a3245845cc94943b02ebc48d7c46f55c6682e3a4c1d31fac6e0c53230ed43afada42f183545f353256f2b5789b5700481ea96161270e730343b6d67092fbd4859a30c6b3e69a5e4bef1d2ad866ab1646ff0bd80fa6894a025157413c41384e97c751326d678e66a15e4d9f3522afd56ab77f405f6835cc69faf105f0ea85a6ea3285cbc1c1ca8369454906dc096cba4965198cf9b737278c649e35e3e5ece707a09da872bc6f853a2ca6164e3d9ccf08e682f5447d28c0bd89ad6c2fdc2f787911d71c704bdd9d084c5e2efa8dbda7dd63f67ff05231846e3ad8d95c85449e630669d0865878899b87bb581ca4286cc6fe690a9c1eac11606a5ec969652eed432d69f178b73b2d35f2aa4fe21fe3016f9046aad5a80d0457a0b4ace36dbd9d1b28802746c7daaa6795f1d1877bc7c825e9840c8f8936d2be33e185c033d5a03c198baf38f2e59380bfc6c3ab7b93c43d9db9ee4576c0d4686f305e3cb436f9d74542e0120680dba521fce7057a288db48e607bf7c8b54a47ac146697a05a697231576b5384cd61ba730715703b7b01fca73f8c2d3d878cfb08d7e52f17837e82ab4f09f229e17e55776594051d59d40add937ee3145de2bb0203010001a382012b3082012730120603551d130101ff040830060101ff020100301d0603551d0e04160414ce894f8251aa15a28462ca312361d261fbf8fe78301f0603551d2304183016801482bad63d97ce9fcf71e89237affdb3b5693557cf303306082b0601050507010104273025302306082b060105050730018617687474703a2f2f6f6373702e656e74727573742e6e657430310603551d1f042a30283026a024a0228620687474703a2f2f63726c2e656e74727573742e6e65742f63736272312e63726c300e0603551d0f0101ff04040302018630130603551d25040c300a06082b0601050507030330440603551d20043d303b30300604551d20003028302606082b06010505070201161a687474703a2f2f7777772e656e74727573742e6e65742f7270613007060567810c0103300d06092a864886f70d01010d050003820201003e0054b82af38f66af6116c4589364f4418b64558d1b3533a19b91d8ab46caab5fbcbe7e70e4d2d707a89607d786d1570a08d0d0784df82adfb204f39ae1d77cf0c1007ac140a1df8a8cb7cbb41d0161f2989aa6ddb88305caa92c16dc9c2d0efea797e450a99795c14b2a8c51e3c402e06b7c354d53bc4b94138b5318165ea60aa7b834c16cb1eb2ce4317d0c2cc67ce1a456e82d76d5b21375ea8300ae0077c66fa93dee6314815016fc5b4f12190e5b0f8dea4bce064c894bae20cc8e47a675d665ee2f30e85d348f1f824d5c42a6f2144c50209c09a274245c39d88932853caf8ce56a9ee6043aa513ffaa1dcd474b2e0205b46a8feb854f81ef0adb7d9f298fa5c23f52385241953bbc3e5b543042230963de508d893545faabb80f8fa2ad7b7a1193f18f28847b6879476ae864294d1ff41d2f6d1ec894863cd35a997a6b7cab35f72b394b4fb93f1692ef298c8dabac011acc714439cb403e2012ce0870e347fedc80d70800d10b6aea21b5796617e96aaa56ddcd1578b103c014ad3e471875ed0a534b3293cdff80b190d613e5e4417822ed4182e50edfb0ce952145e68b01d319f7f42b55acd956736310e0b8a06dcb549698a099215106aaa60c3a2b63cb79da43b9d212ccde8f557ae909f3e29ad325c17b3692dae0e55267cde3e6540aa59dd473a3d32f5d06648503777f60d8c2bc74c9959168b7b77e611975 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d46240f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a190000000100000010000000fd960962ac6938e0d4b0769aa1a64e262000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B52063CECFFAFA24B57993B8EFE7FB1E4D6D56BC\Blob = 030000000100000014000000b52063cecffafa24b57993b8efe7fb1e4d6d56bc140000000100000014000000ce894f8251aa15a28462ca312361d261fbf8fe78040000000100000010000000e628b7d39b49e3f1425ed199cd3166ad0f0000000100000040000000f3a88b3af739b6d92e4eb0b0971747a7b742ecbd82a83f9c7706776a3dc8ece0176b32b1225cab1287b84b3598af5eafdff55d86c288af4168d3fae76d286e9919000000010000001000000061d57caba7f7612872245a738ee7d15e5c000000010000000400000000100000180000000100000010000000188a164a11caa2378c0bcdec471f2673200000000100000087060000308206833082046ba003020102021035afb77b9d341f6afc8f8446ab31352b300d06092a864886f70d01010d05003069310b300906035504061302555331163014060355040a0c0d456e74727573742c20496e632e3142304006035504030c39456e747275737420436f6465205369676e696e6720526f6f742043657274696669636174696f6e20417574686f72697479202d204353425231301e170d3231303530373139313935325a170d3430313232393233353930305a3063310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e313c303a06035504031333456e747275737420457874656e6465642056616c69646174696f6e20436f6465205369676e696e67204341202d20455643533230820222300d06092a864886f70d01010105000382020f003082020a0282020100bebda739c9a57dec5d65f1f42ba987d0e7ad1ac51a3b18cee1a1518d72face581f5cb824420f46d53197d04a4de39b30c9ba97a89cfe4536cf2780e77bb86ec124b7dfa774dc85f2a3245845cc94943b02ebc48d7c46f55c6682e3a4c1d31fac6e0c53230ed43afada42f183545f353256f2b5789b5700481ea96161270e730343b6d67092fbd4859a30c6b3e69a5e4bef1d2ad866ab1646ff0bd80fa6894a025157413c41384e97c751326d678e66a15e4d9f3522afd56ab77f405f6835cc69faf105f0ea85a6ea3285cbc1c1ca8369454906dc096cba4965198cf9b737278c649e35e3e5ece707a09da872bc6f853a2ca6164e3d9ccf08e682f5447d28c0bd89ad6c2fdc2f787911d71c704bdd9d084c5e2efa8dbda7dd63f67ff05231846e3ad8d95c85449e630669d0865878899b87bb581ca4286cc6fe690a9c1eac11606a5ec969652eed432d69f178b73b2d35f2aa4fe21fe3016f9046aad5a80d0457a0b4ace36dbd9d1b28802746c7daaa6795f1d1877bc7c825e9840c8f8936d2be33e185c033d5a03c198baf38f2e59380bfc6c3ab7b93c43d9db9ee4576c0d4686f305e3cb436f9d74542e0120680dba521fce7057a288db48e607bf7c8b54a47ac146697a05a697231576b5384cd61ba730715703b7b01fca73f8c2d3d878cfb08d7e52f17837e82ab4f09f229e17e55776594051d59d40add937ee3145de2bb0203010001a382012b3082012730120603551d130101ff040830060101ff020100301d0603551d0e04160414ce894f8251aa15a28462ca312361d261fbf8fe78301f0603551d2304183016801482bad63d97ce9fcf71e89237affdb3b5693557cf303306082b0601050507010104273025302306082b060105050730018617687474703a2f2f6f6373702e656e74727573742e6e657430310603551d1f042a30283026a024a0228620687474703a2f2f63726c2e656e74727573742e6e65742f63736272312e63726c300e0603551d0f0101ff04040302018630130603551d25040c300a06082b0601050507030330440603551d20043d303b30300604551d20003028302606082b06010505070201161a687474703a2f2f7777772e656e74727573742e6e65742f7270613007060567810c0103300d06092a864886f70d01010d050003820201003e0054b82af38f66af6116c4589364f4418b64558d1b3533a19b91d8ab46caab5fbcbe7e70e4d2d707a89607d786d1570a08d0d0784df82adfb204f39ae1d77cf0c1007ac140a1df8a8cb7cbb41d0161f2989aa6ddb88305caa92c16dc9c2d0efea797e450a99795c14b2a8c51e3c402e06b7c354d53bc4b94138b5318165ea60aa7b834c16cb1eb2ce4317d0c2cc67ce1a456e82d76d5b21375ea8300ae0077c66fa93dee6314815016fc5b4f12190e5b0f8dea4bce064c894bae20cc8e47a675d665ee2f30e85d348f1f824d5c42a6f2144c50209c09a274245c39d88932853caf8ce56a9ee6043aa513ffaa1dcd474b2e0205b46a8feb854f81ef0adb7d9f298fa5c23f52385241953bbc3e5b543042230963de508d893545faabb80f8fa2ad7b7a1193f18f28847b6879476ae864294d1ff41d2f6d1ec894863cd35a997a6b7cab35f72b394b4fb93f1692ef298c8dabac011acc714439cb403e2012ce0870e347fedc80d70800d10b6aea21b5796617e96aaa56ddcd1578b103c014ad3e471875ed0a534b3293cdff80b190d613e5e4417822ed4182e50edfb0ce952145e68b01d319f7f42b55acd956736310e0b8a06dcb549698a099215106aaa60c3a2b63cb79da43b9d212ccde8f557ae909f3e29ad325c17b3692dae0e55267cde3e6540aa59dd473a3d32f5d06648503777f60d8c2bc74c9959168b7b77e611975 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B337B8FDB56ECB58BF5DBCF8C22C320107535A02\Blob = 030000000100000014000000b337b8fdb56ecb58bf5dbcf8c22c320107535a0214000000010000001400000082bad63d97ce9fcf71e89237affdb3b5693557cf0400000001000000100000008f1d7cc99d782d0ec80c02a6577d4c650f0000000100000020000000f89f7ea86830083d285a316e68f23fe53b4d3031237987231ae889f6792e6d04190000000100000010000000188a164a11caa2378c0bcdec471f26735c000000010000000400000000100000180000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000e3050000308205df308204c7a00302010202104e40e43754ede68c0000000051d3947f300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3231303530373135343334355a170d3330313130373136313334355a3069310b300906035504061302555331163014060355040a0c0d456e74727573742c20496e632e3142304006035504030c39456e747275737420436f6465205369676e696e6720526f6f742043657274696669636174696f6e20417574686f72697479202d20435342523130820222300d06092a864886f70d01010105000382020f003082020a0282020100a7818ff71445b66243f2d8aed3255e484f51bfc57d9f501c35d1d67e612a94196d2746a4a61a5df754516a8022c6a866754d5483c95e681babf65b64b0adad20bd54ef466b6d02e745ae75f68e8ab9322e8bb8771c524d79885fa53a18c9502c97272dbfda007d637fef32ec468763db9a9fc35a21367bf99bd5caa06e722cfce1f19e704d0856156f90abfb48bab9d7c1827885652e7fb5c9c0e214b737114106e28ae0a8f6e57eb6780501c360ed4f07412e0a1349e3909b7fddbdfaacbf6451d15c9bb4f55ce75cff3b9ba5a01ad77d09b2c2b7ff6e1cbcc87de6e92bfc72b314e94a5512849c4425751df62af04fa5203d6825eb61977c0fe5b63df3aec3c111bc1b8ecce047305e42008671e358ac06ca651f7b94a64b57670c7e5ead78675b55e35eebc7d8ec4c6e86cbf3dcf89f87aa7258120f7da6f8f842393b3c2ce4324d498ce0e100c238a09cfa843e41dc6e56aec61a5bf467680501cd1bbfae87bc9d53f62ee8b66be499dec54f8758a8d2651ec81fd5726eee591c573b09729dd7cab790c6cd7b45929142034c7d3fcaf2aab8c20e86f3109f462ea46686685a68187029381180606b8a43a3736ce3b36b37ffe69d67019286df2f48d1fb5060d55cfe21d3014263feef70b417c08fa8eed3c14b5f12eafdfd2e0e874460e3a9f4c218a3e3fdce0c84220df3a778da93f3db38cfb92f33c6ff073c5ebe45d30203010001a382012b30820127300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff020101301d0603551d250416301406082b0601050507030306082b06010505070308303b0603551d200434303230300604551d20003028302606082b06010505070201161a687474703a2f2f7777772e656e74727573742e6e65742f727061303306082b0601050507010104273025302306082b060105050730018617687474703a2f2f6f6373702e656e74727573742e6e657430300603551d1f042930273025a023a021861f687474703a2f2f63726c2e656e74727573742e6e65742f673263612e63726c301d0603551d0e0416041482bad63d97ce9fcf71e89237affdb3b5693557cf301f0603551d230418301680146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b050003820101001f5e4104b6837024532c55731d653ac0ecb47b04985e59381309a45994425e50bf4f6c6e2520909358400df519b462ee245ec2015815021d10096fa8d4fb927e37383e2f147d8f1d433664b366135f14cca571f75b214bc697bedc95fc707d111cd321ddd0243929c5fe0a1aa5cf7b79ee3a6fdedcbfe911dd168308d32c8d7f4da814792f05615238eb60f314687dcbb28aadc0945ce4260e2c8add46c3cee45651c556e385b84d9b45728b07f18afb49b85fd1f296815d695224f10823d2d6230feb8bd77e8bc1936bfaf1627b58e9509b976e17880de1c64398d78161b6859d47ecb19eae3f203b439dd8a21ce0d47c08c2af7606f862667ab6f7fac8af35 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B52063CECFFAFA24B57993B8EFE7FB1E4D6D56BC | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C\Blob = 0300000001000000140000002ad974a775f73cbdbbd8f5ac3a49255fa8fb1f8c2000000001000000620400003082045e30820346a0030201020213077312380b9d6688a33b1ed9bf9ccda68e0e0f300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3232303832333232323132385a170d3330303832333232323132385a303c310b3009060355040613025553310f300d060355040a1306416d617a6f6e311c301a06035504031313416d617a6f6e205253412032303438204d303130820122300d06092a864886f70d01010105000382010f003082010a0282010100eb712ca9cb1f8828923230af8a570f78b73725955587ac675c97d322c8daa214676b7cf067dae2032ab356125dc6b547f96708a7937a9592180fb4f9f910369a7f2f80b64fba134ec75d531ee0dd96330720d396bc12e4745042a1051373b54f9b4424fe2d7fedbc2285ec362133977506ce271882dce3d9c582078d5e26012626671fd93f13cf32ba6bad7864fcaaff0e023c07df9c0578728cfdea75b7032884dae86e078cd05085ef8154b2716eec6d62ef8f94c35ee9c4a4d091c02e249198caeeba258ed4f671b6fb5b6b38064837478d86dcf2ea06fb76377d9eff424e4d588293cfe271c278b17aab4b5b94378881e4d9af24aef872c565fb4bb451e70203010001a382015a3082015630120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d0e0416041481b80e638a891218e5fa3b3b50959fe6e5901385301f0603551d230418301680148418cc8534ecbc0c94942e08599cc7b2104e0a08307b06082b06010505070101046f306d302f06082b060105050730018623687474703a2f2f6f6373702e726f6f746361312e616d617a6f6e74727573742e636f6d303a06082b06010505073002862e687474703a2f2f6372742e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e636572303f0603551d1f043830363034a032a030862e687474703a2f2f63726c2e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e63726c30130603551d20040c300a3008060667810c010201300d06092a864886f70d01010b05000382010100ad00de0205232e063262b46bb19416e41140de2bfa59c135efe0aa8f2b41b9d1f38739001df23db5a7470c0606c691f3075702d4edbd17c1909abf4875a2074f30dd4a6a42b50d3d15c00ffe845bc63c99cc5752b1d86e12d59692934b94e507e88982086a7a34d49e64e13d876a92909a63a14bf88fb6ea34d305be20c2de06e28c9f738b9f4d3985cace19369d85c99ec9f8503fb67e88a1efca84068b50b40a5ca61c44f1fdc8614060f26125aa07f4c7c27375e40c0b428d04e55f4448995b7b898196a7889d4b0d62e804c4d7feb4e8b26dcaecc01cbc385b1ddf85ce5b7ae3494b6cb9a7ddf405b249ade1c5146bc2ccebcd7fd65869bac3207e7fb0b8 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D772DA0874059418FCDAACE3F4FF2AC964A852FF | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B52063CECFFAFA24B57993B8EFE7FB1E4D6D56BC | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B337B8FDB56ECB58BF5DBCF8C22C320107535A02 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\B337B8FDB56ECB58BF5DBCF8C22C320107535A02\Blob = 4b0000000100000044000000410033003700420038004200410038003000300030003400440033003200360036004300420034004400390033004200320030003500320044004300310030005f000000180000000100000010000000fa46ce7cbb85cfb4310075313a09ee055c000000010000000400000000100000190000000100000010000000188a164a11caa2378c0bcdec471f26730f0000000100000020000000f89f7ea86830083d285a316e68f23fe53b4d3031237987231ae889f6792e6d040400000001000000100000008f1d7cc99d782d0ec80c02a6577d4c6514000000010000001400000082bad63d97ce9fcf71e89237affdb3b5693557cf030000000100000014000000b337b8fdb56ecb58bf5dbcf8c22c320107535a022000000001000000e3050000308205df308204c7a00302010202104e40e43754ede68c0000000051d3947f300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3231303530373135343334355a170d3330313130373136313334355a3069310b300906035504061302555331163014060355040a0c0d456e74727573742c20496e632e3142304006035504030c39456e747275737420436f6465205369676e696e6720526f6f742043657274696669636174696f6e20417574686f72697479202d20435342523130820222300d06092a864886f70d01010105000382020f003082020a0282020100a7818ff71445b66243f2d8aed3255e484f51bfc57d9f501c35d1d67e612a94196d2746a4a61a5df754516a8022c6a866754d5483c95e681babf65b64b0adad20bd54ef466b6d02e745ae75f68e8ab9322e8bb8771c524d79885fa53a18c9502c97272dbfda007d637fef32ec468763db9a9fc35a21367bf99bd5caa06e722cfce1f19e704d0856156f90abfb48bab9d7c1827885652e7fb5c9c0e214b737114106e28ae0a8f6e57eb6780501c360ed4f07412e0a1349e3909b7fddbdfaacbf6451d15c9bb4f55ce75cff3b9ba5a01ad77d09b2c2b7ff6e1cbcc87de6e92bfc72b314e94a5512849c4425751df62af04fa5203d6825eb61977c0fe5b63df3aec3c111bc1b8ecce047305e42008671e358ac06ca651f7b94a64b57670c7e5ead78675b55e35eebc7d8ec4c6e86cbf3dcf89f87aa7258120f7da6f8f842393b3c2ce4324d498ce0e100c238a09cfa843e41dc6e56aec61a5bf467680501cd1bbfae87bc9d53f62ee8b66be499dec54f8758a8d2651ec81fd5726eee591c573b09729dd7cab790c6cd7b45929142034c7d3fcaf2aab8c20e86f3109f462ea46686685a68187029381180606b8a43a3736ce3b36b37ffe69d67019286df2f48d1fb5060d55cfe21d3014263feef70b417c08fa8eed3c14b5f12eafdfd2e0e874460e3a9f4c218a3e3fdce0c84220df3a778da93f3db38cfb92f33c6ff073c5ebe45d30203010001a382012b30820127300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff020101301d0603551d250416301406082b0601050507030306082b06010505070308303b0603551d200434303230300604551d20003028302606082b06010505070201161a687474703a2f2f7777772e656e74727573742e6e65742f727061303306082b0601050507010104273025302306082b060105050730018617687474703a2f2f6f6373702e656e74727573742e6e657430300603551d1f042930273025a023a021861f687474703a2f2f63726c2e656e74727573742e6e65742f673263612e63726c301d0603551d0e0416041482bad63d97ce9fcf71e89237affdb3b5693557cf301f0603551d230418301680146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b050003820101001f5e4104b6837024532c55731d653ac0ecb47b04985e59381309a45994425e50bf4f6c6e2520909358400df519b462ee245ec2015815021d10096fa8d4fb927e37383e2f147d8f1d433664b366135f14cca571f75b214bc697bedc95fc707d111cd321ddd0243929c5fe0a1aa5cf7b79ee3a6fdedcbfe911dd168308d32c8d7f4da814792f05615238eb60f314687dcbb28aadc0945ce4260e2c8add46c3cee45651c556e385b84d9b45728b07f18afb49b85fd1f296815d695224f10823d2d6230feb8bd77e8bc1936bfaf1627b58e9509b976e17880de1c64398d78161b6859d47ecb19eae3f203b439dd8a21ce0d47c08c2af7606f862667ab6f7fac8af35 | C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 5c000000010000000400000000080000190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e76200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb65809000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e650040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Runs net.exe
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\gs-auto-clicker.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\AutoClicker-3.0.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\image_2024-10-25_224430092.png
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff99d1fcc40,0x7ff99d1fcc4c,0x7ff99d1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2392 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3724,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4696,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4688 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4816 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4968 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5108,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5116 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5024,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5088,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff66d744698,0x7ff66d7446a4,0x7ff66d7446b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5296,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4904,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3396,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3500,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5384 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5168,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4448 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3192,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5424,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6016,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6004 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6008,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6332,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5224,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5996 /prefetch:8
C:\Users\Admin\Downloads\gs-auto-clicker.exe
"C:\Users\Admin\Downloads\gs-auto-clicker.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=4908,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6852,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4940,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6792 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7148,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4036,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3404,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=3320,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6492,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6172,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6132 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6568,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6588,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7312,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7464,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6760,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7744,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7772 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7768,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7884 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8060,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7748 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8036,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7608,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8296 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8464,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8592,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8616,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7976,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6320,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=7960,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7664 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7980,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7952 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8000,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=7944,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8120 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8084,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7956 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8908,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9168,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=6432,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=6436,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=5984,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8416 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6032,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=8200,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4488 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=5740,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=8004,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=7232,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=7252,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=6632,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7752 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=8792,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7984,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=8736,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=7932,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7348 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=4708,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=6940,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7452 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=8492,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=8432,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7824 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=8088,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=8872,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=6768,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9288 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=6804,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=5148,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=9824,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=9988,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9952 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=8804,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=9816,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7404 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=5412,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9940 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=9872,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=4816,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7016,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7360 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=9312,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=8268,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=8256,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=6124,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=6612,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=9284,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6832 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=6120,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8296,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7292,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7792,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10068 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7388,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=9968,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7644 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=10064,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=6468,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8300 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=8336,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=9972,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=6152,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7664 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=7472,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9844 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=6292,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7236 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9608,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6608 /prefetch:8
C:\Users\Admin\Downloads\GSAutoClicker.exe
"C:\Users\Admin\Downloads\GSAutoClicker.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=8320,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=6084,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=7620,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8248,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9140 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8072,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=7636,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7072,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6364 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=8424,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8328 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6928,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7900 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6784,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8148 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6780,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6820 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=9040,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=1104,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5672,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=8324,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=9132,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=8160,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=7092,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=7900,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6364 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=7160,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=7560,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=3568,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7112 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=8716,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=7928,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7040 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=7708,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7516 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=6456,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3448,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3360 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4380,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6060 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7756,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9148 /prefetch:8
C:\Users\Admin\Downloads\AutoClicker-3.0.exe
"C:\Users\Admin\Downloads\AutoClicker-3.0.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=9148,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8272 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --field-trial-handle=9820,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9424,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --field-trial-handle=8292,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=6080,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=9852,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6504 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7336,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9924 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000148" "Service-0x0-3e7$\Default" "0000000000000158" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Users\Admin\Downloads\MB-SupportTool.exe
"C:\Users\Admin\Downloads\MB-SupportTool.exe"
C:\Users\Admin\AppData\Local\Temp\7zSF83.tmp\mbstub.exe
.\mbstub.exe
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=9924,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9616 /prefetch:1
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe
"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
C:\Users\Admin\AppData\LocalLow\IGDump\X86_03\ig.exe
ig.exe timer 4000 17298894973.ext
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --field-trial-handle=3172,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3432 /prefetch:1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_05\ig.exe
ig.exe timer 4000 17298894985.ext
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --field-trial-handle=10088,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --field-trial-handle=6844,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --field-trial-handle=6464,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --field-trial-handle=9452,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7436 /prefetch:1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_01\ig.exe
ig.exe timer 4000 17298895491.ext
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --field-trial-handle=9080,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8596 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --field-trial-handle=4876,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --field-trial-handle=7552,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --field-trial-handle=9600,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --field-trial-handle=8016,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --field-trial-handle=9892,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7500 /prefetch:1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_02\ig.exe
ig.exe timer 4000 17298895762.ext
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7776,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9888 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7228,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8876 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6964,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9152 /prefetch:8
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
"C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-D7K2G.tmp\Driver_Updater_setup.tmp" /SL5="$110060,5854474,811008,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --field-trial-handle=5096,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --field-trial-handle=6836,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8404 /prefetch:1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17298896040.ext
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /INSTALL
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17298896040.ext
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Schedule" /F
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Monitoring" /F
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /START /INSTALLED
C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe"
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /TRAY
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8312,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9016 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\DikTok -The Gay Social Network_1.0.0_APKPure (1).apk"
C:\Users\Admin\AppData\Local\Temp\WcInstaller.exe
WcInstaller.exe --silent --partner=PL210515
C:\Users\Admin\AppData\Local\Temp\7zSC071B5C0\WebCompanionInstaller.exe
.\WebCompanionInstaller.exe --partner=PL210515 --version=9.1.0.1207 --silent --partner=PL210515
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
"C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-GD96O.tmp\Driver_Updater_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-GD96O.tmp\Driver_Updater_setup.tmp" /SL5="$303F4,5854474,811008,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Windows\SysWOW64\sc.exe
"sc.exe" Create "WCAssistantService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto
C:\Windows\SysWOW64\sc.exe
"sc.exe" failure WCAssistantService reset= 30 actions= restart/60000
C:\Windows\SysWOW64\sc.exe
"sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"
C:\Windows\system32\RunDLL32.Exe
"C:\Windows\sysnative\RunDLL32.Exe" syssetup,SetupInfObjectInstallAction BootInstall 128 C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bddci.inf
C:\Windows\system32\runonce.exe
"C:\Windows\system32\runonce.exe" -r
C:\Windows\System32\grpconv.exe
"C:\Windows\System32\grpconv.exe" -o
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\net.exe
"C:\Windows\sysnative\net.exe" start bddci
C:\Windows\SysWOW64\sc.exe
"sc.exe" Create "DCIService" binPath= "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe" DisplayName= "DCIService" start= auto
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 start bddci
C:\Windows\SysWOW64\sc.exe
"sc.exe" description "DCIService" "Webprotection Bridge service"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\bridge_start.cmd"
C:\Windows\SysWOW64\sc.exe
sc start DCIService
C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
"C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Windows\SysWOW64\netsh.exe
netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --install --geo=
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17298897210.ext
C:\Users\Admin\AppData\LocalLow\IGDump\X86_01\ig.exe
ig.exe timer 4000 17298897211.ext
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --field-trial-handle=3416,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7580 /prefetch:1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17298897240.ext
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Users\Admin\AppData\LocalLow\IGDump\X86_01\ig.exe
ig.exe timer 4000 17298897451.ext
C:\Windows\system32\netsh.exe
netsh http add urlacl url=http://+:9007/ user=Everyone
C:\Users\Admin\AppData\LocalLow\IGDump\X86_02\ig.exe
ig.exe timer 4000 17298897452.ext
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --silent --afterinstall
C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\qvxvt0yy.cmdline"
C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESBFC6.tmp" "c:\Users\Admin\AppData\Local\Temp\CSCBFC5.tmp"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3792,i,561680685831339482,7142665377808398788,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/wp/index.php?partnerId=PL210515&utm_campaign=WP060220&sourceTraffic=WC&installDate=2024-10-25T20:55:21&mk=4525afa8-0fee-dbe6-8b44-ef2e5e05b939&ik=aaf10a2c-2ce1-4c41-9381-06c2a92288e5
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff99d1fcc40,0x7ff99d1fcc4c,0x7ff99d1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2044,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2036 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1896,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2096 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2308 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3724,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3764 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3732,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4780,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=4980 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4172,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5316,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5192,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5468 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5600,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5608 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5572,i,5987887086959888144,8144021819279413035,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5080 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff99d1fcc40,0x7ff99d1fcc4c,0x7ff99d1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2380,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2376 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1912,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2412 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2028,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2548 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3668,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3696,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3720 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5024,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=4220 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5164,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5376,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5368 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5468,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5476 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5464,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5624 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5564,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5748 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5672,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5600 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5436,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5720,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3728,i,5321480182388505311,11332620266144730598,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=4008 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff99d1fcc40,0x7ff99d1fcc4c,0x7ff99d1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1720,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=1648 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2012 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=2252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3644,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3664 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3668,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3704 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5020 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5172,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5344,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5340 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4268,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=4196 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4272,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5616 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5680,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5576 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4544,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=3648 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4928,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=5912 /prefetch:1
C:\Windows\system32\backgroundTaskHost.exe
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5368,i,8000578322224944692,16310710092115947200,262144 --variations-seed-version=20241025-050055.764000 --mojo-platform-channel-handle=1152 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.46:443 | apis.google.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | www.goldensoft.org | udp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 172.67.152.181:443 | www.goldensoft.org | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.152.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.majorgeeks.com | udp |
| US | 51.81.2.245:443 | www.majorgeeks.com | tcp |
| US | 51.81.2.245:443 | www.majorgeeks.com | tcp |
| US | 8.8.8.8:53 | ra.majorgeeks.com | udp |
| US | 51.81.2.245:443 | www.majorgeeks.com | tcp |
| US | 51.81.2.245:443 | www.majorgeeks.com | tcp |
| US | 51.81.2.248:443 | ra.majorgeeks.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 74.125.133.154:443 | stats.g.doubleclick.net | tcp |
| BE | 74.125.133.154:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | cdn-images.mailchimp.com | udp |
| NL | 18.239.36.85:443 | cdn-images.mailchimp.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | img.buymeacoffee.com | udp |
| US | 104.26.2.199:443 | img.buymeacoffee.com | tcp |
| US | 8.8.8.8:53 | platform-api.sharethis.com | udp |
| US | 8.8.8.8:53 | api.majorgeeks.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 51.81.2.252:443 | api.majorgeeks.com | tcp |
| NL | 18.239.94.91:443 | platform-api.sharethis.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 245.2.81.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.2.81.51.in-addr.arpa | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 154.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | buttons-config.sharethis.com | udp |
| US | 8.8.8.8:53 | l.sharethis.com | udp |
| IE | 34.249.19.122:443 | l.sharethis.com | tcp |
| IE | 34.249.19.122:443 | l.sharethis.com | tcp |
| NL | 18.239.94.123:443 | buttons-config.sharethis.com | tcp |
| US | 8.8.8.8:53 | platform-cdn.sharethis.com | udp |
| US | 8.8.8.8:53 | count-server.sharethis.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.238.243.108:443 | platform-cdn.sharethis.com | tcp |
| NL | 18.239.36.75:443 | count-server.sharethis.com | tcp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.46:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 178.36.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.2.81.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.19.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 51.81.2.248:443 | ra.majorgeeks.com | tcp |
| US | 8.8.8.8:53 | files1.majorgeeks.com | udp |
| US | 8.8.8.8:53 | 100.209.201.84.in-addr.arpa | udp |
| US | 51.81.2.249:443 | files1.majorgeeks.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 249.2.81.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | gs-auto-clicker.en.softonic.com | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | rv-assets.softonic.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| GB | 18.165.160.104:443 | sdk.privacy-center.org | tcp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.70.239.18.in-addr.arpa | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | tcp |
| GB | 18.165.160.104:443 | sdk.privacy-center.org | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| NL | 18.238.243.114:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.74.232:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | notix.io | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.74.232:443 | api.btmessage.com | tcp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| IE | 52.49.91.133:443 | id.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| GB | 13.224.81.4:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ad.360yield-basic.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| DE | 148.251.40.6:443 | shb.richaudience.com | tcp |
| DE | 148.251.40.6:443 | shb.richaudience.com | tcp |
| DE | 148.251.40.6:443 | shb.richaudience.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 18.203.184.130:443 | ap.lijit.com | tcp |
| IE | 52.31.86.79:443 | ad.360yield-basic.com | tcp |
| GB | 142.250.187.194:443 | partner.googleadservices.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | tcp |
| GB | 13.224.81.4:443 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | f03630ba05e48ebb639019f4083021b7.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| GB | 142.250.200.1:443 | f03630ba05e48ebb639019f4083021b7.safeframe.googlesyndication.com | tcp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | tcp |
| NL | 18.239.18.12:443 | tags.crwdcntrl.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.133.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| GB | 216.58.204.78:443 | ampcid.google.com | tcp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| BE | 74.125.133.154:443 | stats.g.doubleclick.net | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| IE | 34.252.59.230:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | 133.91.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.86.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.184.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.68.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.59.252.34.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 54.154.138.30:443 | ice.360yield.com | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| IE | 52.213.118.225:443 | ad.360yield.com | tcp |
| US | 151.101.129.91:443 | en.softonic.com | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.138.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.118.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 52.51.10.62:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| IE | 34.252.59.230:443 | rtb.gumgum.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 184.26.56.245:443 | ads.pubmatic.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| FR | 149.202.238.101:443 | ssbsync.smartadserver.com | tcp |
| IE | 18.203.184.130:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| IE | 52.51.10.62:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| IE | 34.252.97.142:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 3.233.182.232:443 | sync.srv.stackadapt.com | tcp |
| US | 107.20.90.72:443 | sync.ipredictive.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 50.31.142.223:443 | b1sync.zemanta.com | tcp |
| GB | 216.58.212.226:443 | cm.g.doubleclick.net | tcp |
| US | 104.18.37.193:443 | a.tribalfusion.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | 122.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.10.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.56.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | cm.g.doubleclick.net | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | dsp.nrich.ai | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| FR | 51.255.68.171:443 | dsp.nrich.ai | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| GB | 216.58.212.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 52.49.91.133:443 | sync.crwdcntrl.net | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 151.101.129.91:443 | en.softonic.com | udp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 184.25.193.73:443 | eus.rubiconproject.com | tcp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| DE | 148.251.40.153:443 | sync.richaudience.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.37.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.97.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.157.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.47.18.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.182.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.68.255.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | casale-match.dotomi.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 104.18.37.193:443 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| NL | 89.207.16.204:443 | casale-match.dotomi.com | tcp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| IE | 52.19.175.37:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | a.sportradarserving.com | udp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | tcp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | udp |
| US | 8.8.8.8:53 | 100.151.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.175.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.174.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| FR | 54.38.113.3:443 | pixel.onaudience.com | tcp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| DE | 52.28.199.252:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | dsp-ap.eskimi.com | udp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 64.158.223.137:443 | pubmatic-match.dotomi.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| US | 172.67.74.232:443 | api.btmessage.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.57.122.134.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | d73c2469eb70a56e7ae1bcca92a9ad64.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 151.101.129.91:443 | en.softonic.com | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 3.233.182.232:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 3.225.32.202:443 | api-2-0.spot.im | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| IE | 34.246.145.41:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| DE | 2.19.11.109:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| IE | 52.19.175.37:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 80.77.87.216:443 | cs.krushmedia.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.serverbid.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | aorta.clickagy.com | udp |
| US | 8.8.8.8:53 | data.adsrvr.org | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 34.228.253.61:443 | aorta.clickagy.com | tcp |
| NL | 18.239.83.123:443 | sync.serverbid.com | tcp |
| US | 54.147.159.241:443 | cs-server-s2s.yellowblue.io | tcp |
| NL | 18.239.94.92:443 | s.ad.smaato.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 27.192.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.145.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.11.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.32.225.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.253.228.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.159.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| GB | 172.217.16.230:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 8.8.8.8:53 | dsp.360yield.com | udp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| SE | 13.53.196.230:443 | d5p.de17a.com | tcp |
| IE | 108.129.27.230:443 | dsp.360yield.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | visitor-adpone.omnitagjs.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 89.149.192.74:443 | sync.smartadserver.com | tcp |
| FR | 164.132.25.185:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| NL | 188.42.191.196:443 | ads.betweendigital.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 184.26.56.27:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| NL | 89.207.16.137:443 | medianet-match.dotomi.com | tcp |
| GB | 184.25.192.27:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | ads.creative-serving.com | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| IE | 54.154.51.126:443 | pm.w55c.net | tcp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.27.129.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.196.53.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.25.132.164.in-addr.arpa | udp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| US | 8.8.8.8:53 | 196.191.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.56.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| IE | 52.50.135.204:443 | cs.yellowblue.io | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | udp |
| US | 8.8.8.8:53 | 126.51.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.241.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.adscale.de | udp |
| NL | 18.239.36.5:443 | js.adscale.de | tcp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| NL | 18.238.243.82:443 | b-code.liadm.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 936db8fea295d28b2a2c26e64e86d508.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| US | 8.8.8.8:53 | 8876029.fls.doubleclick.net | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 18.184.250.120:443 | ih.adscale.de | tcp |
| US | 8.8.8.8:53 | 12325200.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | 5.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.243.238.18.in-addr.arpa | udp |
| US | 52.6.58.171:443 | i.liadm.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 172.217.16.230:443 | 12325200.fls.doubleclick.net | udp |
| GB | 172.217.16.230:443 | 12325200.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | 171.58.6.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8proof.com | udp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| GB | 142.250.200.59:443 | storage.googleapis.com | tcp |
| IE | 54.73.19.51:443 | dpm.demdex.net | tcp |
| US | 3.165.148.118:443 | live.rezync.com | tcp |
| US | 52.6.58.171:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 52.116.53.150:443 | 8proof.com | tcp |
| US | 18.234.17.36:443 | mid.rkdms.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | 57.248.63.178.in-addr.arpa | udp |
| US | 44.213.239.81:443 | rp.liadm.com | tcp |
| US | 8.8.8.8:53 | rtd-tm.everesttech.net | udp |
| US | 151.101.194.49:443 | rtd-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | inmobi-match.dotomi.com | udp |
| NL | 63.215.202.137:443 | inmobi-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 20.33.55.12:443 | sync.inmobi.com | tcp |
| US | 8.8.8.8:53 | 118.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.19.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.17.234.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.239.213.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.53.116.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 12.55.33.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gsf-fl.softonic.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 3.233.182.232:443 | sync.srv.stackadapt.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 63.215.202.169:443 | equativ-match.dotomi.com | tcp |
| IE | 52.19.175.37:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 103.209.201.84.in-addr.arpa | udp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | e2c4.gcp.gvt2.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| JP | 34.97.161.128:443 | e2c4.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| JP | 34.97.161.128:443 | e2c4.gcp.gvt2.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 128.161.97.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 8.137.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| GB | 172.217.16.227:443 | recaptcha.net | tcp |
| GB | 172.217.16.227:443 | recaptcha.net | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.16.227:443 | recaptcha.net | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.16.238:443 | google.com | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 224.254.214.35.in-addr.arpa | udp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.opautoclicker.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | tcp |
| US | 172.67.209.15:443 | www.opautoclicker.com | udp |
| US | 8.8.8.8:53 | 15.209.67.172.in-addr.arpa | udp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 172.64.150.145:443 | sourceforge.net | tcp |
| US | 172.64.150.145:443 | sourceforge.net | tcp |
| US | 172.64.150.145:443 | sourceforge.net | udp |
| US | 8.8.8.8:53 | 145.150.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.fsdn.com | udp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 47.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| NL | 35.214.216.122:443 | csync.loopme.me | tcp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 122.216.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| NL | 35.214.151.172:443 | csync.loopme.me | tcp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| US | 172.64.150.145:443 | sourceforge.net | udp |
| GB | 172.217.16.238:443 | google.com | udp |
| NL | 35.214.137.8:443 | csync.loopme.me | tcp |
| US | 172.64.147.47:443 | a.fsdn.com | udp |
| US | 8.8.8.8:53 | d.delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | c.sf-syn.com | udp |
| NL | 195.181.172.6:443 | cdn.consentmanager.net | tcp |
| US | 104.18.33.97:443 | c.sf-syn.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 6.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.98.230.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.33.18.104.in-addr.arpa | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| NL | 35.214.166.54:443 | csync.loopme.me | tcp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 8.8.8.8:53 | analytics.slashdotmedia.com | udp |
| US | 8.8.8.8:53 | j.6sc.co | udp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| GB | 2.18.27.148:443 | j.6sc.co | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 34.117.77.79:443 | ml314.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.6sc.co | udp |
| US | 8.8.8.8:53 | ipv6.6sc.co | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 52.223.40.198:443 | data.adsrvr.org | tcp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| GB | 2.18.27.163:443 | b.6sc.co | tcp |
| IE | 54.216.81.134:443 | dpm.demdex.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| DE | 18.184.216.10:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | 9d2c07131e5e6069340b3ecfda737bee.safeframe.googlesyndication.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 142.250.200.1:443 | 9d2c07131e5e6069340b3ecfda737bee.safeframe.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 79.77.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.38.105.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.81.216.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.216.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.187.250.142.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| NL | 35.214.254.224:443 | csync.loopme.me | tcp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 8.8.8.8:53 | downloads.sourceforge.net | udp |
| US | 204.68.111.105:443 | downloads.sourceforge.net | tcp |
| US | 204.68.111.105:443 | downloads.sourceforge.net | tcp |
| US | 8.8.8.8:53 | deac-fra.dl.sourceforge.net | udp |
| DE | 37.203.33.33:443 | deac-fra.dl.sourceforge.net | tcp |
| US | 8.8.8.8:53 | 33.33.203.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | altushost-swe.dl.sourceforge.net | udp |
| SE | 79.142.76.130:443 | altushost-swe.dl.sourceforge.net | tcp |
| SE | 79.142.76.130:443 | altushost-swe.dl.sourceforge.net | tcp |
| US | 8.8.8.8:53 | 130.76.142.79.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| GB | 172.217.16.227:443 | recaptcha.net | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | 233.66.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | api.weglot.com | udp |
| US | 8.8.8.8:53 | plausible.io | udp |
| US | 8.8.8.8:53 | cdn.weglot.com | udp |
| GB | 79.127.237.132:443 | plausible.io | tcp |
| US | 172.64.149.114:443 | cdn.weglot.com | tcp |
| US | 104.18.38.142:443 | cdn.weglot.com | tcp |
| GB | 79.127.237.132:443 | plausible.io | tcp |
| US | 172.64.149.114:443 | cdn.weglot.com | tcp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 54.83.239.11:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.38.18.104.in-addr.arpa | udp |
| GB | 79.127.237.132:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.239.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 172.64.149.114:443 | cdn.weglot.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | downloads.malwarebytes.com | udp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 3.165.148.58:443 | downloads.malwarebytes.com | tcp |
| US | 3.165.148.58:443 | downloads.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | data-cdn.mbamupdates.com | udp |
| GB | 13.224.81.44:443 | data-cdn.mbamupdates.com | tcp |
| US | 8.8.8.8:53 | 58.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 34.208.20.148:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 148.20.208.34.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | 14.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 54.147.81.221:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.52:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 221.81.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.88.172.18.in-addr.arpa | udp |
| US | 54.147.81.221:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.52:443 | cdn.mwbsys.com | tcp |
| US | 54.147.81.221:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.52:443 | cdn.mwbsys.com | tcp |
| US | 54.147.81.221:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.52:443 | cdn.mwbsys.com | tcp |
| US | 54.147.81.221:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.27:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 27.88.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipv4.am.i.mullvad.net | udp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 18.209.182.66:443 | holocron.mwbsys.com | tcp |
| SE | 45.83.223.233:443 | ipv4.am.i.mullvad.net | tcp |
| US | 8.8.8.8:53 | 233.223.83.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.182.209.18.in-addr.arpa | udp |
| US | 18.209.182.66:443 | holocron.mwbsys.com | tcp |
| US | 34.195.235.15:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 172.64.149.23:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 184.25.193.234:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 54.157.85.209:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 34.192.214.254:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 209.85.157.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.27:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 254.214.192.34.in-addr.arpa | udp |
| US | 3.216.157.243:443 | ark.mwbsys.com | tcp |
| US | 3.216.157.243:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | mbst.mwbsys.com | udp |
| GB | 13.224.81.12:443 | mbst.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 243.157.216.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | downloads.malwarebytes.com | udp |
| GB | 216.137.44.5:443 | downloads.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | download.bleepingcomputer.com | udp |
| US | 104.20.184.56:443 | download.bleepingcomputer.com | tcp |
| US | 8.8.8.8:53 | 12.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.184.20.104.in-addr.arpa | udp |
| US | 34.192.214.254:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 54.68.11.14:443 | telemetry.malwarebytes.com | tcp |
| US | 54.68.11.14:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.195.26.228:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.27:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 228.26.195.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.trust-provider.com | udp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| US | 172.64.149.23:80 | ocsp.trust-provider.com | tcp |
| GB | 18.165.160.15:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 15.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.trust-provider.com | udp |
| US | 104.18.38.233:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | www.intel.com | udp |
| GB | 23.211.239.194:80 | www.intel.com | tcp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | certificates.intel.com | udp |
| DE | 2.19.11.109:80 | certificates.intel.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| DE | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 194.239.211.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.212.58.216.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| GB | 184.25.193.234:80 | www.microsoft.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | csc3-2010-crl.verisign.com | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | apkpure.com | udp |
| US | 104.22.5.119:443 | apkpure.com | tcp |
| US | 104.22.5.119:443 | apkpure.com | tcp |
| US | 8.8.8.8:53 | a.apkpure.com | udp |
| US | 8.8.8.8:53 | i.apkpure.com | udp |
| US | 104.22.5.119:443 | i.apkpure.com | tcp |
| US | 104.22.5.119:443 | i.apkpure.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.apkpure.com | udp |
| US | 8.8.8.8:53 | image.winudf.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.22.4.119:443 | static.apkpure.com | tcp |
| US | 8.8.8.8:53 | download.apkpure.com | udp |
| US | 172.67.8.127:443 | download.apkpure.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 172.67.68.182:443 | image.winudf.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.26.14.200:443 | cdnpure.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static-sg.winudf.com | udp |
| US | 104.26.14.200:443 | cdnpure.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 74.125.133.154:443 | stats.g.doubleclick.net | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | a.cdnpure.com | udp |
| US | 8.8.8.8:53 | r.cdnpure.com | udp |
| US | 8.8.8.8:53 | 127.8.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.14.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | svibeacon.onezapp.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | 210.106.226.129.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.194:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | t3.cdnpure.com | udp |
| US | 8.8.8.8:53 | tapi.apkpure.net | udp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 8.8.8.8:53 | 111.42.22.104.in-addr.arpa | udp |
| GB | 142.250.187.194:443 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 172.67.68.182:443 | static-sg.winudf.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.26.15.200:443 | t3.cdnpure.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.22.4.119:443 | download.apkpure.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.8.127:443 | download.apkpure.com | tcp |
| US | 172.67.68.182:443 | static-sg.winudf.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | 200.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.26.14.200:443 | t3.cdnpure.com | tcp |
| US | 8.8.8.8:53 | d.apkpure.com | udp |
| US | 104.26.8.22:443 | static-sg.winudf.com | tcp |
| US | 104.26.14.200:443 | t3.cdnpure.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | f2cf81a6a2b77c73310b972741209cd9.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | f2cf81a6a2b77c73310b972741209cd9.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 22.8.26.104.in-addr.arpa | udp |
| CA | 192.99.62.159:443 | d-02.winudf.com | tcp |
| US | 8.8.8.8:53 | 159.62.99.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | blitz.mb-cosmos.com | udp |
| US | 3.234.125.26:443 | blitz.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 26.125.234.3.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.1:443 | f2cf81a6a2b77c73310b972741209cd9.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | bid.g.doubleclick.net | udp |
| US | 142.250.125.120:443 | csi.gstatic.com | tcp |
| US | 142.250.125.120:443 | csi.gstatic.com | tcp |
| BE | 108.177.15.157:443 | bid.g.doubleclick.net | tcp |
| US | 104.22.4.119:443 | d.apkpure.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 142.250.178.10:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | 120.125.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.15.177.108.in-addr.arpa | udp |
| CA | 192.99.62.159:443 | d-02.winudf.com | tcp |
| US | 104.22.4.119:443 | d.apkpure.com | tcp |
| CA | 192.99.62.159:443 | d-02.winudf.com | tcp |
| US | 142.250.125.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | offers.pchelpsoft.com | udp |
| US | 172.67.22.172:443 | offers.pchelpsoft.com | tcp |
| US | 172.67.22.172:443 | offers.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | e2c54.gcp.gvt2.com | udp |
| US | 35.219.153.27:443 | e2c54.gcp.gvt2.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | 172.22.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 27.153.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.pchelpsoft.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | 10.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | partner-tracking.lavasoft.com | udp |
| US | 104.16.148.130:443 | partner-tracking.lavasoft.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 130.148.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | cdn.pchelpsoft.com | udp |
| US | 3.165.148.126:443 | cdn.pchelpsoft.com | tcp |
| US | 3.165.148.126:443 | cdn.pchelpsoft.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.148.165.3.in-addr.arpa | udp |
| US | 104.22.18.110:443 | cloud.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | 110.18.22.104.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | e2c77.gcp.gvt2.com | udp |
| IL | 34.0.72.251:443 | e2c77.gcp.gvt2.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 251.72.0.34.in-addr.arpa | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| US | 8.8.8.8:53 | offers.playanext.com | udp |
| GB | 18.165.160.27:80 | api.playanext.com | tcp |
| GB | 13.224.81.61:443 | offers.playanext.com | tcp |
| US | 8.8.8.8:53 | partner-tracking.lavasoft.com | udp |
| US | 104.16.148.130:443 | partner-tracking.lavasoft.com | tcp |
| US | 8.8.8.8:53 | drivers.avqtools.com | udp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| GB | 52.84.137.125:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| US | 104.22.19.110:443 | cloud.pchelpsoft.com | tcp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 27.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.216.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.251.203.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.137.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 18.165.160.27:80 | api.playanext.com | tcp |
| GB | 18.165.160.27:80 | api.playanext.com | tcp |
| GB | 18.165.160.27:80 | api.playanext.com | tcp |
| GB | 18.165.160.27:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | files.playanext.com | udp |
| GB | 18.165.160.81:443 | files.playanext.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | 81.160.165.18.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 110.19.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 52.88.144.64:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 64.144.88.52.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 52.88.144.64:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 34.195.235.15:443 | holocron.mwbsys.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c39.gcp.gvt2.com | udp |
| FI | 35.217.17.196:443 | e2c39.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 196.17.217.35.in-addr.arpa | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | e2c14.gcp.gvt2.com | udp |
| BE | 35.240.1.200:443 | e2c14.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 200.1.240.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| GB | 18.165.160.107:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | 107.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.19.208.152:443 | webcompanion.com | tcp |
| GB | 18.165.160.107:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.180.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | 152.208.19.104.in-addr.arpa | udp |
| GB | 18.165.160.107:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | flow.lavasoft.com | udp |
| US | 104.16.149.130:80 | flow.lavasoft.com | tcp |
| US | 8.8.8.8:53 | wc-update-service.lavasoft.com | udp |
| CA | 64.18.87.82:80 | wc-update-service.lavasoft.com | tcp |
| US | 8.8.8.8:53 | wcdownloadercdn.lavasoft.com | udp |
| US | 104.16.149.130:80 | wcdownloadercdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | 82.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rt.webcompanion.com | udp |
| US | 104.19.159.224:443 | rt.webcompanion.com | tcp |
| US | 8.8.8.8:53 | 224.159.19.104.in-addr.arpa | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | acs.lavasoft.com | udp |
| US | 104.16.149.130:443 | acs.lavasoft.com | tcp |
| US | 8.8.8.8:53 | acscdn.lavasoft.com | udp |
| US | 104.16.149.130:443 | acscdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 54.187.217.75:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 75.217.187.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 34.195.26.228:443 | sirius.mwbsys.com | tcp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| US | 104.19.159.224:80 | rt.webcompanion.com | tcp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wc-partners.lavasoft.com | udp |
| CA | 64.18.87.82:80 | wc-partners.lavasoft.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | aia.entrust.net | udp |
| US | 8.8.8.8:53 | www.lovingjoy.co.uk | udp |
| US | 104.21.67.58:443 | www.lovingjoy.co.uk | tcp |
| DE | 2.19.11.117:80 | aia.entrust.net | tcp |
| US | 104.21.67.58:443 | www.lovingjoy.co.uk | tcp |
| US | 104.21.67.58:443 | www.lovingjoy.co.uk | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 58.67.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.11.19.2.in-addr.arpa | udp |
| US | 104.16.149.130:443 | acscdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| US | 54.187.217.75:443 | api2.amplitude.com | tcp |
| US | 104.16.149.130:80 | acscdn.lavasoft.com | tcp |
| US | 8.8.8.8:53 | geo.lavasoft.com | udp |
| US | 104.16.148.130:80 | geo.lavasoft.com | tcp |
| US | 104.19.208.152:80 | rt.webcompanion.com | tcp |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| GB | 18.165.160.107:80 | api.playanext.com | tcp |
| GB | 18.165.160.107:80 | api.playanext.com | tcp |
| US | 104.18.38.233:80 | crt.sectigo.com | tcp |
| US | 104.19.159.224:80 | rt.webcompanion.com | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 104.16.149.130:443 | geo.lavasoft.com | tcp |
| US | 8.8.8.8:53 | sg-bitmask.adaware.com | udp |
| US | 104.16.212.94:443 | sg-bitmask.adaware.com | tcp |
| US | 8.8.8.8:53 | 94.212.16.104.in-addr.arpa | udp |
| CA | 64.18.87.82:80 | wc-partners.lavasoft.com | tcp |
| US | 104.19.208.152:80 | rt.webcompanion.com | tcp |
| US | 104.21.67.58:443 | www.lovingjoy.co.uk | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | c0.wp.com | udp |
| US | 8.8.8.8:53 | 2.gravatar.com | udp |
| US | 8.8.8.8:53 | 1.gravatar.com | udp |
| US | 192.0.77.2:443 | i0.wp.com | udp |
| US | 8.8.8.8:53 | 0.gravatar.com | udp |
| US | 8.8.8.8:53 | public-api.wordpress.com | udp |
| US | 8.8.8.8:53 | s0.wp.com | udp |
| US | 8.8.8.8:53 | jetpack.wordpress.com | udp |
| US | 8.8.8.8:53 | v0.wordpress.com | udp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.77.37:443 | c0.wp.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 37.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 52.88.144.64:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 104.19.208.152:443 | webcompanion.com | tcp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 142.250.200.1:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | cloud.webcompanion.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cdn.inspectlet.com | udp |
| US | 104.22.57.245:443 | cdn.inspectlet.com | tcp |
| CA | 20.48.202.165:443 | cloud.webcompanion.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | hn.inspectlet.com | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.202.48.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.57.22.104.in-addr.arpa | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 52.88.144.64:443 | telemetry.malwarebytes.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bad-dragon.com | udp |
| US | 104.23.134.9:443 | bad-dragon.com | tcp |
| US | 104.23.134.9:443 | bad-dragon.com | tcp |
| US | 8.8.8.8:53 | secure.durango-direct.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | cdn.hub-box.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 104.192.33.136:443 | secure.durango-direct.com | tcp |
| GB | 3.162.20.126:443 | cdn.hub-box.com | tcp |
| GB | 3.162.20.126:443 | cdn.hub-box.com | tcp |
| US | 8.8.8.8:53 | 9.134.23.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.33.192.104.in-addr.arpa | udp |
| US | 104.192.33.136:443 | secure.durango-direct.com | tcp |
| US | 8.8.8.8:53 | acsbapp.com | udp |
| US | 172.67.11.155:443 | acsbapp.com | tcp |
| US | 8.8.8.8:53 | www.bdjf2ls.com | udp |
| US | 8.8.8.8:53 | edge.fullstory.com | udp |
| US | 34.117.12.47:443 | www.bdjf2ls.com | tcp |
| US | 104.192.33.136:443 | secure.durango-direct.com | tcp |
| US | 35.201.112.186:443 | edge.fullstory.com | tcp |
| BE | 74.125.133.154:443 | bid.g.doubleclick.net | tcp |
| US | 35.201.112.186:443 | edge.fullstory.com | udp |
| US | 8.8.8.8:53 | rs.fullstory.com | udp |
| US | 35.186.194.58:443 | rs.fullstory.com | tcp |
| US | 8.8.8.8:53 | cdn.acsbapp.com | udp |
| US | 172.67.11.155:443 | cdn.acsbapp.com | tcp |
| US | 8.8.8.8:53 | 155.11.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.12.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.112.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.194.186.35.in-addr.arpa | udp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 34.225.61.248:443 | us.i.posthog.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 35.186.194.58:443 | rs.fullstory.com | udp |
| US | 34.225.61.248:443 | us.i.posthog.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| US | 34.225.61.248:443 | us.i.posthog.com | tcp |
| US | 8.8.8.8:53 | da6npmvqm28oa.cloudfront.net | udp |
| GB | 3.162.19.55:443 | da6npmvqm28oa.cloudfront.net | tcp |
| US | 35.201.112.186:443 | edge.fullstory.com | udp |
| US | 104.23.134.9:443 | bad-dragon.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 248.61.225.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.19.162.3.in-addr.arpa | udp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | js-agent.newrelic.com | udp |
| US | 8.8.8.8:53 | static.chartbeat.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| US | 3.165.152.151:443 | static.chartbeat.com | tcp |
| US | 8.8.8.8:53 | 39.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ping.chartbeat.net | udp |
| US | 52.206.104.85:443 | ping.chartbeat.net | tcp |
| US | 8.8.8.8:53 | bam.nr-data.net | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 151.152.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.104.206.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.247.162.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| GB | 216.58.212.196:443 | www.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| GB | 142.250.178.14:443 | chrome.google.com | tcp |
| US | 104.16.149.130:443 | geo.lavasoft.com | tcp |
| US | 104.16.149.130:443 | geo.lavasoft.com | tcp |
| GB | 142.250.178.14:443 | chrome.google.com | udp |
| US | 104.19.159.224:80 | webcompanion.com | tcp |
| N/A | 127.0.0.1:61214 | tcp | |
| N/A | 127.0.0.1:61216 | tcp | |
| N/A | 127.0.0.1:61218 | tcp | |
| N/A | 127.0.0.1:61220 | tcp | |
| N/A | 127.0.0.1:61257 | tcp | |
| N/A | 127.0.0.1:61259 | tcp | |
| N/A | 127.0.0.1:61261 | tcp | |
| N/A | 127.0.0.1:61263 | tcp | |
| N/A | 127.0.0.1:61265 | tcp | |
| N/A | 127.0.0.1:61267 | tcp | |
| N/A | 127.0.0.1:61272 | tcp | |
| N/A | 127.0.0.1:61274 | tcp | |
| N/A | 127.0.0.1:61648 | tcp | |
| N/A | 127.0.0.1:61650 | tcp | |
| N/A | 127.0.0.1:61662 | tcp | |
| N/A | 127.0.0.1:61664 | tcp | |
| N/A | 127.0.0.1:61666 | tcp | |
| N/A | 127.0.0.1:61668 | tcp | |
| N/A | 127.0.0.1:61683 | tcp | |
| N/A | 127.0.0.1:61685 | tcp | |
| US | 35.162.116.184:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 184.116.162.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:80 | www.google.com | tcp |
| GB | 172.217.169.36:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | wc-update-service.lavasoft.com | udp |
| CA | 64.18.87.82:80 | wc-update-service.lavasoft.com | tcp |
| US | 8.8.8.8:53 | webcompanion.com | udp |
| US | 104.19.208.152:80 | webcompanion.com | tcp |
| N/A | 127.0.0.1:62786 | tcp | |
| N/A | 127.0.0.1:62788 | tcp | |
| N/A | 127.0.0.1:62791 | tcp | |
| N/A | 127.0.0.1:62793 | tcp | |
| US | 8.8.8.8:53 | flow.lavasoft.com | udp |
| US | 104.16.149.130:80 | flow.lavasoft.com | tcp |
| US | 104.16.149.130:443 | flow.lavasoft.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 52.88.144.64:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 52.34.5.215:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 215.5.34.52.in-addr.arpa | udp |
Files
\??\pipe\crashpad_5088_EMPSQDLUMDDNFHQM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | f1fc93fd1a0f03f7bb2e2f88766b381b |
| SHA1 | 99ee0938d03d8dc20bb85542368ba134e4047020 |
| SHA256 | 98891098c864deb19d5b8dfc46888ed5c63c309cce64bc6d52ebb15aed61d187 |
| SHA512 | 0b109a38df3140297ec407bf39c98bffc04b6f511618e32bb974b952d3a7bbf79a6ce81164b7672d4b23e92ee89ee2ae0643c59143e9c1b04e51d05f7245e7ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 285c126dfb81a60587a65508a5fe8c8b |
| SHA1 | 71fc730d49c4e106597466864cfa2f8b395195b5 |
| SHA256 | 9d3ba4cdfc38bce9f5d300a6892183277335e307b6165de3ee555106f3db25c1 |
| SHA512 | e129c1b3982be014320b768b567c4fa0e3bd5a3156eb879ce6cf970f3b3d7ad56e7f94b0e3128e71bef6d3fcd6a345021eafbd4b25a5aa0451761292f0260556 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8c41b3dcc0232aab8138e2fc94fa4a4 |
| SHA1 | 801f213d755fc21a7673bae9c5b031f217837f6e |
| SHA256 | 65b74d1f89812b630610f8e4b68441a5f37e0c8ca29d5cfbcb7dbb7fb2e70f37 |
| SHA512 | 3656ddcfadf50d0f4f5af8c0a9e90dd1bb6f4a31c7ec322ae5af3aa7c4e7810d7620b8b70aa46a74667ed0d410a5a6d539b24c847dedf0ab5395590e6a008822 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0cc49e33f1dd4cbb2f406da88156ee8d |
| SHA1 | 62bdd8f8f24a1f41041f90cb23b3f1dce040450f |
| SHA256 | f549d2cb872e71b9906d320d275673fbd6213ca3b4677d42583378440536b3ad |
| SHA512 | 484c145977731b6dc4b3b71f652966527d27986157ad350ed5f859f37444743b08c1e9162a04bf3a70eba86d21ba2d3eb2bd184c023b74d963b189c5aa4d33a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 6a31f57465c6e1e8447f6180ab107382 |
| SHA1 | fef948beb24a9557b974a51d0ccd1b3a1cf96cdc |
| SHA256 | 61e3ad75b77fc15761e606424dcf772413ef63b8e0042f164064e8acdfe2f74e |
| SHA512 | ba26b6f1e1980f0c99cd192a7f8b541f06a75555fde34a1aceeb89634a151e97511c84e6b40f10df57b437882e07d594b442494d7b613cb3fd415f2fa0fdc767 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | 85938ef2f16b16b75e1bac0252c896fe |
| SHA1 | e3f16122303ccb0440c00c3ebe3beba07d7f0ea7 |
| SHA256 | e927c30a17ebe90ecbc9d29d156865b0a7203fde2f5b9faa39564ac11fadbac2 |
| SHA512 | 1d568517f96bf8c417142b03f96b1b3584fc34ad4a260295cc30d044cc4fdcfeb7ace89eca0998fbf3553960985b89299735a526f8f2bf59c98192b21a14d5da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe57eef4.TMP
| MD5 | 975048cfb1b59fe6b763979aca93d997 |
| SHA1 | 771bdd5e7a3f95bbc7ceff59704bc8e4e7531156 |
| SHA256 | 056a6d4e08ce63f82ba9f36379a6b410c2c664e639d8472884db3b22eb989a9e |
| SHA512 | 617db335dfbef9bfa4dac14a4d6661f4822f6a5d38c151f4cb888672db003cfb759d99c976db86f0cd1b8e465e7e3d452affb3bf61eb4fa30773bf59a69c9cc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f7efb927e4a151600f41c3fa19bdfda |
| SHA1 | f7cd9d1a0d10b2ee5985c3e4b6fd5369ad78c6f7 |
| SHA256 | 9f6a23109902db0e24dbdfd1db14b011b7922be85670aa9f179c257188acea40 |
| SHA512 | ec011c7c9c19f3ac6e21344839f6e5940f09e75f3cad32d069e1de2c0f3a5b279ff0803e66dab4755a445a26c65306787a9390b5aea5219ee40fe12dac80b36f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 73ffcae9899e4c0090abd19458eb42d9 |
| SHA1 | c5a6a4651f93c6ff9eadc7ba78be41c8e2dddcc7 |
| SHA256 | 367273095644e785a4f2c1d7825acc3bc53b4c14375fd52bd9f3fb5d113d040c |
| SHA512 | 635a0b386353d7541417625cee4808bffd0e4fc8c402d07b54b4a79de8174b54ceb8a809a5ba8c9629209c57ed03f3c83c90e06c722a623bfbee39158cb5ac76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7098a0906a98bc9e9290fded8e2c33a0 |
| SHA1 | 0202c3691d07676f711db5e7bea838893c5d289f |
| SHA256 | 9fb2d7ab99e126c294308100d55d24352025359e9de6dbc0e58706bb39a1709f |
| SHA512 | 3c6c11367a3be3f9d7cde12da859a578d6188d1141701bf19d90c4aca50511f2b32d4002c869098b0456acc64bb1a97feac7153a2b17d1612eca2c98b9ca0743 |
C:\Users\Admin\Downloads\gs-auto-clicker.exe
| MD5 | 6862f65be14fd3ce88086ec79777db6e |
| SHA1 | 7f0eb7535b59a926446a400ff93f48165b58ac95 |
| SHA256 | 7c90795c9b28fac978386626f5a54033dc9cba46ef6a3f742fc7d52b394590f2 |
| SHA512 | d04700ca41bd2076ecb7b9028ba16738de479b3113efea0c86613f354e977f9b4dff6dbd8c06fcc4536be0585cff7f0e2636a2a6789373efad7788a7559bab04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60be96c218e4c1642dbc8223906413a4 |
| SHA1 | 2979052e6358f15af0ca523f8bb35c6b0edb4af9 |
| SHA256 | c1bcf5fbb79932a46510e8915e5f3aae3cda3035ad059e7126b492eea60eb136 |
| SHA512 | e4859fc0d2b1e64b3312188a1b70de2963c2e1321009420eaa0ed81a271278ef8f965850d34830b490bb8ef04240107cab6e804ee3ff189e5d5f5c1bec7f0787 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6b18b0fab04918b3e446aa54cd36ac5a |
| SHA1 | 903324a773806016cc13dc75e05ba004a9715778 |
| SHA256 | 8697b571de3e6c177f2214196b60ff27aaa8cf6658e97683dbcbc4666d2dc764 |
| SHA512 | 5b36918a0b9a92f0936734e483a803b2b3c6e97f363ea059bdc780ffec35719c5c8025e329bdf2287aa59fdba59206060554c48b842291740e5b0bd24828f207 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 87a4b7876452068acc267199f055c177 |
| SHA1 | e96290f2a30868b5a3d2ed7fd7e9b5e854ed26aa |
| SHA256 | 5b43d948c8d7c8e1cf97d2be86a31bb5eabad58d501d2ebeee4b176239ccc25b |
| SHA512 | a0b4bcef29c4facb6185861ee06abdbae691ad3a9b54a3c25e7fcda54e470c6a69c9e3d3e57b6c91acc3f11a262f8ee9e3e88149bd19036ee361c0d9a774d986 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 89f40589833c370f9c53077ceb489168 |
| SHA1 | b2f7f1a8267da2f294c4b4fbda9bc8e80b2d7bc6 |
| SHA256 | fb1bd8648bb60c0a8d4f7fa8fa81f2decc096fe4aa9011ddf386d5698c02071a |
| SHA512 | 6394ba32c1539bdbd56cd8b47763bbdb9df533ab92a29bae59aaa6d736d1f0a6ab767187d67ccb226831c88ee1197c9c327088e3422059f5d2b7f63eaaa0b0c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c
| MD5 | 54f20de8a9081fccaa118be5bf3aa347 |
| SHA1 | 9a6f5952bca06500c4df3f5a26a54955e55ccc14 |
| SHA256 | b47847a633f51ffc2135e83796b686532acbb5876025eac6d20a083502315834 |
| SHA512 | 488522b5d5dc119f11e33f295fc3a2537cfe8360287ba619eae02d70629d6bacf7ea9f8e85a05a1b9d84a0688922e97c7d754c42d5428363253765fee35f6d63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f77dedc20d1de8050f06d816d92d1c17 |
| SHA1 | 0e7f26aa6e1875a37d524e12097577326c607748 |
| SHA256 | dda72ff004e68ed10f31a21afee219827bb1081b7be2e693859b9cae0cfb91df |
| SHA512 | f9624f4697b70e87d7295954aa8fb5dad8d1d1d2702a42d95091e0bd3194f02944c3b9e754c42b3d56c236280262ac15b77057e1de233cb7762af9c5ee1ab3eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047
| MD5 | a6a6ad24c6105ebdd4eb4cce9e1a8f79 |
| SHA1 | a826fc2a063cdc085a1268f19ca497d2309c4686 |
| SHA256 | 607a468b5847af39fad4a581ccf0329b89143d48cd5a88d8d5db5a7348d195f9 |
| SHA512 | b57b5a39e539f442da58ac96398b15c5baaeb96553f11e86bda968199b195c610242b38ac0fcc781c4d4a7be47c1b7e1a23bffbd379c6be527d3fbb6996e6184 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aafef3d26ac8f2a1a2fcec05e961cb59 |
| SHA1 | 98b6ef40e835d382a6a783fd7e72e77d93b1ebcc |
| SHA256 | 95261774d62b45edb386041eae888c8ff03c9af3731d48975abf56b62c2e7898 |
| SHA512 | 554d87028757f083abbdeafab4827b3350383dbd255af0dc0981fa2891a457b8edacb8ef9a256a3b3e0f5247811e3589d1bdca740bc420a968df993fddc32155 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | cb2b538d72e9eaa77b5204aa1ed533fa |
| SHA1 | e48301e0c3a5838d93fa36111f16584138ec9f12 |
| SHA256 | eb72d529f27d9b492c0779d011d50e3fd830f55077a67a5b56e6164a4eab90ef |
| SHA512 | b105262dc6385646109e26d93f9b289de653f5c19c176fc707204b0f98ae81e4afc057958e6443758b1cd05db48bd2a60dbf31f7cd47896e571f9394a57a7878 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032
| MD5 | 32f0562c72166c45fb903fff5d532668 |
| SHA1 | ed8cf5c281c230b59668948005e816ad1f4946b5 |
| SHA256 | 845ebd280a2529b0ebc5ad2565b70aebec6c4ac9eda7311ecf16cd72deabbddf |
| SHA512 | a67c1073a25f4085bf9bd8550d95ff110d0996bed36cd0f0e9e8771acb96b27c41360bdb59dd82157a3f481621b94a5b04ecd88014647e5b5509114b450aa344 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
| MD5 | 24aafdc3de0100622ebdb778f8597cce |
| SHA1 | eb596e0339976d95d67fbd03476bfc0893c32cee |
| SHA256 | 33f46c079504e967859cffb69162ab489c3b4bbe070af18253e60425cee34dd0 |
| SHA512 | b5c3b500e928d402526af4603e4e7b9e801bc9842f381dbbba75939c824aeb40d9ebbd3de1e2a155f690e8c9b9ce0efe6f3196739c031f74a428ac673dd1b185 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031
| MD5 | 8ad04f19bf70f5cf330752244dd8a5bf |
| SHA1 | 7076e75cfba995209d990ea6436cc1e35efccd2f |
| SHA256 | 8f9f6500a484f9c529b47669e78a5672a515ce00f9bd325b3e0d15d1d95de69c |
| SHA512 | 4b49abc56fc26aadf5dac9d76ab9a507592a59c797739f39cb5e8d2efdcffd2d37ca4c05c9e362aea17e3cbf16ebd86650baab5b3a672366fac8f5da72d79fb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034
| MD5 | 18bfe50e5966a717e469c3b01f559bc3 |
| SHA1 | 215b013cacdca8220be114efe1c922fd99c308fb |
| SHA256 | 766607a94d2c4fe3bccb269ddecf6b016f713bbe13fa6fe8b38f9e5f9876d41b |
| SHA512 | 9491334681c763712ab98bdb6cb162feac833b0db6780e54dae3ce01df646f74667771640dd8962ad7d7aafc483085716f5ead1bc5b809a012d26d93f29463b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 85d97f0a36ec778cda1e50ce03a640b6 |
| SHA1 | 16a3d91acfc76dca065561b3fb7437b4dcb19403 |
| SHA256 | 7c207655cdc842f603797f88da8c636b546176befd0181c5123a13ac23f33bec |
| SHA512 | a7b2f9158743e330a977d376a0e6f9c71f896800023c5239c213eef6e825dcd30e27742fc68027c69563816e6718f334fe249d52ae164ef4335b7c609b84331c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d
| MD5 | 1d4815175b5ae11e2f5ae08a59a25fa6 |
| SHA1 | 6ba34a017d857a1f849915e25e0b4f7e0f895d3c |
| SHA256 | a0629fdaea0f7bede6e84b281f7ea6dee84cdd2e1a5f4b1e30010b2e8a3da7fc |
| SHA512 | a25874f7e66957888e5a2110a0ac4342f4bed2619792ec7f3e452bdf272f9fdfe5767e190c62fcc8e52f36106c8bbc851ae89ff3cfed8c0bd75ee0f313cb261c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035
| MD5 | 85bcd58c2458bde06c24ca2541d07a38 |
| SHA1 | 071f007cbb5a5464893a5e31ee8bd5382e3fb8bf |
| SHA256 | e45c304104b3e7f461183d354af95e0f7767193cd7b96d2be262ae9c5c9bea4f |
| SHA512 | fad04d9d74eadc3b4a6f749d05c81e77ad732685a4e5ceb4894be673085588ae718f76a9f27a882a7605c32505486c2b090f079624516c7a97a64c22633865bb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037
| MD5 | e85a88a15f443d63ecf00171e542c427 |
| SHA1 | 4f49bd8e59bc347c6c4b0d668e61491be0f1d438 |
| SHA256 | 238f1e74b4191a1a2773099fe40c64daeaa001fedf87931a5a2c9b1bd9edfd80 |
| SHA512 | 4ff643bc038af2118f4671a2aa918396f8532a4d703487e7759003dd3c64f6988fc18648e4f5e67a3c7eba8225af98dd67f77b4cb6df871834a2c68c77eeeb62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | 776cc20263835b47cf211658cf22432e |
| SHA1 | 3cfcf8ca9a68caf9cf6372eade622e4d566ad00c |
| SHA256 | fe11e579d405757e52f355188639ff942fa2520b5f6a8dfba2e4f2a5b213dc34 |
| SHA512 | cc51be25065e3159f87d8ca8b886fe53172327c1584695dfa83d4af231fc0572e572ce5423bd63e509127a96f9f4274954f39bc8b205c7d817d3678b71129df1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e
| MD5 | 7e4020a83f5a90028eef293018d9d436 |
| SHA1 | 3fae90912fd524537b6b77dd858d615184882e6b |
| SHA256 | 28ce8d2715b60f3ec0d3e35ff2b5fd3825054db47ebb374cee06038bec2f1729 |
| SHA512 | f9859f8eadcdc358814c8c1857f6c6c844c34313e089cdaffd91649f39d895f15e90723553771d0dd680292bfe0656af591289bf4ec211d63b08003719215d15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | bdbca6cd39a21b94af5e37a7d95cd7b1 |
| SHA1 | 3bbd7a9c40294b9f26a7fda297a07cf68f4274a8 |
| SHA256 | fa016fd584f843b1373b82746add6f4ecc0bd88711e9e85546dd9270e77cac50 |
| SHA512 | 930121da974124d737bfd6971014a2127dd1e5c383eeb643d7eabc822c867068c261f7d978a2c86f2237a98053ae3dd26a00624d8f0233ed04b4d2c0f8ead102 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f
| MD5 | 2a4cc8a0931be53a8de9ce0ddbc4a922 |
| SHA1 | f704e685fdbb356dceba6e21a47486ee739fb161 |
| SHA256 | 5be6e385bf1aabaebe6823592bebc4945b544ebdaf4a66343ec5345abc9fe43a |
| SHA512 | 32f05572c5570e0201f318840d3f1532cc5a3789dad5d8003e536be24b5778bf3e4c0c7da7caf60f71e48ad5ceea1dcd950aa78da466f7cfb559389361e8ddab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b
| MD5 | bc35ba4562938658cadcdf054ec1b000 |
| SHA1 | 1942cd6e872bcc41d47b0d4c429ebe86f7767c88 |
| SHA256 | 8e9e118bacad336340e04b1622aff84c9ffe0704a0b74c6184f8c9d27d40eeb8 |
| SHA512 | 2993b4c352ef386f7bea56b440e3034cb52aac85ed3cb236bae95cf1afd39e1431fcb14ee278566dce63281842707b18a7a5baabbadabeb51e6f20dc361c552a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042
| MD5 | 034ab7492e8da8110277fc06445f1ed6 |
| SHA1 | 61cf734e3d07b54849c89a89a658fcba3cb96e94 |
| SHA256 | 1ed1e1d74b5219224840f2dc6365d81d0f394aecc452fb2bbed4601d71ba2cf3 |
| SHA512 | 079f5f800f44153e59655f0dabddd4e66f16052015e42fef4419eb70f22880fa9e3e8d3d42551c7a7550d30323595007df3438a205adcae9203a344b32b2745d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043
| MD5 | 20fea429440ac75344a157882b5501d8 |
| SHA1 | bf426edd991c7731d5d13629e5167e0fc702f6af |
| SHA256 | 8c97bbf4a3d2707c696ce1975438378e0a7551944f07493e1811f1a64ae6ee3e |
| SHA512 | ed19c3cc621cfe25bb6bb38d6bafff5503f5fd8fb6873a20e65198c63845c32e27efc2600e091d95810690cfe8d29c5530d1f408cbcd2c3b88eb236dbcda63b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
| MD5 | 32ed3a28e684abc027d4dd2ea50309df |
| SHA1 | 51c5daecd690d9d02d7f1eec8b8b7bfb9910429e |
| SHA256 | 90c2228f536563d853b9aa25a86641eed8233af0f5ff0983604b63ba6a04245e |
| SHA512 | 7cfc78d3f25da587b4a2f7601cd08b7630b8e438023ef532bb57c2b44714a23aedd48924b63fa866e511bfb3616e0c390fbfe3c50f939ebc8ac7faa37f1834ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48d12967278c72ded58e1552a850964c |
| SHA1 | 95275568e5888039827f10c7929dda231045dd3b |
| SHA256 | 21425e578746225da3ca22e461f0a7eb574727e56e598b7395b20d561ce063d4 |
| SHA512 | d3087e6359373c1a8bd2927d92f6dc1a5ae1ae9e2b97614fe73fb760e685e3219ae1e907a5cdb55758c3e7a652189855ce535c421028888dae561c14fb70e105 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 78d64d90c145da69d84a40b0c766a659 |
| SHA1 | a2ad769d1879904c9584e81ab44d5fd21fb75773 |
| SHA256 | 95dd2ab054f3f441c9796d904f62d645837d0fae52f7acc1f8f6150add814dbd |
| SHA512 | e2aee1dcd285fbeab61e2442a52d163ee8d07d55a2bf6c09a8a4a92b661f3c4336d5ad68bbf4086e7eee89e5aa27d2c69f183642425c8a22b71335f10beb39c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 55c813b16f43a43c906f00d72940085d |
| SHA1 | 86e7927f601c17a5c68b62b7969686e6ec4e5fba |
| SHA256 | 7c3942798f55b6e99902defcc6ca261cdc4b84af81bf9f7517da51aed6cbe4fb |
| SHA512 | 0ae5571c22a60c17df1a85a1f3c450d52d2f20c3b9dd7007ba2aeae86985481fe03a28737357ce264998c965ec9f318ff98094b3765b153f9787c67e01d4e5a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67bd7fdd806fc0bfc2d5dea27eed77d0 |
| SHA1 | 9715afcfaee79847430851258f25886c133e0fa5 |
| SHA256 | 9a9bfa84a4d292642e4dc89e48dea6c6de048375a0b6d81748be86cda2753b7f |
| SHA512 | 46dcab3c4c04cf8f8c5363869c7986bfba48770cb07c68c567bfc1c1ecee127c28d5f4b0bb8b366ca28b80d1730810746d978410f58ccb3be539a04ff7387b63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a315036937401a428db91b1ae321766c |
| SHA1 | c6363b15056b2a68ea6b72c3683efded0b588f4e |
| SHA256 | d321c900889e91d8071353a46dd0156c26ad1c8bf8cbf6dda6b033169f6103fd |
| SHA512 | 6c5b59c6b9e849d174cbb7def9c368c03ba79224b2484ea3ff8e95e4dd64b13f66231d8d8372b10874064b1e3dce7f248e340116430f24fbfc286257aa5d9435 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8e59eefe8db0618aec94ea931d2d6ca2 |
| SHA1 | 7d02df0547e4991e732113c64da7ed92d4041671 |
| SHA256 | 688e8a83340e477b7bfaf99642ce60c0b0ba872edb9a4ac5dd74c0481209c994 |
| SHA512 | 375e6fb88c5d86bbf00c92559d386e34ccc508a4e5756753f1b7eea5b50134289819b60d905ba8bdf4b36a77b1b2ad415be2a59c5127fe6265d5f5a8b88f6542 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5df82270c9700b64beb26e12e132e460 |
| SHA1 | e95f5d8266a08e4dd784bbc4dcc825dff639ebdc |
| SHA256 | cff336a8d2d6f0993eceba9f774c19752cda6866a0a072c00abd1002dac0609a |
| SHA512 | f866b06bcd0f023f87e777046524d5c34416b888beff620d236cf92da8177357473ad7e8fecac805022c2f191af5090532a4b4fb4c48a36014cf5e3e05deb20d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007a
| MD5 | 0e3d96124ecfd1e2818dfd4d5f21352a |
| SHA1 | 098b1aa4b26d3c77d24dc2ffd335d2f3a7aeb5d7 |
| SHA256 | eef545efdb498b725fbabeedd5b80cec3c60357df9bc2943cfd7c8d5ae061dcc |
| SHA512 | c02d65d901e26d0ed28600fa739f1aa42184e00b4e9919f1e4e9623fe9d07a2e2c35b0215d4f101afc1e32fc101a200ca4244eb1d9ca846065d387144451331c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e3e27c2546275963dfe99c1e4934a0b |
| SHA1 | d247ed7e6d169af73f63ef1481125a017ccfc2b2 |
| SHA256 | 9bb947c47b2b2de0b4825bccbdcf3ffd7f64b94205601829b86f4e653955ec9b |
| SHA512 | 2bc37285068a42f0662490af1289d8f4d89399807224d4a121c7d5ff89516d0cfd8cdd1cfaea451ac9bae33c94c86d5b891fcb798d613c54d24e6e048f4b2f95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e7ee0850d29152f9c2a4a713716c6f29 |
| SHA1 | 02996302f0abd40299a7cc6f44fe6d7ff742fcd4 |
| SHA256 | 74c99f0d2141f0224c4d7e45e060610d0dbfa98c07244889f4f9f893cea54db1 |
| SHA512 | 43bfe7611db3a22907ae0d5e3412b4bd926c673e05f6a7a06d00b3d117e1862a55583367c5d58eb77f7355ce00ce9e9dcc05f2d240e32a3a1c87298352f2fdde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | fe67d3a0a809194f9504e7bb3c40ede6 |
| SHA1 | 43249c43ec7c6fc4d4aff21210cefaddc058ae6d |
| SHA256 | dc07ec5a0e101e913df35e0a4aa545af08bbc18912c779963c39373646235599 |
| SHA512 | 2e2020eb1325b81f07c412a7378c4472aaed7846fcdec77d76ab0f5c923f09bf12cd24aa2a1d04325ee86db718a9060399b0b382007d341064c1a9d4e576f6a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2968a60d54cb119ca1d02159669fa8b |
| SHA1 | baecbd3322f5c4730e69ca3411c5ac8328484e2e |
| SHA256 | 4c349d72b61d018584ece40132b2a92fc41bc2b053f801f1538a5d86088145e3 |
| SHA512 | 172b57a5e92f71a56a66c1e8fd22aed604d782860f03515072afa7c5c37da3556b14b789889df0ae9171187213f074ae3ee0ce3ddc816a3a9ba8237955078a19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 62ad006750effd3ebdc571863d92ee07 |
| SHA1 | 8eb0a8bccfe8f20c4637c58ad46e059b9d603caf |
| SHA256 | ab1619799076f197d6e5d0948d672668d2755831b3d8c38f6cb2579671af22ae |
| SHA512 | d4e914c4cafc25087bf9f8560d21f3dcba4a167db705bd25379faa57b6c5aaf48d60796e69970333e6e02272da9353d2e967eabfeefad0199ca910173866732a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 6922524906284628d5d69bf14b9d4726 |
| SHA1 | 2ae4cb05f053a9f9cfe87741ed7f18bfeeb4d995 |
| SHA256 | b5034448ee4eab3befadf5f87ca8ba03641f836097503601b702ccca2f69a28b |
| SHA512 | 65174ca5bcd14e3059b7154bb1215da670051e0002ea1068c8edeb63fb0c226bddb9a7446ccdffcfb25fe657a54746e39f8dc69476bf503e576becd26d16c017 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 77a03ffb23e15d8408387be099ada20b |
| SHA1 | a7139ac18e474ac68a9434ddd86169f53c8422cd |
| SHA256 | 54156961f65c544d2a98be295d7f6b73fd7a3e2afe93e3f1d6ef84692d90a8e2 |
| SHA512 | 1330c883f90b84e70b95819b3f506efbad25af77e8fa79173047e9e70feb0e64a8853269115906f5c688510ce30fc3b61bf5ed151e389e5f990aa109054d3b6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f83e856998265f2d055db57768e89a58 |
| SHA1 | d30e0a496af431ecc8a7e344e0825287a897e57d |
| SHA256 | 6397c8f54ff67e5170e168609739b647caa1834eadce3c225d165db772f7e41c |
| SHA512 | ee5225936dee5ecbd1954823012813b544c090eba8df5badad31cf112bf39544ad6891484be75f31b08c24e69c05ee7000ce304184ed7c40bfbd95224ea1998a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 88d7175b679dcdacf90ce1383fe42429 |
| SHA1 | e70aea37b5182d97a6e24955e7aa56393ab26647 |
| SHA256 | cbb427b9197d842e15bae52e9b14b63432763e11aa3792f855f84fc27eee3616 |
| SHA512 | 8c55f0afdddf4129611efbf6326cc696c82fd1fd01c27131b0c63199f9f5f513f4f960d047ea5201ef4d58d2bbd98a62486529ec549aeee586244bfe8557b5fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5d47ef54cad25296d7b006da78a579a1 |
| SHA1 | 17169dd960fde83d62c3f835186783236414ed41 |
| SHA256 | 204474c21d3ad47d101b7bcdbe221ce176432f94665c8214e4efa5076da3e9c5 |
| SHA512 | 2651e56aed6739411b650abcfc7cce47e01d22281a6556aa39510120e90bd7c328b9f494556ce2a06328955bf4852a8c4b717fae0b2bae3afdb086fd9770361a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72b2f3b40f1f174b81821ccaebc13765 |
| SHA1 | 14d5de8358ff6941da039b6fd059817ce5a201e5 |
| SHA256 | 8b51c577f1776524ae9c2ff83b9edc2e144203e27bdb2889091a9216e2bcda00 |
| SHA512 | 024cf9d19ef8c5a65808bd5d2fd0b232e2006cbd5b12f22589f8bb7cb889012f1bd39627ac3d749f75d8fce1d86288900c51f4dacf5fc7b8974edb59889dd29f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1c5fadc1c8403541c0ab504e0d04c05 |
| SHA1 | d1583d7f04ebcee8a5b1045a9792793ce05ecef3 |
| SHA256 | 2b1c6a9b9083fd67fc449607ee7b2ecdb2a2be644075d0763fdcf965f3e6bc28 |
| SHA512 | a1ad7dabe8102928b600220274e699ad6149ddaa61ee56b8c375831913fe40e202e253422647f753c1aa6bbe03a902289a44aa68e8dcbd8100004935533f1ed7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0c1c18272070a450ece4ba981c5cca2 |
| SHA1 | 13cc61d3102d72e7c906a621f6fee2f40c4ebacf |
| SHA256 | 8e16d61bf2085a6020d9a8d9352b772484d77c856432a420b81cea03a2bf545f |
| SHA512 | 13bf1128e846a77ce92f5494115894b56d7a04d7d7f7f0e3216b8e2d0da4f2c693e36892c8038494e2446a785e486b4aad77fc744196ab7720b74139d3d57dbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dff28a14cbc596e19ae2d8f37f84e7b7 |
| SHA1 | 41f35eec13debde3b884919cc822f548b01e6d83 |
| SHA256 | dea42b90f5d6e1cf7b69aa3764ff95e8b217fb31b173eb8f5d50c86b604292f1 |
| SHA512 | 86bdf070919c95ab449f92668ab8004d34210a73de7ef407aef41bfb3535ca478a141d721346e23edc222b985ad4bb695e53cc5c699b88177c71cb6e18f21ac6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f205076950a79b614113b3f5a4e3272a |
| SHA1 | 81653f8728f1e6679061223b8c17db9bf951e698 |
| SHA256 | d37c415755d9d84a55ec15401afde97da4247cd77106d0b4ffc295d224cf2901 |
| SHA512 | 21f26659ec2592eab69abaebfa20546e9c41bf0f2ff89886325695e36c52b4e0052301d3fe9d0fa70f369e89de575439fd687b7d88ab96952eda66518505133e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097
| MD5 | 344ee6eaad74df6b72dec90b1b888aab |
| SHA1 | 490e2d92c7f8f3934c14e6c467d8409194bb2c9a |
| SHA256 | a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196 |
| SHA512 | 2a9a9162d610376512a8fae2cf9eb7e5146cc44c8ebde7a12e9a3985da1718c62ae517c25b00de7c0269efab61b4850a0becfbf04382a25730dbe9cf59825a62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095
| MD5 | 5366c57b20a86f1956780da5e26aac90 |
| SHA1 | 927dca34817d3c42d9647a846854dad3cbcdb533 |
| SHA256 | f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa |
| SHA512 | 15d7127970436f2510344600f3acecc19c39a05f8e82c8a7950095386382b2e2da55883a5a9faa97b84452e67315b9ac1693b6592274c8c1c35c813dfeb543a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098
| MD5 | c8da6486ffb242a2625e667cd0c8c064 |
| SHA1 | dac4ab8595d36689bc3dbe3b4c02238838f3d754 |
| SHA256 | bd7c73797d47e23fca9976f7584cb89246fec6ed836e42e1c8a83ef3e1eb8114 |
| SHA512 | 95cc6bbcdf584831c6a2a9e94c0b4685b1e0ee73bfd6af4d3d17488d909374f54629375fd9142748dd9e0b83b8d02cba7d3043388516ac95ddfacdf3b814710f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096
| MD5 | 7ed3897891bc59a7d2e1c9ce7e45a868 |
| SHA1 | 469022959a547aee3a771bc72c6afb733fecdb46 |
| SHA256 | 9f3516e365ba8d840a4a4780392a621aa232f537931c3061ea9e46b366c324d5 |
| SHA512 | 759bb5035ff1e60dc6d8e9a2b12a4a7a51498a5bce72710fb9519ba3a6298f3fe0f4693e02b094252722f6762cb9e4acae54961641216e4d1cd1a0dbbaee1d4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d42057a9f942ec369298d70c80d6ceb5 |
| SHA1 | 3b5c7a39ec2342769a412af811b5faa8fcfd108a |
| SHA256 | 9bad9f163f05464411cdd34e684571074e266d7561f7dfcdf40f2ea9c2e5e979 |
| SHA512 | 88bbcadac28d30909fd74b469e83b25986048864781918d7ed6b889dfc316097ac20e96f1332ba89eeec685c166ac1393d5b0bc30bf1d1fcdb9b65fcca10832c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ceadb18e01995dfd5cb98344d705edbb |
| SHA1 | 79ee9414f54a6a3ab81f1bcfc77af0b62f107f1a |
| SHA256 | bd8f08f4f2ccd1195301b73cbcf348bc30b7a7113520face3ed30045c2d3f755 |
| SHA512 | ec76e430c54cb480c0115a70a4a3d4452653bc27139a50dee462895c73f0d9ff88e8e2224530bb6d5854cca3d39b2521ddfa21a6f15af32386f241648233aec5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31d3d690b955c2ae3002f9a691241c8b |
| SHA1 | 6290699a9b33c81179817b22e4a0912011c6f9c5 |
| SHA256 | 6ff49e1672831b385094803977ea22b9bcd155de27b7ee4b3e4a76b5568d3201 |
| SHA512 | 814d563d75f01cd06a5d35cd6417ccaa544b44b3790f594afa1cfbd08733e2b779a8245fd660553922d4fcb9abf62aad65112e10dacb30266b81863d43e22884 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5a216a5347a5e995ee07b916f54ba797 |
| SHA1 | bd40a83ce337d583c0ed174948a2570cbe54694e |
| SHA256 | e5db86087bac1b9dd0c15fe5baed6cffac97e5d97c2a1d04098f89ac53e8e06b |
| SHA512 | 9fe305040cb0c4a456b34a438f404c83be312e932a1ecbc77a42efd485381a780468002254c4d56d0b77620faff78ee28214badc60751bc4e4d2055d0bc8304b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4adf49a26447ec3536c8df3c2deae2e9 |
| SHA1 | 499c8b78ad9cc38caaf278abc4b7a5cab132161a |
| SHA256 | 4127b51e5bfbefcbdf79c1a3d7db4ab0839e9fff2f7f06dd11acb374a5b0a0e0 |
| SHA512 | 488e4f2dc85347a57f40c057794bcfaa239da6ad049ce8d6001f26332bd0712f49c307d188ae61d65e2d857e5ef544fe7726c1dbb7b926dd1da1010f8046d350 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 574a8f1405cc17236bb89c190027554e |
| SHA1 | 7bfb00384833e27160fb080c2345c83b54dc2270 |
| SHA256 | d0e3d57e6074a2bc9d715edd1775cd5fcd1b0bd5b51272242057a5ddc5baa768 |
| SHA512 | 327537d658114c2d1e1d2971f23835aa595570c3f45e52af515fecf4f18a5ae237ca1ffd5ef4fe21d45934f7e701f7468f0bdb95bf1423f3f3b3f32cd30ea840 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b666c3276a17012e46038220a176bbc0 |
| SHA1 | d7a9c29c51ee84bf22fda00d8b305386b38f40ea |
| SHA256 | 0f6b99342caef74699b1572bf2d1dd13443f3b6e4eb9a81e522728b062b97c8c |
| SHA512 | f84b2ed3efd5c3a582d2989c75b085e5d2f744549b6fb37f1e390b6a82f82abfbded91f758ac0ad7f0b3bcfef70809986905aeb4b4a2ebbeae4b036e52b17643 |
C:\Users\Admin\Downloads\Unconfirmed 304718.crdownload
| MD5 | 7ecfc8cd7455dd9998f7dad88f2a8a9d |
| SHA1 | 1751d9389adb1e7187afa4938a3559e58739dce6 |
| SHA256 | 2e67d5e7d96aec62a9dda4c0259167a44908af863c2b3af2a019723205abba9e |
| SHA512 | cb05e82b17c0f7444d1259b661f0c1e6603d8a959da7475f35078a851d528c630366916c17a37db1a2490af66e5346309177c9e31921d09e7e795492868e678d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | d73270b8a1a21c190b406744e93fe015 |
| SHA1 | bcc1f19f52acbb01046d5006b0bd12ca13ad66f6 |
| SHA256 | 36a71f887b6a9b21b217fce467765e4f0345ff265d108852ec8e3a7397c78df1 |
| SHA512 | adc3f49a71c7dfa0a03def52383c7b602a97f8fd88aacfd0a24a1135be117e20c1cef36f7ae361cdc4e6d31d3aac29baa731ab6dd7fd3b5f8fde65afbc536894 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | e271619b1e7afb2c5c8fcd671266a348 |
| SHA1 | fdf0e2668c347f48878f4b3bc588bc150cd4a0ea |
| SHA256 | 5f1263d527dd537ae01a36fc880aa010ff81a44336dbef6320a110de7c086f37 |
| SHA512 | 4c27c22de6194d23eeb9de421eed9c0aad00c0ac6458611acac6d8125e46cb3b6691f96af240e32355d7747c8fc7ff72cb1f75686eb76016a8a263bf6c8fa2dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | da899493030e2feb7c9e75a455514589 |
| SHA1 | 7d5a78431bb952c579e7b6a1d9bdbc56b4d8bb14 |
| SHA256 | 69bde33fe820748a8c6a343b68d5579caf42e8eafae46b24d5f4dc46bb2f4ea4 |
| SHA512 | a11a4ef051f1ae8d6c0b31a52a8c3d4351618bf828be90a0a1d1208c405cc4a816dacf4b4d95694f6f7e6638d11cbfcbca2365ae73c2b5f4eb14f3a4176d4f80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e61d91cb39b00eb799e98c73a1fa609 |
| SHA1 | f8ba580f67595c46e0825ea6688b66e6c6a81718 |
| SHA256 | b7b684db97fa7b35705dced18b766cd8d0e9b87fa03e74eb046603aab4862091 |
| SHA512 | 9d88a15796037ef1fc864ea745a40f4d85c371fd42b56a5e17b118a7b8acb70e1724cf8da307a394767d709eee797c9dd4fd6d819d92f1647e89724996386c59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a
| MD5 | bd3632a0a1250d1e7131c6c673e6725a |
| SHA1 | 28c0b5e732fdbdf0b5d516f14a9cf0111f659805 |
| SHA256 | a4278fb6c1cf6d2bbf27bbc5fd1e90c61a5a28611a4bccee95ea2a8c260739f5 |
| SHA512 | 7f9b65324f9c482ed20db02d4cc0f71f822e92ae19852866aee6e8d488b806f6128e1124b9ee276f3440d28cbb6e6276de1fdc8a4be3b4c8624d27155e7ccbd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81ae71b108ff040abff485f4b4ff6176 |
| SHA1 | 5b9e20d046f56a9bb8b01be94c843612455af3d5 |
| SHA256 | 495d1e5a19828b55be3439da7717b206f448e10733c672be0eb318463ca45416 |
| SHA512 | 2175572b5dce471c90c07a8814d11c346e2fdec042c84534cad74e56fcaf349d8f99ea3f4e14c346b94d713a64a46c3173300f33f06bb16d196e36858b9a021b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.virustotal.com_0.indexeddb.leveldb\LOG
| MD5 | 899aa04813db2f52f9af2b8884762f86 |
| SHA1 | e9e5fa874db77f6e957b4c9ec865933e7832f0d6 |
| SHA256 | 5b854afef1b1ef67a223458be43e704af6523ac1219665dc356ff96a386f9c75 |
| SHA512 | bfacd06f68d75af5017c25f5382b74e5a18c3bc188f5cbcedca0cef22887697c7fe4848302f30f6472754d8ec01c1475cd5ae728b0997b4abcb37d566a678349 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.virustotal.com_0.indexeddb.leveldb\000003.log
| MD5 | 975b5cc9ae7b7ffc2099c535c5d51b12 |
| SHA1 | c46728c377f9e4c2e8540487e727449d480177d9 |
| SHA256 | a9d6ad53e369e6308e5e4829c9fe9230e8fbec5441cc98a98c72334d20291e15 |
| SHA512 | e6892ded563735f999293ce7284c842125523182fae3d41b74630144f7416b35d707a86ed92b867b5b44ad1e59dc5dfa1befb17ca7b3a8a88597906c99ba07db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77387b31f8a2a91e44720964a8a21933 |
| SHA1 | 03430cf9cf287d08c6c76ec3c20a112ba5005654 |
| SHA256 | e2e0edf74c6f2882af2390ac59592fd56d47c4a6c2be8101672045b6045cf1d5 |
| SHA512 | 8271499fe7d7c487608bc3cf42c479e838282c9ba0292d2ec25c5e47624002c6b3d6bdf64f9def2f7839a8a4fe936a47cf8c0fbaa40cd9adf80073347264dc22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 26817d6c2c8f5af06e55f0a3fec054fc |
| SHA1 | 3c49aa02223a321344da1f1dd866d4900410c36e |
| SHA256 | 614695d0c982b28ab4e0416629adddcc0cd06bf044e5c87f7258eca8bdd9df9f |
| SHA512 | 74efac340f782d6e35bcaf770828159dee49835c7a791b161cf46d8f7459b7a0be02a27f932da9192295286fef1c578cbb15bce08aa5d6db49f7102397443530 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\6c2af149-9891-4e0b-840c-bfacc61e1cfa\index-dir\the-real-index~RFe5bd492.TMP
| MD5 | 231e4a2934239b9e5f8634b6d429d4ac |
| SHA1 | 82ed2fbf78aacaf034cee2aacb7740fa77f029e5 |
| SHA256 | 9b4ff6ebfd1b1b4bf75241c7f8cde29b8a9fb6ebbbbf6090e170443c5ee1e700 |
| SHA512 | 9ad68cc4f67d2469531bbf02c0e2805f7cb1135cb46cc1cc479c14d35cd7259fe8f9450960f607f9bb1a543b453b80f70aa7d3b2fdc517ecf25f9598abb2a7d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\6c2af149-9891-4e0b-840c-bfacc61e1cfa\index-dir\the-real-index
| MD5 | ccc84c2442869b1f6976e235c5b516d3 |
| SHA1 | 8bc1f1b084a915db3ca5afd1dd3b2af875c84157 |
| SHA256 | 2fb27f00330155d47e2b627e70d189957f5d2b8f0f837aa0ce8bbd46b21fa721 |
| SHA512 | 0e7f4742ea37e1665ed2ede3cb9f5675805f31c4ccbf91a1a6e45d9ac9277b507a5a876c5dff4b33f9198fc443db5450d3decb23af1a928c9d1ba241f26b402d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt
| MD5 | 9117a376cba16b9a1381553d43ea96c2 |
| SHA1 | e98f33ec36304fb0a111f906bd13577c0e72c640 |
| SHA256 | 33a0d3d9dfcb48be8191f7fd8cb92b99e38d0d792a056ba842890a234823ba2a |
| SHA512 | 296f10e24afee70e9735f50dbd24287e308acfc2a0960c47a72282a97b5bbf9f13403ed871db03519980602869d957e3445a2ad80bbb8a19e4d82c6019036671 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt~RFe5bd4c1.TMP
| MD5 | b1d0b2a9d921d798ebd1d79a0349b659 |
| SHA1 | 31219d64b2e2c5e5c9e64d06dc274b934116f3af |
| SHA256 | 8340801e778c2e096f17f43fc185d97a5c4164bf47331e419abd6a3e0baff35d |
| SHA512 | 1deebc54c129e60029e7700d1d6607b936f07099452c55c86481a1ef7158956baff2664cc9fb6784575a2c2bcbb9a7e9e952e8681cfaf680b1d80c0925a79a28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b62f7358590fccb436e799bcfb17893d |
| SHA1 | d0b3561cff68fbc1f41a6e57c8282aebdb8f3331 |
| SHA256 | caa2a8a8432365f5a9f0f1da7bc3cffa94d3a3e39f7ce567976c92731ba70904 |
| SHA512 | 943a44ecab812c90a505683133da298cf4904ef9eaca906fa9b34b12af1bb890913fc112819a0446b0a197b7cfb48bae6d2a12b4d21f1945d8c07d029b046d0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e86b08f0656646d6f31e17fe5df0a8e3 |
| SHA1 | 5463cfc6fb8329a46499616be2a09f5eabf12f91 |
| SHA256 | 11d75d657fe3231eb5ba20d94a2bdb6d3d95b061e6cca5c7904ae47337e527d3 |
| SHA512 | e4df715220f55134ba7e6fa6a3b4ac39159843a1bf1efe6a2d2c406506f123458859969cb7ad287e4b9395afb4dfec7152e82a8cfaacb73feaa2f55c42558f62 |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | 6b3b44639456a3230e3838d0d2202939 |
| SHA1 | 6aa554f51497c21d684d80fdf363e23b8f1f28f2 |
| SHA256 | eedb91d5c57418231eaf086f3739353392fa83267075bc50de2cabd11db66c1f |
| SHA512 | fab38b9b7d587aed6f2ab267cf9afa878213832b86cc00519e0cf5880072aa95516796131afe87d641fe113f2041eef52988845df15b716330de0080bf5ccfea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 660617d57ccc6ed50520463b663fa944 |
| SHA1 | 7fe0a29c7cca9d110661d429842f805652805d1e |
| SHA256 | ee102074a84f22a38ccc8b758ab849a993609ec66faeceaf1d5062dc903d4eee |
| SHA512 | 6eb59a1b8b4af7adf77424556a59bc2306f16b78baa8c77788ca3c736dc0d7b00cdf6cc82ec2b5be664863ef1d1f9c79a5f0f8af27bfb21c8539ff920ff87ed7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2f913f0e8a79d334e598ffa91a7efc96 |
| SHA1 | e80206924e38921c876559c0c8f5dfe88acaee75 |
| SHA256 | 3ca42f94b8329123b93a7ddba4e886ef61f3a96d70b84d884699a2a37a519bb5 |
| SHA512 | 4df4a278389748ec3303f7bc886330b0f3701a2ed2b4ba281dee041f50e15799b22566d0e9ccd1873bb5cf166cb3df96736d5427a0ca9f2d8a4ce5e35480d7c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 70a07d659c30595d0cd737ee19f8021a |
| SHA1 | a4883265c0c10a52fd938d707378623e38e1927b |
| SHA256 | 9e8875a05435a3bdec706975308e40027dd219bfd05074ba99e22f10327db439 |
| SHA512 | 41bdb9f9bb3212f381bc1d3d8b322d93019b9a03d2c067582a9ee8041f8af918122b2060c0668400e18cff85a968cb4bb7851e1afe6c8151ad0bb0764db1208a |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\7z.dll
| MD5 | 3430e2544637cebf8ba1f509ed5a27b1 |
| SHA1 | 7e5bd7af223436081601413fb501b8bd20b67a1e |
| SHA256 | bb01c6fbb29590d6d144a9038c2a7736d6925a6dbd31889538af033e03e4f5fa |
| SHA512 | 91c4eb3d341a8b30594ee4c08a638c3fb7f3a05248b459bcf07ca9f4c2a185959313a68741bdcec1d76014009875fa7cbfa47217fb45d57df3b9b1c580bc889d |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.33\mscordaccore.dll
| MD5 | 0377b6eb6be497cdf761b7e658637263 |
| SHA1 | b8a1e82a3cb7ca0642c6b66869ee92ce90465b2a |
| SHA256 | 4b7247323c45262bbb77f0ef55c177a2211040fa77d410513a667488bf1bc882 |
| SHA512 | ff3f6f6d1535e7aab448590fdbdf60d37e64e00d4081853f201c0103d7b7918f388db5469774f32af211e0990bc103bc9ff3708fa44efd868aa312c76ea65600 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\servicepkg\MBAMService.exe
| MD5 | 69186998f66f291690f40c3e4e3b9832 |
| SHA1 | 22ea0106cd46bf4ec55dba7bc674f915017151e0 |
| SHA256 | bb088058ee2d51b7d5b146bc8d29463c2e25cdbccbc108763cd0f5f7f4eeeac9 |
| SHA512 | 56bb14ac7ec4d54940efb874e922d5acf7517fdb42179c6f188c0268a646ddbea857ee33435ce43fc851593d135a3e9f222c6d4d9b0f4db17192ad0984952b31 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json
| MD5 | d94cf983fba9ab1bb8a6cb3ad4a48f50 |
| SHA1 | 04855d8b7a76b7ec74633043ef9986d4500ca63c |
| SHA256 | 1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a |
| SHA512 | 09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\dbclspkg\MBAMCoreV5.dll
| MD5 | 5e84b24b7d4e5d5a161074da559a1b49 |
| SHA1 | c5dea018ff9ce1c9a3e0cc90d1363fff57ab10f4 |
| SHA256 | b1fdd023dd927099a2991b44f17cf2845cd70e7869c3bdb95fca52424d9a6eb1 |
| SHA512 | f962b0022e544dffb722456409e90b3046df07262f7a493188f6e17b26fd8ed16363acb89729615a01361fceea792ad640e51606443a007653c1f269aa805774 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | 91ae66a8d2f09adcfbb1e0dc66b80478 |
| SHA1 | 3fd6c4c0c05d20dca3c9e948febd93b215ee2eba |
| SHA256 | 903a82ae359f8872d54b73028eda294653ccd2d1810a2c9786456025d10e0b77 |
| SHA512 | f1bb9f991e01c2673b37249f9aec8fb9302c88f506b7ca94a198aeddbea22f3e688abfdca50952ae99de8826f39d5394e14523ef395d95cac9d7ea1a552c8385 |
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
| MD5 | e23fa7f3048a66d3e026c7548b947c17 |
| SHA1 | 2f5a4eb5c1ca2ae25720161990b0c4ad45688c5b |
| SHA256 | 2f4f62af11a4b3a93c608cf0341807e52e1ec24ff7e415e1c9688b3fa2791444 |
| SHA512 | 769efdb81be395b0ea3bd7f9aa2570de897885218af790070fd5b5dd250f9e2dc9944a26c397ab7e2da6e6d5d534606bf5b41073bc1b741f9e4cf396b0ddd62a |
C:\Windows\Temp\MBInstallTempade2b034931211efab627e3d785e6c2e\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | 5ffb4808ac3ef1ec95a2aad1d765b028 |
| SHA1 | 7ae885fd16043762b3b3d6bef94d6f7d8e3454b7 |
| SHA256 | 023909936f5559359b2889a77eaba9d579ed02051d109232c52c9eda642a5bcb |
| SHA512 | 2c71d9178bab3f34cb3fa31f6d824db9399f82ff83e231c39cc96a0f05f6fc3076d47715bc8c09889846eb2c7e0b0fe9c4761c47731650a51126d77eb818e696 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | 6bc57437d8409064b4ecab41f5443dff |
| SHA1 | de27e2b8f490d65b61395558ea7c6985b315324d |
| SHA256 | 67267f589fcd41cfb07bc9bf8e1e220e0fec4bdba34f553945506b8c3b261616 |
| SHA512 | 2952ccc901ba76f9540c3ac282d7abb274aba1512174b18873a1b1a7fe70e08a57eb37b46f7bf2e503b575e06f0dceba161af476122a4f00dc91f07b3d0e72e7 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | c30fffdf108d7dee03bc1ab0350f1242 |
| SHA1 | c9b78d405b5a3174811962ac40a02230bb31ce73 |
| SHA256 | e5583227786dfbffc932f1fae548478602dbf342473ab5886f1cd7e265471c0b |
| SHA512 | 532f3a4169dd8515e573a08cbc8f832bf33c89a15226c3031bb50a1b062e04967aa403e81138c8595cf5bc0ece4e540cc04e92aaaf0700a0887f59ed51e91e4f |
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
| MD5 | 46f875f1fe3d6063b390e3a170c90e50 |
| SHA1 | 62b901749a6e3964040f9af5ddb9a684936f6c30 |
| SHA256 | 1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec |
| SHA512 | fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557 |
C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf
| MD5 | 5d1917024b228efbeab3c696e663873e |
| SHA1 | cec5e88c2481d323ec366c18024d61a117f01b21 |
| SHA256 | 4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8 |
| SHA512 | 14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a |
C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de}\mbtun.cat
| MD5 | 8abff1fbf08d70c1681a9b20384dbbf9 |
| SHA1 | c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6 |
| SHA256 | 9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658 |
| SHA512 | 37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f |
C:\Windows\System32\DriverStore\Temp\{7f375097-5470-1f49-98a5-8c2083e797de}\mbtun.sys
| MD5 | 83d4fba999eb8b34047c38fabef60243 |
| SHA1 | 25731b57e9968282610f337bc6d769aa26af4938 |
| SHA256 | 6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c |
| SHA512 | 47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 9badca3fedbff58e9cd27e1c2396d81e |
| SHA1 | 3d5a998329d2afef35bcce72792e1b2fc6adb7b3 |
| SHA256 | 5400d47e3508bcd8383325470a88d823caa5d28998fb98da3e5bee1f0037088c |
| SHA512 | 3877d6def347f20f9634ffdc3783ac6b85298e953c642da7ece041fbf3d5add091d87c1d5ecbde86c853193adccbaa89fdfc451c4ac21cd7572874e34ffabf85 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 55442321fcb378c29c2330094bd9d209 |
| SHA1 | 5c7f20588c4061de7ce4245880e6463bacd9ed1b |
| SHA256 | 5ecf0c81ddaa1f38065c4438e690356b9b52d9a29e2078f64db06768d55e860b |
| SHA512 | 02ceb57dcf1b06c2dd687d1d0908f8cd3d01d0ae56b862507a3da87b4a32b9c583ed48fbbb3d4637b408d50c9a6a2cb14c90dd0abd7f0c51c794c2590406d910 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 7b63b03e298c35cc4abd424ccb72639b |
| SHA1 | 75962d26d7c164a708a1c2c8e8e7e05c20ed8656 |
| SHA256 | 2ecd4b73dfb96842d829b8d1d2d0b2d9730861a632d915cf7ac31c885aabd229 |
| SHA512 | 9ce7a39d924976f8e2dbe25a7cf5a60a4c960fed922dbbd6368a55804eb65e22d5c7601808285b583607573d36c7a5ddf9efb19e7f467328e7196174bb29dc92 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | f4d67ed57ebcaf3b5f74094fc001fbb1 |
| SHA1 | 58df54a171d2b382baad1d5302e585189011160a |
| SHA256 | 84295ed5254f0f414c02df44fb4d7f304feb61cc4ae9a9c32f6e7f9ac0b86fb5 |
| SHA512 | b0364d5bffc6a986622622032be7ad9434951534f8dd8926e83bb8e5564eccc0ab29e0871a316dc39d0d2f8cc700335a7ca715a3a546c846c0708a7a424379aa |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 646ad891a0ade41258080da28320136d |
| SHA1 | 8eebbe6e719565accbdbfba4af936a81996ffa6f |
| SHA256 | 75d8c807248eeeed665ab9ebdb024c2e190d88fc4c01081c2156aa07b67b336b |
| SHA512 | 3e1c09a18874d1c38273217a8bd53d8403b3576460c75f238936fbf6947548e7a3211f66612f5639cdd0852f1eed4f7907a161cf5fd52c27903fe33a0e44a292 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 96230e373b7086c28378f2a60cac4983 |
| SHA1 | 14e48880916b538ee7660ce4eedec78ec4bd925f |
| SHA256 | c4d1c4d70ddbe2cc3b465e3a52462ea811dc37fcc519a9cd2a343386e9ab9e4e |
| SHA512 | 35a1b3253eb7130711e27bbd23d7b33609ce0202964f1f186243af03a73a2bd919164e5b0f6029fa22001ec4a6332125f7d7d2e03c9689ee4701aeee008d62bb |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | 0a7c80e6123d2124a67499060fcb6944 |
| SHA1 | 6776e016236d3fbf64a92beecff2b5d279aab466 |
| SHA256 | e13b5f453008aed0e3c16fd346309777e5489480ad2e3031fe1f24b940fb2c35 |
| SHA512 | 47c88cbc388cd66e6b4409793d7fe6897aa07d814a4405a87411828721526551896c03cc878552307f625f118bcfd2c6b5be7e99d56263e48abb9777580db2d3 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 44bfafe137887c008ab93f02f1700468 |
| SHA1 | 3d0586f9852f376a8f1c358aebcfc8a2dd14d836 |
| SHA256 | 299b3da0da457ded37836695f8f7a57fbe27153897c52850f528fb048b908fcf |
| SHA512 | 2dea104241e0dd52ca493de6b3f5e607baacc2e7b2a983a391fe8d16fba97e6cf59885f0a9c73b676f7743dfac4c8ac6957398fdacadaa9c8d343aabbb7f6536 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | fc1ddb4f909b67d1575a333d887606a8 |
| SHA1 | b4926a938e06bc0b330eea3df187170f9e5fe863 |
| SHA256 | df0824aabee1411be3d20b7c495affcb740c1fc4d4991fa64ec30e4030f176e0 |
| SHA512 | 25f8559bb997477d169ba1e3ab176b3a4d6f9390fd0c35bedc69a7667061c7c23a9add1ad742a7a8dc3ccb0dd47ce1e1d74077405a2f1db1be1d128c5185eb4e |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 20860076eccb3090200dfc7ac669c1ba |
| SHA1 | 3522e5f14d3b39fe9e26990a4d2539baa75121aa |
| SHA256 | 7b34fea62f2c37dc98f67c588832a2c0b5aaad1675fbbeeea7c55a665754b06e |
| SHA512 | 64ba55cf1dcaa8df1db5e6ee0383329393a3e0110940ee239b42fb46621b25e012ccd3d9f97645ef3f819be8babca36f7d9b38e9226a83281dd5ff59228f3d58 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | e753d2581456b352a46afe562953dcae |
| SHA1 | d3a58b5dca72d6975cad5cf31ad190ac3ad5f445 |
| SHA256 | 1eb1ba19bd88a4eac55765c3a46bb0f452e15402ddb353c9fe4acbeade13d48b |
| SHA512 | 7d1296332a93877934404ea6d5480cd9d7f67a7406a0f3c2cf69245e56d4344364957a5d71fc9807740987d90805920e2e5befa64ad2e0503a900a8f1eb4c7ea |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | 755ffea798d0ea257cb7a16aa6c46d85 |
| SHA1 | 99ad52079e5e87d5e1f024a6e5b1954e930acb77 |
| SHA256 | ca785aa97adb66f94b39612c1583bc06373d9058c3d660906f73f4f52e0ba925 |
| SHA512 | adc4d4ac1b6e6b7744c0d1ad7bcb3ea38ea1cd71e86be683c7d782c2d56ca5ea0eac6e5dc23a1bd100b2e1e9fd38ad65835e37d8ca042d37e6b36e5f9b555b59 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | 3b6832eb8b261d8ca53b20603223ae67 |
| SHA1 | 3f226184c9589a381e6d3e5524b12d7c31303cc8 |
| SHA256 | abb35a6384940501766e65d3122808e5288f365986e38cfa52be0c1badd5ef94 |
| SHA512 | 2f381e4a205c3fc4d727c39e9548ebfbb6945b03433e7047ad4a005bd1d4453fbaf3170e64a73b2f7e2ac92e619dd0b6cf9d52c61bc50d5ffc1a032291b6ec9a |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | 995174301f78f82ae249e0ca88ab3580 |
| SHA1 | 9243e263e4ed877eca7fada22f57806ef0517ce7 |
| SHA256 | 62bfcd9b875621912a572abf99b8203bb5ea93aa42168d44dbe546cf15229d2b |
| SHA512 | 97d71741c718a2d344affef21628c380337ce05cf2f37392e6c6e3e696e44810d1f7eb07eab8849fd2a0125acdb4ad08f72cec41744c4948806c28230aaa5932 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 956b145931bec84ebc422b5d1d333c49 |
| SHA1 | 9264cc2ae8c856f84f1d0888f67aea01cdc3e056 |
| SHA256 | c726b443321a75311e22b53417556d60aa479bbd11deb2308f38b5ad6542d8d3 |
| SHA512 | fb9632e708cdae81f4b8c0e39fed2309ef810ca3e7e1045cf51e358d7fdb5f77d4888e95bdd627bfa525a8014f4bd6e1fbc74a7d50e6a91a970021bf1491c57c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | f802ae578c7837e45a8bbdca7e957496 |
| SHA1 | 38754970ba2ef287b6fdf79827795b947a9b6b4d |
| SHA256 | 5582e488d79a39cb9309ae47a5aa5ecc5a1ea0c238b2b2d06c86232d6ce5547b |
| SHA512 | 9b097abeafe0d59ed9650f18e877b408eda63c7ec7c28741498f142b10000b2ea5d5f393361886ba98359169195f2aceeee45ff752aa3c334d0b0cc8b6811395 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | 05cba1960325f76ffe29ba5239a7544c |
| SHA1 | 55aed7dbae8119fdea74939dd4a3d1b598883b39 |
| SHA256 | a5160366d3717da1cc0276fecc6ad4286ae23173ac29314744980f62aaa1abef |
| SHA512 | 0514efad9852e2cd1c06294becf85deff5075153b221d7d8a298cd1f718475b6dcb3e9fc9df3c6a8e52b9742e9ea446730105d0b4c524c1a7424c9f65dbfd892 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | ca9ea9602a4e2fd4fdb97ac747351f3b |
| SHA1 | aa7aca503c9c83860fa9765fc71d70fd6c7761c4 |
| SHA256 | c3457056a81e50c463192459eaded32a33a0459b934ca2936b4d82277ac0baab |
| SHA512 | 78733dfdf4bc68947b265ec31eaf9091ad4b833ac6076f509e050118b26af8d0a5db450b56c160d735d43614184223c985fe43e7170bde3b8c0b7a2bf4808af2 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | de80d1d2eea188b5d91173ad89c619cd |
| SHA1 | 97db4df41d09b4c5cdc50069b896445e91ae0010 |
| SHA256 | 2b68990875509200b2cf5df9f6bdfcda21516e629cab58951aac3be6a1dd470c |
| SHA512 | 7a8f5f83552dbff21be515c66c66f72753305160606c22b9d8a552ab02943a2c4e371d17dce833020d2779c6d9fe184a1e9ef3d1b8285c77aeb17b2bba154b3f |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | 78bb099307e0a1a5e9a0a847c7a2ee3b |
| SHA1 | c533b8f6d18e1b5535431751c0bca4949387d433 |
| SHA256 | 190358abbf978bd7d4951109d1154789ce6c6f1a212c8edd6bb1b68b8998ccb7 |
| SHA512 | a98de86c17ff113308b5dfe34bfc10affc14e9893083dc81fa12f329572fa654b776dc738d41d73099a77eb5058c1ba0fd6c6e15c81e40a554a694a1c196c360 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | ad7edf00c9622ca101afa272bcc82b36 |
| SHA1 | 42ae04e2e97aba8405b0df3fe6eec34f74c0d686 |
| SHA256 | 8f2221c3c2bc7dddb2cb5d310eafbe63a2f5bad928501c483a3b94a71509b591 |
| SHA512 | 2c2d31d7216eca65f8e17b1cef060f967e6de49f0a94f07151cfa81a963c1e897bb07331fb27553c50df657d63c30770cd5ed2d09ab67e8cb658b799058513eb |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | 94a54de6c78b33a9ff0b1efdab7b69dd |
| SHA1 | a2998039c57e807cfe8ed9da0755f05d80a38fdf |
| SHA256 | ef8ff88571ec2fad481a52f365b1a0e9e2a9e3bbdc3b28b066f012140f99c3f2 |
| SHA512 | b98b3c44aeffd68edaaf9fcb9c5fab8d446e2b1c1ae4bd538bef0446d18d81fc47ba949f7b8fcde11f156a2a11f7e971e0f54320c3727de1c89b464b552bbd4d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | 085f42575c4a1267cc76d53398799fcf |
| SHA1 | e4978e403160c87a09192a3c08c912783e9aae49 |
| SHA256 | b143e3076845ff4cd3774c68ea3fca511bc053df91b624028a242b25b619403c |
| SHA512 | 482b00409c4e3a04c56df0509bc89954e124e59e7dade5c858159d6d57839000b630fcaa8d6e90b344375f8d8bae8d450502d39d1a7bddeb80285f9ecf21f58a |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | 16a6aad848aca7c684b68f94916089ff |
| SHA1 | dc3a936948599dab48b7c27c979a4bb69e8c975b |
| SHA256 | 99becb68768c0370ca8f49fec4e1e6bd8fcc9981d928ecab27bee1ba24dd691d |
| SHA512 | d27236da41122881e29e16b257807639c1c74c1bb243684c7411ffd25f54edf093e9caa1e38052a9e665039fef579adde4080bcee816e7b3d571930006f4f508 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2915057fc61b8bce9837fab0143615a8 |
| SHA1 | 5e8aea3f882161e14c07e25e32c80307bcc7b2cf |
| SHA256 | 9c394294f33706d6095f38d408a0688ef7a46294e374cdd308e0f0b7d4e0e0c1 |
| SHA512 | 195b2a1cee7e760d81fe73c1958623d82262468af641ee7b5d4626047bf40a54c4638727be26e4d3d694ec62972b410f49d6f42fe28021ea43dc8aa8dd52c925 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | f2a5b0469af4226738fdabf10d17d379 |
| SHA1 | 237e56ccafa68e544314afb0d2972fd2cced80c6 |
| SHA256 | 38c8aac7007d049bbbca9f9d0be09da8de0b201ed2dc3da8bc59cdf826df0c49 |
| SHA512 | 53ce4700b5578bbdadecb916739200eff168f935216a2ec6110364c1981488d1524ff768e9d66390fa8ddba0ea693d42dfb602fe039b9c8863d4d63014a9aee1 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | e661c68809d166b92ed16de49db3c011 |
| SHA1 | dc7b161bdb6a5d4795d021cb799651a821c2a1cd |
| SHA256 | b1936c9d660ad565421ec09331e828fa5f3b179517be0824106f34978edc9a28 |
| SHA512 | ab28601990df3b932f25c02ae30c8167e5741dd45e7a96763d71a96c4477b5e674762be7af04df92aea240d3c03d8903fd98f2d7b5fe1e41f8c28b748c617181 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | e0099f0d8d934493ecec48e98268ab65 |
| SHA1 | 10651c793879e7e1b3752053129795f937768475 |
| SHA256 | 221e3ac2c32af3c536484d33b03ca7a78e74a17f89a43e7809e040d410d7fbdf |
| SHA512 | c087dcd2ddf53efa247ddc48b504a4696afbc96394965a24aff831ed7ca755e34112a491da6268d4b8fbd82f9a08c8df90d0a69cba0087e605413423f3351ff5 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | c5c6e60000dec3652ef2ca98daab258a |
| SHA1 | 70401e9f683e027f76deaa7d9eb94f2217942a94 |
| SHA256 | 3d84b8b488cd8c69148a124ccf957be3f2c517aa22170ce050ef032df6bd24c7 |
| SHA512 | 9afe3c2752bc965a9e6e24ef846d9a6c886fb60636d59da54b7e061832c6d009b34ca6e978db2fa28b0c557056acd61382ffe9f4a28c3a5ad3c5829558001c96 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | ee51a0e673469177dd329a2de1349b33 |
| SHA1 | e5e1401374360686a9d2bb3a4fff540db5e5ac7b |
| SHA256 | 4e0be25e145d498c8c0d906849c534e2e39be53f2e0f73ad86f0cf395782ea81 |
| SHA512 | 08a4fe96275117f445883f8597cfd664d3a432dc944ce1f60d9b65a0cbc0aeff8e1b6d3d59b6e96b27ee0340cb930670a3c7f2f5027d00bfbcd89963afee9bf8 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.sys
| MD5 | 246a1d7980f7d45c2456574ec3f32cbe |
| SHA1 | c5fad4598c3698fdaa4aa42a74fb8fa170ffe413 |
| SHA256 | 45948a1715f0420c66a22518a1a45a0f20463b342ce05d36c18b8c53b4d78147 |
| SHA512 | 265e6da7c9eede8ea61f204b3524893cf9bd1ed11b338eb95c4a841428927cccbed02b7d8757a4153ce02863e8be830ea744981f800351b1e383e71ddaad36ad |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.inf
| MD5 | d87c2f68057611e687bdb8cc6ebea5b8 |
| SHA1 | 27b1311d3b199e4c22772fa1b7ea556805775d37 |
| SHA256 | ff93773f55bf4a6a0242adf82276a8c95c0b244b9bc05e515c4e810c81a960e8 |
| SHA512 | 4aa65b8911d8a2a0f9ef0ee6e934b94db0a9ad4c2ec543b5edcf21486be43f6ab1fda6617ea2cbb85eff230628c9fa8e7649da915d6de695803b28e55bef5819 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.cat
| MD5 | ddb20ff5524a3a22a0eb1f3e863991a7 |
| SHA1 | 260fbc1f268d426d46f3629e250c2afd0518ed24 |
| SHA256 | 5fc1d0838af2d7f4030e160f6a548b10bf5ca03ea60ec55a09a9adbbb056639a |
| SHA512 | 7c6970e35395663f97e96d5bf7639a082e111fa368f22000d649da7a9c81c285ee84b6cf63a4fccb0990e5586e70e1b9efc15cf5e4d40946736ca51ec256e953 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 09c88156a742c8fe44f44bab17952733 |
| SHA1 | 54016454aecebf10a2c0251ba2c77c05cfa7b414 |
| SHA256 | 4dfecf15c5e64813082be92fa07e776064f0b2dc883eca636ad8600feb834a5e |
| SHA512 | 769bede07c320f053471c620535f8e176d2ae9610fc0280718e83baef4a05210a3975c7e9349ed3e5da81b992913a747339f45b0cbae4ffcc02e5822922f648b |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | c78e530b4ccdb9c63456715699cc3249 |
| SHA1 | a256f1538f4ac4a8d6d9fe8a6f474d74154b2679 |
| SHA256 | 700e2b414e1da6478edf710d4d5ab71d96ab9154e5dfdc5b76855dffba2c91e7 |
| SHA512 | 8fee482611d9fbfca58fedc733c2e30fcdb09c336c3e79b7c7bf769881711d8022c689f9269fb9236b645a0abbe086fd0de8770dbbf1ff6fc1dde0ac087df1e2 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 036d3d1dd3eeaa6100563d3d2dd5671e |
| SHA1 | 6b87954c92631eca1833ef3e233deb3ce31b5eb9 |
| SHA256 | 226ad307feae5b74c6e53f331477a7f39dea67bcfdaa82189c8a1cbd77f55e91 |
| SHA512 | 05b9a6b3a978f8f8ee630977d48e0b794ec4f4d1f363f9c31dba7ef3892870fb99e472eed34243b17f5b51ae065978c887ed164232bdb71185f11d78b6a2d8f6 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | a39ea6e90cd7d1d6b078c03f7b6863a1 |
| SHA1 | e594c8300196ff7146867648609f061d78fba246 |
| SHA256 | d0ed4407845d23fc9accfdea9dc41000918344a66b0908fe0670ab307f7f8f9c |
| SHA512 | 8456b0aafe55702baed7c7400c8cdd52f4770e21448439e9628f74196372f51d345a1967f8e6d30996625c8c137ce60958a2cbf6d77419473ad32af19b07072d |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | d7a3fbc6cab422ead28253b1c544961c |
| SHA1 | 997faeddb225187ce54b9fa06937313bb93c5ee5 |
| SHA256 | a4b8d475ec5d11e36aa112ffe87f11977637b7f803efb6ae8805c5b7692396c1 |
| SHA512 | 8d1ba3671f82ea22fc62224ffad2da0ff16799bc4bfa5e6a0437a79d86fb7661ed4a3eb77f44a6ce94ffe68ebd868861b7f01f7c45db84860e0d7f64ff08945e |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 5308c838fe37401f05ce7464a5776e76 |
| SHA1 | 2776744d7fb9b669c5dfcc5fcfd0acc0ffd594a9 |
| SHA256 | 0a867592a4db9e9ea36b1b08b906dbbfe59c15add587f8db7fb691463570ca34 |
| SHA512 | e8475435aa77ed181570ba6968aa122ea5dd9465ad573281431b9493ae4b1080bf2955d8ceaf9137fe9b8170e1dfb4b215fb2669dfb161dafaf3a85f23e6b06f |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | 9ff9cf3ab752f49a418a0cc8a923851b |
| SHA1 | 46d5f06035f03fbcd7a8eb0433f40603eb935261 |
| SHA256 | b60f421af49347178cc3ffe807fdf0d27c1c843a64f37f42517b31df4e412888 |
| SHA512 | 7e7fad178fe0103d69a08e90345283a25fe33023912c44611387df29f05e4442ca1c81ef95964a7af2cd7c8f01f769f3006c33dea5036225e637722dc679727a |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 288870d9e4649320e5955e14c172bcea |
| SHA1 | 042e131ef5201515ebe31ff2f16a075965835e9f |
| SHA256 | bf4615c409d2b65b18c46ff67384590b4f2b9e4c05acbf7d7a4e2f90c15bc611 |
| SHA512 | 142ca2d83af1b7b986aef433cca89639a59d1747b2077226b3fa214e83205db313e5bc39a8ba1804bcd5e3b5e6106cfb47981047b5fc11f76f640f02f9183758 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 7b2f2670b04af268ea90cb337653cf98 |
| SHA1 | 141aaf3b7d6f5e546754bfd69fd9ea1b499698f9 |
| SHA256 | 073fcb59869b0dca8785d844ce7a61899b7500d64d85f2b5346bc84a66b72765 |
| SHA512 | 47bed87aede814460acecd953f95dc73ee4f1eda21b053cf46f9a2424f1b3328372db493919dc9ba88daf42d5f458f3bc68c171da736394c89cd03ff7ac052a5 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 00bf3a4d84806f6f19fd223b8b2fe22a |
| SHA1 | a6f3314a90a918788cd169a744a40bc058c5ef80 |
| SHA256 | 5eb5f99aadeb23af0ea593d7f3f4cee4e6a0b003ea66bb2465692d1c0b6c303e |
| SHA512 | 2901098e12ba3fe6d9069e716858ea89a69fd88681f98639cc8c52519f0436fca5f091597d2448a71b8d15fce73abc1ee9abd26ae6bb59203351455de879bc5e |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 8dfec63df9c66f0b16379195ec7f22ad |
| SHA1 | 28a83b867879a1d471a684e4314a0ce67c083c57 |
| SHA256 | 2220e0f60e35133cdc7fabcc16a7f5dfb9dc824862207d80c7482e4f3999ebe4 |
| SHA512 | b1ca14b3d24d5d40111f1983c3476bfcea320d32ef90cc49079db43ed6b2054230c5c8510746910d2fee932a3c1af2d920b7a748869e3a72ee7e8e3a827cac70 |
memory/5820-5493-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | ffbdc6c62b7e2c74a812df83aa6ce5d5 |
| SHA1 | 95558716223253eedf62ab75928e0af791c2bb4c |
| SHA256 | 4939d230ef3a882526f842201e737c8332e109e756b903c68af4ad788935d06e |
| SHA512 | 03e53abe00727d4c30982412c75a377fcfbb51f8646875235248973317b3c77db3c7aca7550cd4debdcef7fcff9560ef13a8f395a2029899b1f71784ff5409d1 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json
| MD5 | e6063c506bc5706196cae2a15bed6ff4 |
| SHA1 | e6a7f7e59a1d5da1b5b8efaad8a18d226fb2dd61 |
| SHA256 | a733f160d787fe5c2146951c380a4a69e38a3a7df958c438f67b547becafe92a |
| SHA512 | 5ebe5485caf4725e1208a79c75547be1b2a4582c6afdfd4f8e02383c92d4cef118a42a08600955203f00adb73f134c10b5758cb18db0b86011d394158276aada |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 4714476b226e322ca3e9a448fe21e9e0 |
| SHA1 | 9589091f8ae46db1d7e7b4c2258951859ade3bb7 |
| SHA256 | 4bad34c34078aee867965ad31918fa68429c28001703a2dca22683be5fece549 |
| SHA512 | ff31484c7d180b8d18770c141a5fe6e8dce4426fa9426f799af8061e74fa889dde16e0308b05816f5b38e8292dbd2d7b3f79f4f43a1eacfa88807cbe57f492cf |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | cb4642d9dda0877b951572bcb728e877 |
| SHA1 | 50c811897f23214feda784949ef8c403514898f0 |
| SHA256 | fccb870d0ed2dce06374161b1c52f224db74f1cfcccef568ca54433394767e9c |
| SHA512 | 17378cd58807bbf3c0756ab30359d322a22c93a0fb3a43ff8266826b10ddc995513c43ef951797d35c08f451e2979f9831593cc632fa9e2925e7fce9dae6648c |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | d3cfa3c7e524e69219d6f3541d1a0a79 |
| SHA1 | 08fbe86c5f42ec9e3b909b9f18a2802441db5eba |
| SHA256 | 352626923ee98d1e078c311917a6d5dee5d1a2d83fcc13b2e9ca942e03fc1c61 |
| SHA512 | ab0a4604f9550f0e19eabcaadf4eb136e649097ddfbd56c9303dbe199782e9ac2d06ab3fcb00bac8d4ef7f0b5356c499a035297130c8b01510c8a20669bf2dac |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 306a492b7a4f79b1b6066b5ae4a6c11f |
| SHA1 | 53d95f898d1d0ef0049dee56672d521767ebbda2 |
| SHA256 | 8dab0f7e5730da944a523c9edf1558d4a8969bf9b584f46a74ec88c5f848776a |
| SHA512 | d4c9842ec3f859307256259e6e5a5e409cc2c4cca472528e6f80a25b4c8332738f67d9461a6f6e7eae484e28af1350c8e642ac9588a14619bba552b4b2b4c9d3 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 80d09f84a7fb8b1c233225bd3a53b69f |
| SHA1 | b97e19133c27462842ca6a7e21bd7d2ec0b22293 |
| SHA256 | 4b0e3e15b18d9ac06dbc8c0f7b2b7f05e4bf52ccac5436a276cad71e1045dd7c |
| SHA512 | c78a741564882e4290a3c5fe20c8afa42a76aead67a6eb87e7073a9d880684492a865ff680b84019be05af44a888575c385d13b71a35b729a2f25fc4cc45994b |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 02c3fb2c1c65e6a4288c8f296e6c0edf |
| SHA1 | 6bb6ae0a9edd4c8817abf3726eabf10eb9283111 |
| SHA256 | aacc0b1feeba5046deee2fb48ac56b4a5ee66b0fce22a787be7a941189a1bf25 |
| SHA512 | 93663cdbfc484f24fe5d1e1256711d179b8402d1988788d35ab1931c4e854ce2a5acb01c12823f7d5944b71cb65fd9b9880026dc9d66c7f6d920044f62606247 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | 5a9717e1385703e8f06b27aa10a69e87 |
| SHA1 | 84ee67a9167b5eb6560711b9871de98898ad07a5 |
| SHA256 | 47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4 |
| SHA512 | dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 355347a81fd2ac2e10fa7780743683b5 |
| SHA1 | 9c56cb229a882d07666bca4dfd75e5a26f4ce7cc |
| SHA256 | b76c1d3d3b05d53082fd615214d14d6da55cb5455ca0ec4869c15e5af88983de |
| SHA512 | e9839ac8ccc4168a0e743d1b47aac4b4a37a80c24a13b35c9a258db818544809b92d1cbc624381eab8bb4f47360e3ed2ac68933c26858992de5b1c6a0cc20863 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 579dfa4f790667e471826f33e66d7eec |
| SHA1 | 83db952caaec7e9140b4264f01df20757608b69e |
| SHA256 | a065186a0d0e3757037a99a92db870de7e728869ef348d7bbf4d626026bb9c51 |
| SHA512 | 68e059626f9bce4feeddcef48f7f626ccd1e257af95ac62d33d9440b6dff808fa29904fe0fe61f7214affac8dfc4a4d2c3f6bfdf8a8a2bb2573b49e3fe629c61 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 7c12a0bb0bad42aca41f185c735a6fa4 |
| SHA1 | 55e5ea392e7468d347fe7574df7a8b4bae9d2e39 |
| SHA256 | 0e4431c659cf6a53f07c2621f61368048fdbfb9230359612268a8ae3296c841d |
| SHA512 | 1d1ff3fba085e4913644ed923270a49bd85f6cccc6d1535720cbf159d435f9f21c614419c483982b0670890fddbaafacdf19dc1a2138b3c86a2d8e348e196122 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 5601adc2aad86cfff41aa4040ef90d60 |
| SHA1 | 7c549857d8c4821184196f50eac61afd43af08b0 |
| SHA256 | 010ebf43066e2cada66056e63886cdb26b2418f1a7b44afe321b2e8573010cbb |
| SHA512 | 6107db0a5eea5ce37a931234b4950c481fc5142f52eaefcce2f2f515293936d0d6aad0d73e4511c8f1f2450c6f18f4b884bdfa54e22ad14a8247275a7a2c248c |
C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
| MD5 | 42a9832fdccbeb097ea863d580c84c8a |
| SHA1 | f802df41b5a42b2ac86dd6134136dbdb79f80b35 |
| SHA256 | 265b6121e7c1f69a09efb05c1569a648c03287880f60d6aabe587a0fc0e0b828 |
| SHA512 | 573ae029cd8f7c0bdedcce7a32391bda6646b242dea3c1931a778d61422176d3a767c2118ea3d9d42d9945e0e2216ce0228c3bb27e996ab01a4551689711a1c0 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 584a396476bd454889345fec509261b6 |
| SHA1 | e401b92da0ca879298c02fc30da393c1d3053785 |
| SHA256 | d7ec835633485bed07ee8b5a1e323c8de612f92e16bbf571df39315faca1f9ef |
| SHA512 | b5d30e779cf66d1512a90224d652262784523e34f6db6e4a21338658df5788a46cde8c0721da12d032372f954606b0ff5f369185c714e5f26afeb2175db4ecf6 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf
| MD5 | 358bb9bf66f2e514310dc22e4e3a4dc5 |
| SHA1 | 87bfc1398e6756273eee909a0dfb4ef18b38d17c |
| SHA256 | ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17 |
| SHA512 | 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | 954e9bf0db3b70d3703e27acff48603d |
| SHA1 | d475a42100f6bb2264df727f859d83c72829f48b |
| SHA256 | 8f7ae468dba822a4968edbd0a732b806e453caaff28a73510f90cb5e40c4958a |
| SHA512 | 0e367ce106820d76994e7a8221aaaab76fda21d40aede17a8fe7dedaca8f691b345b95cf7333eb348419bc5f8ea8618949783717100b38ed92544b9199f847f0 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat
| MD5 | 1c69ac8db00c3cae244dd8e0ac5c880e |
| SHA1 | 9c059298d09e63897a06d0d161048bdadfa4c28a |
| SHA256 | 02d57ac673352e642f111c71edbb18b9546b0b29f6c6e948e7f1c59bd4c36410 |
| SHA512 | d2ec2ff9fea86d7074998c53913373c05b84ddd8aa277f6e7cda5a4dfffd03273d271595a2f0bf432b891775bdd2e8f984c733998411cfc71aff2255511b29c9 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | 9865a93fc04f350d9b7de1b6e5c6833d |
| SHA1 | 0bc2109fec4bde489a64de7cbf52e8080a6899e9 |
| SHA256 | 4857c9ea284bd7a09b003c6d464ab7fb5ddda1f6e2d50745ae1903e8562dc488 |
| SHA512 | 24e7829eb12c71881a75442ea19901a7a371666a44c8c7d02ab7771dbe360b03b26c076fca96f86632da20a8e97ccb27b4d3fe01dd9e1497c441153a4983fe85 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 34446581bfc34e9100c1b648101c32cc |
| SHA1 | 6711acbb7221df33f20f47b41da9b27f75d1b813 |
| SHA256 | b92eb0d2b6ac324de63bee88c1265033078fd188313a2d59c17bdc0b6c423aa4 |
| SHA512 | 4cde81269ac47dd80b126a4fc4cc5b11af23405fa629e8666d64094da44c0d412cbf980332498d890c43b944f46e68be1117640e7e65d23a1e3505830718d2fd |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | 2b9f049f680f2808d2572e3018803fd0 |
| SHA1 | 6573432b5f46789315e7a9a5d4717ba008dabaf0 |
| SHA256 | 128639844f88588da5496599c2c96e76c46e6a8bbaf1e9f1112f746cb8c51107 |
| SHA512 | 1b61d87e5bbc2558bdb1ca1db312f19c998cd0eb4d37f6efb4bc045e93fcca07fcc0335c9171a3051e5acf2c50febdb6a2b91ae045a49c2f03b637a6acdb8e3e |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 1b0980fa10e4d346cb262f014ad13f31 |
| SHA1 | 859c62200819c0a1f1859d36ac6814ec2da2b9ee |
| SHA256 | 62dc5942fe769708783441e9d9ae958b4b26b72cc1976864dcf5623bd2110f8c |
| SHA512 | 3e990d4ae856a88fdfa959418e62f9f5cf9ba37f842a4f3e9bbd9c8b48e8f3117caff47e486df84503c53f018e863dd14248d777e93f50d51182e19cbedce670 |
memory/5820-6443-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 41457aee61d6d4ebaf79afab2eca272b |
| SHA1 | 5edf68ecafbc6571b81ddc08d79e5d36f145523f |
| SHA256 | b300adf295872bb59ca4130bb5b229f4e8bbadeece88ec1a7d4218c998ace349 |
| SHA512 | 1633ecc74e4b6da465c8035bc444078c4999d0817f84142f83b98f934035ab9155ce3b251b6a8565b2e3f0a7e2b82a84357f5b24140f77af4c24a5f7d799ffe0 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | e5bd295850b593f6d7cbd8bbe59e71df |
| SHA1 | c922df2483c7cefbed91b221299c0adb6e5a7db2 |
| SHA256 | 70cb5eb4c7f600a56e6409f58cf02de1aa2883a33063d89a68f54f28c2209ce7 |
| SHA512 | 8ff8342df8cbb255c741c42bc14c45309835f74eac8e4a498fd109b10664b788c6f573db709faeae1a781cdec4579691ec309fa66e5656a681ff9adcff3c2b60 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 35a57f5dc3e401ca2ba51ff2a6e45ddb |
| SHA1 | 7a99b9d17ce6c4fd884456c06b489470899f9c55 |
| SHA256 | 339eb21aaba3c4095d1cb4d6670b837761abfb2d2a45e5cfd6d70c2bc77698c2 |
| SHA512 | e4886dc406f674f2bb15626d3ce2464ab41fbe4d066e07af43f31df52115b89a43203fb5834227c15f586c479c99535ddcbccccc8d165a615f66e984f0638909 |
C:\Users\Admin\Downloads\MB-SupportTool.exe
| MD5 | de14da361ce2cb6402cdb86482b3e0a1 |
| SHA1 | 12f67216f9c07d16a866053354ae3e65b7a07022 |
| SHA256 | 4dbcc09193952fac4d9168b92c9a164baadc37a76b3806d2a84c5668536a0588 |
| SHA512 | 6b8ba4374d9a36ff5e154c4b6316b457e1bf0077fd6c3290dde5cf780796466c39cff6a530f8bb303ca2588dbf2f650967047af7257525a7046087c754c3609a |
memory/5820-6646-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\Downloads\FRSTEnglish.exe
| MD5 | cba865b41c3ab9bf2711c6ed83a8eba1 |
| SHA1 | a523cd3cab5deedcad0b21ab47bf8d4c8869bc3e |
| SHA256 | e507ed1d06075d94726189db29560ec5232aa0311b5fc7b8f9f1b0db580f81b7 |
| SHA512 | ccf783bee15644d12aeca5b05a1ca632dd3373cbbb15e016ba58812bee40cde57dce9e8f75dc80648e9981bc5cdf73a9d0af743d8cec386844a522291d8dd31a |
memory/5496-6714-0x0000000000980000-0x0000000000AF0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0b4d30affe7197ab9f40aa4601086d36 |
| SHA1 | c1479680a0d929915c84de5f3eb8cf25b02ce3af |
| SHA256 | d049d9aafe3e88f2606fe83e3d2035d05f49666c9ea172d1ece38c0c7e213118 |
| SHA512 | 6179664c4a5e495de8b243b310ca2bb2e7688d8748f2eb251de5bbe99dc61ec3a69df1941ef8e9954c4d46948600f031ca4d6429306795dfdec8b137dfcba973 |
memory/5496-6720-0x00000000053E0000-0x00000000053EE000-memory.dmp
memory/5496-6721-0x0000000005860000-0x000000000588A000-memory.dmp
memory/5496-6722-0x0000000005A10000-0x0000000005A56000-memory.dmp
memory/5496-6726-0x0000000005B80000-0x0000000005B8C000-memory.dmp
memory/5496-6725-0x0000000005BF0000-0x0000000005C7C000-memory.dmp
memory/5496-6724-0x0000000005B70000-0x0000000005B7A000-memory.dmp
memory/5496-6727-0x0000000005B90000-0x0000000005B9A000-memory.dmp
memory/5496-6728-0x0000000005BA0000-0x0000000005BAC000-memory.dmp
memory/5496-6729-0x0000000006230000-0x00000000067D4000-memory.dmp
memory/5496-6730-0x0000000006BC0000-0x0000000006C52000-memory.dmp
memory/5496-6731-0x0000000006D80000-0x0000000006E94000-memory.dmp
memory/5496-6732-0x0000000006C60000-0x0000000006C68000-memory.dmp
memory/5496-6733-0x0000000006CB0000-0x0000000006CE8000-memory.dmp
memory/5496-6734-0x0000000006C80000-0x0000000006C8E000-memory.dmp
memory/5496-6735-0x0000000006EA0000-0x000000000CAEA000-memory.dmp
memory/5496-6736-0x000000000CC10000-0x000000000CC20000-memory.dmp
memory/5820-6737-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.tmf
| MD5 | c97bdce34905d88028d709cbeb8396c8 |
| SHA1 | fee05f9fdf2f52c3b13de2e77e6ff98e4df485a3 |
| SHA256 | 72e4695c9c70d5bb90bcf4d4f6b20607ca25fcdcb1bf9c5c77a062c6eae77370 |
| SHA512 | 31ef1b6219d6bb7d723342e2f94e8199fdd517cae7008ad1f77e064f77eea0f6a3c0823269e55285a27137fe0234cca731829691f84f100ce048a5f62f7466e0 |
C:\ProgramData\Malwarebytes\MBAMService\ARW\mbarwind.arw
| MD5 | 31f4ed6c2077a6712cfc2b27762b580b |
| SHA1 | 57c68266fc9b49c5d7dc62a15eb6636befcbc84b |
| SHA256 | 1ca6574269eb2e6daa059cec58c5e999fc6345bb8a93a7b3e22fefd34a7ea8b3 |
| SHA512 | 13d9727a694c88fde149517beb4d16938f328486065b9d491151b06855312cd0b5deda67a2ee4ba85280d19d7d6b648bf0b6ffd3ed9cb346ba9ed0cfe9ceeed6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a3e183ea35c216b2d9c2cb03bbb1fea |
| SHA1 | 55c3d42826ef2c224e7e9150164a86c8e05dee7f |
| SHA256 | 2a3a0af388bd00850eabaf96a865cd8eb5819a8bc2b191c4a61fda47e9b8c430 |
| SHA512 | 7b0da8e20739df96eb0108e96caacaa6880201c09905c2d3cd17ed7ca365baa97c13743a18d6b7669921e99e64f7ffa8fa52346ffd848c123becbd2fec90d404 |
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mb-support.exe.Config
| MD5 | 899a7629e0ba26baf8d7ee918145cf8f |
| SHA1 | 5f958ab1302906f824ed09ad307a4d239ca2599d |
| SHA256 | 4038778b4bbf343e4f0f68c5076a7ab00ab4815345fc122618a98f2d48f97886 |
| SHA512 | bce12dc399049813a22e408379155cb6afd8e69e4d02a4fb0fb4249cf734e18cf84756cf876196d23e242038c9965e0b5ada99c1aa2b7d81d535fffffd076f1d |
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\mec2i3ql.newcfg
| MD5 | 8081140a0375dae6d1813a859f7dcf4b |
| SHA1 | a03b615804423d47e9e2a6143db9092061a6c5c5 |
| SHA256 | 947ba49caacbdfc935f5c933c39bb61337ab2a9918f14dba29e72670b753afe3 |
| SHA512 | 04c1e0a995850b03044fa32ef60701383ff11cf64569caf512d450926f2105e8fad626d898299e05da6d49eea4ac921444502371eeaaff14b9635c066574842d |
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\dcmyeu5m.newcfg
| MD5 | f57c884e497901bec5026918308cd1fc |
| SHA1 | 6225374854e52782bb6ebac84f9820677e96f270 |
| SHA256 | 996f32ca3ddcb925c28547e0a43ed20505df95dc2441222639f2a9e463f86c9e |
| SHA512 | 8ae30432c450ebd95794faace0d38190e20976f029fd57f8addff35a3195028407949b157c436cb53962b4b8a86a66a49f62156b6283904eea7b31bf54caf991 |
C:\Users\Admin\AppData\Local\Temp\mwb1C83.tmp\sipk1iaz.newcfg
| MD5 | a72757aef2aa91d84d40e0328f3566e3 |
| SHA1 | 1d0442bf32716efc495f8e9766bb0d20530686ae |
| SHA256 | 2f4aab91a55f190810ffedb27ae87e27fc40cf209227dfeb26779debe88f24dd |
| SHA512 | d4dbc9bf0b114a243c20b1dceee5e57f85698e32e7fe6e247614bac567777ac3824cd2ae899011f7d29827b070ff04cf73dfaa034677b356ffe2ae3a45db6b00 |
memory/5496-6896-0x0000000010F30000-0x0000000010F52000-memory.dmp
memory/5496-6897-0x0000000013370000-0x00000000136C4000-memory.dmp
memory/5496-6898-0x0000000013700000-0x000000001370A000-memory.dmp
memory/5496-6899-0x00000000136F0000-0x00000000136F8000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | a1aefcd9947d671f05b7d8e7f5ca98bf |
| SHA1 | fad2deb3490bb1183f51ee2dc04d252eae4ea6c2 |
| SHA256 | 7baee8d3ea2a25608d973340962dfbe636b1a6febbd4569303c4cfea599eace1 |
| SHA512 | f8630d9feca0dcc1272784d378f354c80e64927e1a1b4c818be096b7a2cb381710e206f6a783ce5aec74371c8d547c4d7eb2c256d8efc002ac50a940315ea7b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bb3e10e27676067f8d786f99f35b675 |
| SHA1 | 79d6953ffef1c83a1213667644573485590c4196 |
| SHA256 | 6e16a688944e053c9eb8535b2f20c71a9d3265af1f3dedd855e89ca7be6c84ff |
| SHA512 | 1486794961dc88e388e9797941cc89201ee57c5679b5706744ef0c23eb7461bc5c54cf894da07de7abc7b7addb89b2ec2a110dd2476059308649d918d20e1272 |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll
| MD5 | 52c4aa7e428e86445b8e529ef93e8549 |
| SHA1 | 72508ba29ff3becbbe9668e95efa8748ce69aa3f |
| SHA256 | 6050d13b465417dd38cc6e533f391781054d6d04533baed631c4ef4cea9c7f63 |
| SHA512 | f30c6902de6128afbaaed58b7d07e1a0a674f0650d02a1b98138892abcab0da36a08baa8ca0aba53f801f91323916e4076bda54d6c2dc44fdad8ab571b4575f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | a32567051332a98db86492ac85974728 |
| SHA1 | b59a5eefb6cae4e344b3857034a54e52a8437980 |
| SHA256 | a6adc268772e967cfb4f926fb09784a67941611a381b971e2659a555cbac6be0 |
| SHA512 | e03d91cc6b8a00b26407457cd24cce4a0dad262753912e52eac075c9ac420a90b87912f4b577410e476a0a031164b03a887a7bce501dcfa7944cda06de594d73 |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe
| MD5 | becfee2afe2efc7830ddf2ee87bf513f |
| SHA1 | 6af01f9b215f6956f7184eafd7eafff88327af62 |
| SHA256 | 70d5b714891a6f244954f4df7b99cd952856d747a62a09837860f061541c3fce |
| SHA512 | 26c937d821216871e7de4e9f2e7b821414cc071f583b711335af81fcb390f8b1365e969162d5d230d43305de3461223a3a2ea80defd68e29a274b700b8471f8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8ab0b0ceb916d939abefe9a2218ebd1a |
| SHA1 | d4b03b1626fdff7061808fe02e7c4d7907769137 |
| SHA256 | b7ce77d591259f3ad839f8104aa2baaad14c3121491e0398b69ebfa5d3990be7 |
| SHA512 | 0cdfe231b0e6f20b50bd92fa4968651dacedba75863f5639ae9b1ab91b5d4a0541a2fa05ecf0fe8279d86af3c62a6b7d795d38422a1182af46dc1bc3cb502878 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4bde966124158f1ace0ef1b284b5d10a |
| SHA1 | cc18eff29afbf56b08151de2808e1b68c153099c |
| SHA256 | 3b5d53d9ba0c6ef97202ac26acf549daa6da6e60e480e92bf9b05641b5c8b259 |
| SHA512 | 9d9c24c2ab098fea21074b37163dc8a902256577284acf0a5093bffc31718e4676e2111caaa7e978d208c298b43b0c71dd4a158d3e9491e9539b1148db1f912f |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 20f32a2ff277d40a8d34a6cfdcbd1e08 |
| SHA1 | da0226812f1d9bb0a013223d43ef662cb734281f |
| SHA256 | 586f12c9fc2a94e3b54b92750e798efa75bc14ab7c678f76ffd903fd407fa597 |
| SHA512 | 998cbc5043dab181d8f2639a186660243f65a56752a191ef5553efa698d97792534446ee12e65b01ad8ac829ca1dd74a298fa09f77641584b18003216315bb7e |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 376f4715e223d90ef44864d8dd0c4482 |
| SHA1 | c838febfb4185ee256dd5fa141de78ce549bd3a7 |
| SHA256 | a75b2c94abab93a5518b5902dc40470bb262c5bb8814fc4fee2073062da36690 |
| SHA512 | 754ffeec23c36b10c4a92e6cd5f1dd680d9aff112099be7d536227eef2dddc40ce82574d162239971ae89ce035201a67a82018363472f9cc04ed6a80b4a5ff85 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 08a881d756aecad6b9a7e774163833e1 |
| SHA1 | bb38172a7fd939e12accd9d1596ea1a753760e06 |
| SHA256 | a67ae093b5f457ddc58a67fc586d442f8a3a7deb138604b256733df454a864b2 |
| SHA512 | 6b1bb9fd5169ad46afce3bfc6b345a12a21ce9401b6bcdce16910d4d05f7a77ecd49096e7f3fa82e9f2a856784073462089b94fb9e78bec151f342dae4df9330 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 9fe4846757cffbf53712cc694fa5fc46 |
| SHA1 | e389a46021872c613a881658057c4999f2f68bae |
| SHA256 | 2d94f3e68471f062a4c6738fb9ea8a1571d24ad7b86831c4c8138bfaf1373eff |
| SHA512 | 05d4032714958efe89b4229a522ff9b8673abfdb3a8fdfd642e68a2eded9d64eaf15004ed594806e03ebbee180f289c16c2761d870fcf68c3bcabe3ceafb6ea2 |
memory/5820-7004-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1ae5f9ad2a2721f1c98cfba8b3e2e662 |
| SHA1 | c0bef405a6c3ee43a2f7a00cc5fe2efea7fb30f4 |
| SHA256 | 4dfb4da7f043bbd75089245736fd49973b2678c8c9381315ce6f51d240a1658f |
| SHA512 | da972b337f3652a30a6cf993ecabcdfe7a58411d54d1b7258943a90b6e43b56ad78cebad0c537d46af20f137076248bba79994712ca92e75b5b06b75d6a17562 |
C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
| MD5 | c3d54b417bd45333ef58a50ecb79075a |
| SHA1 | e97067da4cf62a527285dff10e1a4fe2fd7e8d9e |
| SHA256 | 332a58c088b53a22ac9b51257e09d233138a9c383d3e720da574efee19d484c5 |
| SHA512 | 5efd199cb52141f3a30aa6187d928413add36961056bcd1f90426d1a122a2cc858e97c2d8a13eb0b6553b2466a0e169783cd3861850b34535baf7514e5ef20be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fc08f42e7c6a94d198c8677f8009b771 |
| SHA1 | 488ad4affd261c7936a99a97c582ded0ff02a992 |
| SHA256 | d758f5ac51527a2f51bb63d784e579a554c810cdae0d93e0aee6460af81a272e |
| SHA512 | 6c869f64c930d56dfeb51fca19c5c335a35242a3234e429f25ae5e4d387351c508059921e44244845193811dce253577110922fa59a8caa4c1b5a59fb300e121 |
memory/5820-7037-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22e415d4a2101390_0
| MD5 | 629f4d5ed27267526c0a056883886676 |
| SHA1 | 99873e3c633c3899bea7a74a0ce947c3a9304895 |
| SHA256 | abd8b161b091e721ee044bbb5198cacd44cff1303b8908495f45640cecb04af9 |
| SHA512 | a3fb8d243d07d127bd506d814247e352c26cb943e5ac8578d1131b1cc44c9e2576c69ba821a7f4b709d73356f6f69546531e37144e65649306a0a08189baf909 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2518ae90d2d52983_0
| MD5 | dafdd27666fb0924a870ce6109c934f5 |
| SHA1 | 487799ca8f749676f5c1c424b14dfc34b8226fa3 |
| SHA256 | 467b847e45f20c5a7a0ec8ee319a986eddc9e95e0fea461acb51747ea1318b78 |
| SHA512 | 64696b163cdecf964b0c9715af9055f4011382a776a84cb31edf212316e34c085e961c7e8ceb469f83a03ff3a0e9676be59ccf36b5170a6d84c7b36b5fe98012 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\231d1885f89d6f54_0
| MD5 | 7a748c3d97fd9f62814f1b3d4b27e73e |
| SHA1 | 71cb0906b91e4ab53b6fea8b4a3a73eafb3ee97a |
| SHA256 | ec82dd234757668b06bfacc6d4a6515ec8f0e238a8296abdf1b04b187481315f |
| SHA512 | 48ec949ffb609f751ba9ce74f70961c4d0c2e2396cd4787937a3b632d65c113c33fe609b782959119e6df171874fd0aef815985c8cf29057cb0e6fc6825d4d11 |
C:\Windows\Temp\TmpEB8B.tmp
| MD5 | 187f71cf676c75ba8f9dbfe295620474 |
| SHA1 | 823fb8879b4ef97f8972cbb4f8dd5d8f98ba7d8a |
| SHA256 | d7ef83bbb1449815adb055c7c6c66052d1c103c9cfa81e10146fd87358b4616e |
| SHA512 | 83d08893a7c4df1c46b9759c725c96f4b4a72a95b7aa04e9fd01c703fb5755b4a3741582be2b78c1e23c7ceff678a77b280477c88299fb7f6ebc7755e1ff153f |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 2b6ba2a29aedad09dbbf964b404ca4d3 |
| SHA1 | f4740d6bdda9e157fb4e0b8c039117bfe0e147b6 |
| SHA256 | 76ef1379b03d1cc367e0422cc4688a3a6c697ccee798a750bb3ed53bcd71def7 |
| SHA512 | 6ead63664db520ff6acc5d28e858197a320353c62fcdc9feba089ec2b09df95b690ed72d67f7b73d658039478e694b6732aec65e398b0c130e6842870abaa190 |
C:\Windows\Temp\TmpF5DD.tmp
| MD5 | e64d3c98128cf7014fea41fd4d7fd7ee |
| SHA1 | 2a50522b59cf80a883cbcda255699fe6e0e27da7 |
| SHA256 | f039f4be44b16ca18e2d40250671ffba168213ae73a51438dd37c6272ea27de7 |
| SHA512 | 43f65a65f9f5f49a53b9145b03034fa614aac30054439c1b7f00b00b5bdc472660c84eff20bafd909c879d9a7d38d778335fa886457691c142f37f6a5dce0db6 |
memory/5820-7163-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b161626bb5d8d11e351ae6287ad557e0 |
| SHA1 | 2e0a0ee0d83a1c99cc6fb27d65b9c31028185991 |
| SHA256 | 1b40846f04f798e6703a5938968446d6c7a50d23bb536eb58a8260721d740211 |
| SHA512 | d868687366ea80bc058bcd5a396cba39f2e6d98333d9bcc3a7a13fa39e7bd622704f0342ac0ad9a1b3a590ab20209504110b74d0b4a34116144b41d3db965a3e |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b713ebd99174021b38d42a7ec60277cb |
| SHA1 | ec56a67530fe08d504bf132cd29ab4a670e7bdae |
| SHA256 | 4ade3ef5b33834781704e531c44082b2a4ca4e881493db8acac2b304144255cd |
| SHA512 | 7c6d2046370a829921d1075fbb9abec7fa476d0f64abd8392f0d6e75e3c3f24222f0cc33f6c9b893ab11b6cd8b4207d0a680577c4118e9d2e2fc8450383e512e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\version.dat
| MD5 | e6fc9a4e205cc1b8bb25b1cd3b4c26ad |
| SHA1 | 191d8944c848fcd3f724c828db593da6bc14be43 |
| SHA256 | c1042d6383d0aafa825b80b04b48524060960f58f6e4c993a8c249bc88ef57dc |
| SHA512 | d1d3ee9157e7d11541a82acb66a30926a1ad584ae4a270bf40288c13004123d20aa888aadd5cd0190c4bd3342ad2b90ed3e163537bce80ab325410c82ddbbf94 |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\expapply64.dll
| MD5 | 76a6c5124f8e0472dd9d78e5b554715b |
| SHA1 | 88ab77c04430441874354508fd79636bb94d8719 |
| SHA256 | d23706f8f1c3fa18e909fe028d612d56df7cd4f9ad0c3a2b521cb58e49f3925d |
| SHA512 | 35189cc2bf342e9c6e33fd036f19667398ac53c5583c9614db77fb54aadf9ac0d4b96a3e5f41ec7e8e7f3fe745ae71490bdcf0638d7410b12121e7a4312fae9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f1900e29c263aa4ece21736fbf16febe |
| SHA1 | c16c29772f6bb5d266ce6125afa931067881bbd9 |
| SHA256 | b47e487cee46134b65d3a1bed6a364bd45b301ed966325fb6af0368b9f110222 |
| SHA512 | 2687a02c93c1bd145800e0fc909e1f8e4137e9064a88d132b3c20a99b0b4ae542acc32f7ace367d57e2bb35a6b57e45c8cd84dab70fffeca616c3c570fe04370 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f9707c053d4d82146d8ff942c8af1c0e |
| SHA1 | 65a330112518a315c252290752e6e06243df9725 |
| SHA256 | 1fabb717f14f4e54fb504f383cdb1d8874c839929a3c2f9bb8e4809874323c02 |
| SHA512 | 0ac7154ca755c8540f8b2844fe4d35ded762d0b85f4c331a106cb4be8889d450541b816a43fa40c0dfd58c9a98fe305c56a225d1155f646e04baa7deb806b7f2 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D31.tmp
| MD5 | 3b337c2d41069b0a1e43e30f891c3813 |
| SHA1 | ebee2827b5cb153cbbb51c9718da1549fa80fc5c |
| SHA256 | c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7 |
| SHA512 | fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D34.tmp
| MD5 | b5d0f85e7c820db76ef2f4535552f03c |
| SHA1 | 91eff42f542175a41549bc966e9b249b65743951 |
| SHA256 | 3d6d6e7a6f4729a7a416165beabda8a281afff082ebb538df29e8f03e1a4741c |
| SHA512 | 5246ebeaf84a0486ff5adb2083f60465fc68393d50af05d17f704d08229ce948860018cbe880c40d5700154c3e61fc735c451044f85e03d78568d60de80752f7 |
memory/5820-7583-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0df6dd10ac5b44186047d938fa882c29 |
| SHA1 | 9b096253350c4e82176a05da86ae4a598a625146 |
| SHA256 | 21f8e4918c1828c63e77c24c4b16ec3d7a7d0363e7b1447f22b231344b1e8df6 |
| SHA512 | 94c56a7550ca2f70579727ad42ffd883cff25e18b9cd4f6c678da3d91e5ce4d5186d3ed0dc0edbb9f7a1d6877f531b1a120d9125408eaaeaefde924eef5b58e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe
| MD5 | 5830feed3e34072f13cdbb9c3d433a5a |
| SHA1 | f2f9f9b1912cedb68aca907f320abecdf8303513 |
| SHA256 | 1e6d79f76ccab623a4f200df039f9f70c02a61f41fd9475f5dbda5a4fc2ff96a |
| SHA512 | 009536aeddbb09f2e21cd8c0adaa4bece6c96399f73f93e0cb73919f80c79c959d6c0184636afc56ee197cade57d7d02b9f19a59e18d8b94618dd6c141720515 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D5A.tmp
| MD5 | 54dde63178e5f043852e1c1b5cde0c4b |
| SHA1 | a4b6b1d4e265bd2b2693fbd9e75a2fc35078e9bd |
| SHA256 | f95a10c990529409e7abbc9b9ca64e87728dd75008161537d58117cbc0e80f9d |
| SHA512 | 995d33b9a1b4d25cd183925031cffa7a64e0a1bcd3eb65ae9b7e65e87033cd790be48cd927e6fa56e7c5e7e70f524dccc665beddb51c004101e3d4d9d7874b45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\710b9984-006b-4c98-aa7b-1de287310ae3.tmp
| MD5 | 0f9ef865ef839821dcd5c7cae14b4fab |
| SHA1 | 94dac2a7d802f29b4d037c7b0b3a3294dbe772af |
| SHA256 | 573de5a58b1daeb9583082d0cebd6504c868500376236e96b7ac338c928d7ae3 |
| SHA512 | c23b90e357006164caba1b3d5508e4670da6bb00b678aa8328ea74b46496270695314e9ecf6e308a08b84202b8fd447ae2795f672798481c907c1131ed73f361 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 639b36c4311607c0ee0aeb0a62063084 |
| SHA1 | 6f3596e6094840f295f956e27cb55d7bb361a465 |
| SHA256 | fcc3e20b2d3250a2beaaa5fa1e35c0153dc3e55487ff6d53b1a20b2e4b2ef6ac |
| SHA512 | 5ee0961112960f64a5c195fd6d4c0bf605b52caf8dee66ba3c5fa2f49b2b4c6f14a7b62f8f896a18f3abde23d1ebfe274c753768040d953ede2813e9c43dfc75 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 1335b51d4b8354aea6e1d702db69d007 |
| SHA1 | 6c301e02f2d9f056891a415a294611b60c9d6cfe |
| SHA256 | 72761790807d86f26a6f914d248d523ce7839694f6cfdcbbfa521891416b2ef0 |
| SHA512 | 4adefd5acc6f7585015c6ef5e37178fca5afa450b5cce2ca6b6f7417112fdbc47d17a70eb37e6687dd1a5b93f5a7d9908fc1e708bd881bd6d0bd820556359cce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ef
| MD5 | 729c447f4baeb1f45966c5d3f5b4f10c |
| SHA1 | b66ff0d1a4918c8c25c4097d05e6d9fbb6f40e7e |
| SHA256 | 4722f07110436d12b3cd86115d62bbce0f2d6eaa6b99e53915d20c71890ccfc5 |
| SHA512 | 0f939719666922751a860434178999369f0dfd06d4ae0d8ce8a60e152054cb1fb738773dd300eae9c2749635057534c892d29f9b01224be4d5272d054a585423 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f8
| MD5 | e7ceeb3861eaf0f117fd19282fe1a1a0 |
| SHA1 | 781b5499395bcb250ae1511073ee666b6ff7b55e |
| SHA256 | f2df0fe05ef895e37ea1a50a5f795dbfd1e392db2559bb04351fb4ad71fde3ec |
| SHA512 | 0acff515e48b6801fc9fbf7676917db7ef1cdd46befd3021ce896b4087700c21d5e9f7c3bbfac06eeefc8879151b7a8d64d1c4dadefffb2381650dbfe422ad9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f3
| MD5 | b64799b0b3bc9abbdf736247372088b2 |
| SHA1 | 7a49bd718880bb24a63f576d1770d6c413cd3d35 |
| SHA256 | 78eb6a2f344c258027cff48065abb14e8c6ccedcdcc806fdae97ec2d3636dafe |
| SHA512 | 4a380440e351e645e6694088d141819546b2fced90c5dacf710cf1729ba9941e6912de8558a1caa82839a04265e4a46bd54b76d55939b50208122d287f3b530d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f5
| MD5 | 71dc158678b5a9ba55c7f6709ffc5867 |
| SHA1 | 13a8eaae3be71e75bc6c9ddf498668e12788892b |
| SHA256 | 0d18f432add6d82e9f7d8c14416b0859505c825d676804be7f6a3005960378b3 |
| SHA512 | 9412a0b9054c9d3d3eee2d251a0b8f2c6ac7be81f6bb14a46f52fb7677709cf2e86655a8f43387a1e8f37262185640783437ea4ac9d8db6e51623972088b7bd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 2a00d33fd7c21f8b12ca503bbca7958b |
| SHA1 | f6fae6e45338f1b7050573d6a953f86018ef694c |
| SHA256 | 6f7c0ae8aa9479ee94ff983318236eb7d42b47fa71c399f5d9d21242c9eb56b8 |
| SHA512 | 6664b899468008cd0d0d92c176f8140543ecef86b2e6e37c080dfa66bb8add6eab8d1a7a83f85d4679573da8f403afc2f4073f60f5882ed4b925a83dbd50756d |
memory/5820-7876-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 7f2e92726930af8d1047ebbe943b92aa |
| SHA1 | 67582c3e9f249840a25b3380a73a53b89f699549 |
| SHA256 | 8482eaf2eb96c86b1b3edd2006eb4154eec3f3c6170a8b5114daadd179d37a2f |
| SHA512 | 2c23eca753593cb8f911c3d98f2ed90ab1c771080ff0fac58fe2628fc552d1aa0b57a094e4ab3a9ed761044f0a17d4fee0d1b77caa98f6f29b0162ee95e30b17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000101
| MD5 | 925fac8bcbf26a70b0a12950aa6021ab |
| SHA1 | 80d6514e254a37d63eb53f1a2c71c79dece9336a |
| SHA256 | 82a1cf7361ffa672affeb17c40c91b0b0b7d8d5a983073c0320d11ff6fcf4931 |
| SHA512 | b4fb30cc7e4a7e0e0188a2a8b96c916dccf37064715d9c2ef58f30e2f4de40bd5e4630bc490fb85be81e78177ffdc18a54c20737be9d7709fa781e0b93de63bd |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D95.tmp
| MD5 | a7b7470c347f84365ffe1b2072b4f95c |
| SHA1 | 57a96f6fb326ba65b7f7016242132b3f9464c7a3 |
| SHA256 | af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a |
| SHA512 | 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e9f6411137178f8908f3ec140908ac06 |
| SHA1 | 6634802a70fa77784fbabed78f6bad81179b5552 |
| SHA256 | ad518acb179078274bd5bde3c4a7323178368ebe84b5bda307a27b55d3fc9b6d |
| SHA512 | 9083593ae1bb5922f30bd900732fc444b38200108b7160c03201cf6efdec031923a40f7e7ec9733eb76faa7afb7dbe03d5d9f3f6f3bff240280acc7553abe153 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D98.tmp
| MD5 | 699dd61122d91e80abdfcc396ce0ec10 |
| SHA1 | 7b23a6562e78e1d4be2a16fc7044bdcea724855e |
| SHA256 | f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1 |
| SHA512 | 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8dc5dbca9dd9f1e96f543bc87df7d99b |
| SHA1 | 140cc25ac29035d6a2f284257f5657bb4aaf2bff |
| SHA256 | aefe7d77cc3c9cd0453ca352a8e062a229f3dc281880e928fab488b5030fdc82 |
| SHA512 | ec7192cced0e124b55b707fab8cef2a50ea5e935749feba3e6d312947614a35d1ac6a7bc7168317fa73e78de479b4350f6e06f5dc3143cc4a7473b5162c5da72 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 6ddf8372dc6d95b014edba74b4595d6a |
| SHA1 | e4e4e9a6192ab3b05e071557141e6f0087787b9f |
| SHA256 | cdd1272f24a2af8142d1dbc7d24e9098d18f5b3cd04ad31c8a114b6786af84b3 |
| SHA512 | abb1e8667cf4f8de8a1e4f3b95a941386a317fafa5db15ae00b0d8e33ba8df28b46de08085abead7d0e32f21691987b3c158e13880e236976589677f2297e73b |
memory/5820-7966-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd
| MD5 | fadcf32e41a6c745f290bfabf09fdccd |
| SHA1 | 4d5f8a870f2830bd6c00c0577043f931e6465317 |
| SHA256 | f79656da2b62a3ce9f4e17f8ac880a19bb92866096ddaff37bdedde607be37b8 |
| SHA512 | ef2d6c5930504372f0649725814b896db55e8e00aa1837e708904d5281cc7d1a8e2c781cd9fb7194aff80c20ac4bdb75bae5dcf5cc678943ce8722f2564931d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f1078bffb530ede4_0
| MD5 | a63ff64854cabdbebe0a814103b48f70 |
| SHA1 | 822a0ba56cd8ea6085361a8eda1f824b5e98c727 |
| SHA256 | 5a20db8bf632db47eb5ffd7c52d1ffa7e27a219aaa1145b7c03a92ca20ae2238 |
| SHA512 | 291ed28a8d4b3fe42c41b5306f9c69b5dd995b7fb7f0210a07be82e393f82e0875f962b6f5355ab884360ae6989f53875bc66cc590037c8096c7204ed3ba0742 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010c
| MD5 | 1d19fd6aa4ec2f288c8aea91ff64557a |
| SHA1 | 32d8112d84f551e18bb889fd84ea4b7ef8ada911 |
| SHA256 | 92eba48a0b3d5d0f2742cfee45003c7090269b38ba235c5ef7ed13c42d9f1fcf |
| SHA512 | c06277b8ee538c14889a7c8ec2002ce8f276d982976c5ae3a47ebd85e5c25f06b6a56cd13b0b6e2f850257b9836d57eafdb562111f55926b8fb10ff92981c21a |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\DB6.tmp
| MD5 | 804b9539f7be4ece92993dc95c8486f5 |
| SHA1 | ec3ca8f8d3cd2f68f676ad831f3f736d9c64895c |
| SHA256 | 76d0da51c2ed6ce4de34f0f703af564cbefd54766572a36b5a45494a88479e0b |
| SHA512 | 146c3b2a0416ac19b29a281e3fc3a9c4c5d6bdfc45444c2619f8f91beb0bdd615b26d5bd73f0537a4158f81b5eb3b9b4605b3e2000425f38eeeb94aa8b1a49f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d234b8208c0badd588e3ee4318092185 |
| SHA1 | 4220ab8f0ab7be1175aae7256d25a099301fa533 |
| SHA256 | 3885178c894ff227e492800c829da30647e13bfcdd847d4478fbe6b9e8371d00 |
| SHA512 | bd3a6bdeba8e4e4271939114d35701fce8534ce335775203cf70fb88426e9fa98f4240e17727990adba3483c68687687fd822ecf5615f568a58c6e369224dae9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fb20f60c6b617b8de6332925fdd88b49 |
| SHA1 | 6060d1d110776ff59ca6637d3deb1477bf5b6468 |
| SHA256 | d133eecef00765afda7d4954f73b42ee5afb9c30873f77e36982ee4aa0f05a2e |
| SHA512 | aa859816238e910916513200d8f8f8b4a2c117ce82fa40e82ee1461ef5081ec4aa1feff361e20805f9540b8328b531857271d8e7ceddd5876cf945af3fabc8a7 |
C:\ProgramData\Malwarebytes\MBAMService\tmp\1ca1a500931311efa8517e3d785e6c2e
| MD5 | 18610999c2b67fa736f72591042e3fd5 |
| SHA1 | 602a05004ba618882dcae649203676fc91d7e5a7 |
| SHA256 | 8ee27d23db6256a50c38f30b2f44c2e1b50314dd6aac84b4c194a689342a7cfa |
| SHA512 | 014236d91dfc08584c900210cd129f73f6c8b06b864be46f41c4351207347dba57a52d561ea609798fafc910bd6d1e195453b3532cf0bd19c0fab55ea0948a0f |
memory/5820-8187-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05fa72e3485e681928932070092335b2 |
| SHA1 | 8e3b230b8ec5c8a00bb41e3042c5b4dd0c4b7b5b |
| SHA256 | 8f4730a07c86ce75615052d0211f69757e59b2fd01876735c9d274bee4d65696 |
| SHA512 | e57845e0d8193dc240cfba114abf3d8a6261503855df608a77bbb675d3202963260190bc4756e250d39bd65c355b8355a9809e530488d7766411463d37148d94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 63cd6da84966c021e06b466bbf2c1768 |
| SHA1 | 8c403abccfbd781ca662dc921612fc165ea16066 |
| SHA256 | 42faee1c4b3dba3adf8db3c532a4422911294d017242165e6e88df6079255848 |
| SHA512 | 0bd0472d3dd40612df4bb4ae68f3b5b2aab9648335c7ef10b43ba781dcc1c77fd012fe3639eae89ed7e017637834991f1a3435a8b8d5d27ae8a4a03eedd73f90 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 23e64c9563276efb2443207808e584f6 |
| SHA1 | 4ef30ab19bfd7cf13ca71478be2c6a12848f56fd |
| SHA256 | 7c3ff1088a4317ec71b884ffba2b52c74aa7881f5bb32f631eac0d8fcd7ed17e |
| SHA512 | 790bd29e955d2ff553ca070310f989b4cc77d7ab6511f331635d5bb07318a752cd6e7b1a6465643de419cddfd21d470b16e8590dd26062a8c7fa5bf54e1d1ad2 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 12cc57f25f8bf65ab8660b7faa9f0d07 |
| SHA1 | d45f6ac6cc2355a5e59534e1890cb4c60d055801 |
| SHA256 | 8cb63c816106c692961a8f82f8cc0d08e71172d45dee4b8db0a92196a5ac6b59 |
| SHA512 | 5cd3f5fad524d8831d6e3f44f731d7639bce05c1e5dd7f032ab57154a48578d2347f1734dc8c2c4c175479fffb31db4c3fa7018a2ac570f461dd52b7b73be0aa |
memory/5820-8286-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 554adb24cdeaff6c62ea215383f4572c |
| SHA1 | 976634a7457ea4e0fa6bcffd33f2bfc7d3811813 |
| SHA256 | ea5fc608d2281a638a03ef3371432dfbbe0e5fa281d03c6f721e8171e471f343 |
| SHA512 | 891d9c444c6fcfc604a86345676576db38a11e0683e5dae882edc36b83d0971f15ed8807e1262ac0a1bfddfb4a3060b162bdb7250efa5350d3067d7c63022e84 |
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
| MD5 | 60eadf6552fb282c9dd437890c0b5e24 |
| SHA1 | 11d401803530793093a7e01e54ad627d72b3065c |
| SHA256 | 0e056015ea77714ef6307709779bc9b7ade3a0e3e730d6cee39e298056d9811b |
| SHA512 | b4cc19f0ac5f333c73b1cb592276243f64ba44ba8b81e61bbf3d475c822b2faa18dad48a9795e6589c97ae12d4ff6c2de3a4d207ac3aae7ad4684d66d72916ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f71a9efda3ff20afa2efbe66ec610639 |
| SHA1 | 7308b77e4fe6b394c2984755afa5e3583169e6dc |
| SHA256 | 3afc01a855c69a219e956782ca9d5059618e514eae3d682c5bfc1e78d808b4b7 |
| SHA512 | 7942a21b49ed9a2c2716a5bf86bfeacb84332264a86b6bf853ab5d75a10b936e330581cade9126ff680adf31ee3c1f18c56869383011c26d1e95516a3e778cd2 |
memory/5436-8325-0x0000000000400000-0x00000000004D3000-memory.dmp
memory/5820-8332-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll
| MD5 | 842e8edbfbeffb9ef234a2da6d5980fe |
| SHA1 | f76e944e5ac3c489d987a11a313b41dee3e813f3 |
| SHA256 | ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3 |
| SHA512 | 1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4 |
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
| MD5 | 21a4dadd5686773fe0ef880c22f07d38 |
| SHA1 | 6236e9ec7eee10d95b3055a5e473fd2656898469 |
| SHA256 | 76ec2ea23b6d6cfd69699822a95e9032b9ef8100df19be91357c4e71a1f33b37 |
| SHA512 | e8dc6bec5347f6d83cdab1df7683abc0d563603ea08dcd5acccbdb6ac3a6efdbaa88dbdff5c257251eaa1c5311947a581d4a2bd506cbf3fbddba1e46471683c9 |
C:\Program Files (x86)\PC HelpSoft Driver Updater\unins000.exe
| MD5 | dfd93de42e9578134afa014f60acbe36 |
| SHA1 | 9a0e08fd5122a5f7688b05868aa51e4e2c69a647 |
| SHA256 | 9d2d3263a5b32dbb2dd9532aa571c1e07da9a2df228e5389872df126126bdabc |
| SHA512 | 4b6858c06a93e107e9854d4e5892da171d28c069fe7cea465c66e9e5dbb98285d165bf50281d8d00390263b99323222bc7c87017bb24c90c6529a3406faa0100 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 57baee0053c29fde5a6227974473925e |
| SHA1 | b82a21ce0dae4f2b9e21019be93db9d01162f298 |
| SHA256 | fd5b3a03c5676ddfd744bb2b26d5a7e743e84d17824f1332563aa62b79191413 |
| SHA512 | bdadf98a48887f20d82f014eb2c8627e3cc00e30235f0fc31e59546b939a4e37cc0ae67c46a36e870c519bce0c0fe0093d38d3cbed60499f37355ba4ac42fdc9 |
memory/5436-8537-0x0000000000400000-0x00000000004D3000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25dcfe4cb08f83b98b98750b72f9f648 |
| SHA1 | 909b72fe8b5305930c548c35de9fd09171cd64a2 |
| SHA256 | 32b00c5e6a9b08f2677d7b4fa197772e130c8165931c43806dc91c3ffd1bc85b |
| SHA512 | 64118af476d4cdf575909e234ec9f107abb564783d59eead12667ea81930c3153142380326860eccd27080e9cae2ca73bed782d41ca18ef2b0611061cd3044ac |
memory/6152-8564-0x0000000000400000-0x000000000070F000-memory.dmp
memory/5820-8565-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
memory/380-8580-0x0000000060900000-0x0000000060993000-memory.dmp
memory/380-8579-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/2496-8605-0x0000000060900000-0x0000000060993000-memory.dmp
memory/2496-8604-0x0000000000400000-0x000000000093A000-memory.dmp
memory/6152-8607-0x0000000000400000-0x000000000070F000-memory.dmp
memory/5436-8608-0x0000000000400000-0x00000000004D3000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\7\CacheStorage\index.txt
| MD5 | 797b7f3e886ab2ae05a0552cb9785473 |
| SHA1 | 53ca91a366e7f16fc4047219ff2c85eff9e226fa |
| SHA256 | 92bf870688bde541ee3432ce4a3ab0b7805b034c6024a514657e581b40da75d7 |
| SHA512 | 9bdd58bccee605b9b408415c1fd9f609d19287ed91e7c436f5d1bd4bddb5d925f0336f4bae77619b5936c353d82c80af7df608300049c53ce5b6c1a0afd455cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\7\CacheStorage\index.txt~RFe5f9321.TMP
| MD5 | d82c2ab3e1041bced0c8907354a18d03 |
| SHA1 | 25b1d12c3502dfa38daac08f9d5141268e9f9c74 |
| SHA256 | 1b09e95411721330a722118d7a9df6d57a74a1742ca767b1916325b78267a8a2 |
| SHA512 | a7efcff5b675e3334771b8b39865cd2934cc8cb80e69ab5968899f3191abfd460e23544f183a1c7b9f46a0d6ce49eee90df7f03c9b5edb996c2c4b6160ee0d13 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 988bd35674d2e5da9571b8f2c1120dc3 |
| SHA1 | 1809afe729dde631a042e9b25fc68ab5a4d1c123 |
| SHA256 | dd125ac9ec297fa6ddd67606b4ee97f83428e60afd75d3def457f224474ad041 |
| SHA512 | d3f4c363bbad9a1095c08af5d331d8358d8ca978d3913b925ad011934e6eb861de92ae362c24afdaf722b97d6aefb8f36bb5c53a188e2ddc6a35524bc430d946 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 7ad36eb6d51218aaa8a0e722f4a51294 |
| SHA1 | 00b346d54af28a6409d8e8a90636117178930c7d |
| SHA256 | a0a9ed05229aba6bc12b4eec9ce337216538be58bf5ce3a6cacd5b81aeaf5340 |
| SHA512 | c748d6e35b249cc53c29698f639e280c055e25ea63c350494a83e50c326341f08635bd588b035464e124799e38c8f3d2e767dc55cf61a1ce537c7eb8393ff278 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\e2020354-9312-11ef-b839-7e3d785e6c2e.json
| MD5 | d1ccd667f44eb2e17b9b9bcf6474f4c1 |
| SHA1 | bdb39b4224cb2ebd786532311a2e99cf285e440c |
| SHA256 | a7e65bfae7ce1deb983c6790215c341548ca6ba519f54e9de88d94cda8278839 |
| SHA512 | e905983f15594cbfec25682ddead32b32eabbe204b01209628622b9d28dfefd44b8bdc2cdae04001bf071d42a04962f920e730c3ef00e6dc01c3e68b1c73265c |
memory/5820-8737-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
memory/2120-8739-0x0000000060900000-0x0000000060993000-memory.dmp
memory/2120-8738-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8742-0x0000000060900000-0x0000000060993000-memory.dmp
memory/4480-8741-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/2120-8746-0x0000000007DC0000-0x0000000007EC2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 987361caf4a9c9f982b4be1eabaa82e8 |
| SHA1 | dfd1da91ed20b0df4901373d07c93b5a990ec02b |
| SHA256 | e89bfe2f102e8a7d6930dd58df06f88d0eded9b908980e7872c20daea96886dc |
| SHA512 | c3a11134ab48c443c1c5ca356a7b6a01cb990929336c6d5218daed11e268b79a0ddfa1135489647efd8688348f7ea5baf1c8a72ae92cacaf0a380bf8f995de80 |
memory/2120-8799-0x0000000060900000-0x0000000060993000-memory.dmp
memory/2120-8798-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8805-0x0000000000200000-0x0000000000A3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7559266ac5fde69c21979e45878cc536 |
| SHA1 | 42e88f072da390b491d5f9b2bc4c5a5b8d112616 |
| SHA256 | e830e39f563964697dc6c3218382483c2d82e174ad96d37708e5cb890e98a1e7 |
| SHA512 | 6eebcb5158e757fb2d776115aef865c2d3fe6fa39cccbe557129c7ad86f3693d42f8d084e8906be93e43f039a8b324fd5d4c2457b17a17f205a57c4e2d0220cb |
memory/2120-8832-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8835-0x0000000000200000-0x0000000000A3F000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c512032b816b19443255a544cc62a49e |
| SHA1 | a11da1c9cb4a9c7458012fb129cbbc5cf7e12311 |
| SHA256 | 70eb60741c5e345e473d9279d622697852a790caa220ece80604b4a5e8a6f5c3 |
| SHA512 | 12a2ac7e4f89130f31d28e2aeaff67ec2fd7ad25098c1869a2b844953a8110151a6e84b3d170f24ddc45ec30f35e348eb82168821d5c481fb300d1f93c8eace0 |
C:\ProgramData\Malwarebytes\MBAMService\ARW\ARWFI.dat
| MD5 | a29141e93441b22838c5f3d1d3c1f312 |
| SHA1 | a54a38faa2746a1a8f0a0c73549b01529e2f4568 |
| SHA256 | d634378b794a6469cf7c9e3d4c07d4d55f64135280c0a8d88dea81c17c6fec4b |
| SHA512 | f831d6278fa15bb11f68c5ef60d1056e6005ea70d021d16a1484d71b768a7a17a46f8a9a74abcf5a05ffd8367f58a407d6c98bd40e82ced78c3545e78db3b172 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f62b00a6a8a89fdbac44b75cf8cbe4ef |
| SHA1 | bc8aaa9887c6ea9f74790c03c3430764935dc3cd |
| SHA256 | a49b76a1f794cc82e2a71b353cfe095807c6ceda33f9684741abcef50ab7074e |
| SHA512 | 88c947c7ad30ca4eee065d5ccb2708fa5333f4a5881dc2c54bf51f77c5fbdcd1f68d9a324a076ee33961895f30fafcc9db07abc77a576b71cb049e97265a3735 |
memory/2120-8944-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8946-0x0000000000200000-0x0000000000A3F000-memory.dmp
C:\Users\Admin\AppData\Roaming\PC HelpSoft Driver Updater\26E484A9F1BFB5EC9DF0894433ED102B521E889E.7z.status
| MD5 | cf25c42f45a3fc92adb23a4fe24daecf |
| SHA1 | 2d52571ca1837e970538cabcc3c8fe78ae32ca88 |
| SHA256 | d25a2b6fd3c55e9a3932ac6290dd1729f02c90bdffd7cad20661ba20505a06a0 |
| SHA512 | a2ba4d33b442053030e8233af7bd64dc230343c8720f62228bb687bbaae5fea805b479e0b7eea7d8bc0ab0c84122b0733859f024ea77d4b4df59dfd0796ac00d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2fb412e2c6fecae7acbca12a967343db |
| SHA1 | ac2195b8e6fd664d354827baf53afc45c9019603 |
| SHA256 | a1d22817d1ced73d2aa080d73b22289289b5029090f189cac876d32fa9cf2066 |
| SHA512 | 79ecf51e9cdfa4c90bb58b0e36456344f53902ae388577878f737fc41e577984627109e3ce59fa6f5081973eff339a37a6de4c04cc52c594c7fe43dbf9c83055 |
memory/2120-8970-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8972-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/5820-8977-0x000001CDD4550000-0x000001CDD4A39000-memory.dmp
memory/2120-8978-0x0000000000200000-0x0000000000A3F000-memory.dmp
memory/4480-8980-0x0000000000200000-0x0000000000A3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b24bf3014c2f3a0a62df7b05b369624 |
| SHA1 | e5bb75fe0714e7fce7d7b48bc0b065cf9a8ea404 |
| SHA256 | 48d3c30a947867bea83101324c7965f2fce15ff465e53fcf6c6481e9f78a8c27 |
| SHA512 | 429df21d8221d290a6ae03da72ba4a6c738c52aadc4a819fe63370f865cdadfb0c57b6c0ef094bb19094c8b1207e944da5da09db9b46d80cda7805482c71bfb0 |
C:\Users\Admin\AppData\Roaming\PC HelpSoft Driver Updater\program.log
| MD5 | 580a72f8b4b7fb30ae2554a235401bb6 |
| SHA1 | d65b55906f84df8f1aaabbba485ec209f78b3d90 |
| SHA256 | cd7d9e667000c355f3f49e092748c58d52463cd9d20528e3152202f995120100 |
| SHA512 | 31f8523514cc3714fdf0df043bd7f9a8fef3ef1d09cc7af16d5dd43d280a2416739378b9cee7edf99098d084f56d518982d02fd2f93693b71bc1a05e25f154bb |
memory/2120-9043-0x0000000000200000-0x0000000000A3F000-memory.dmp
C:\Users\Admin\AppData\Roaming\PC HelpSoft Driver Updater\program_tray.log
| MD5 | 5a90a500b806796f4a5d25566a879878 |
| SHA1 | fb71bf17a6b06cc9d2fa42082d134020e45c97bb |
| SHA256 | b0e7d03dbe58ae0b781451b6fd12f64bad4b42286c7479412d7630135cddf183 |
| SHA512 | 3d9132ee3843d054044ae097892b95a22a99d41f8a1ccda009c474f147b2b7f0b4ff19e72e5791e8dcd5934d711a6af574eb8cfe0358bb4de1a81069b31a03ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15eacf3f29478a3aeac583d6cf78f546 |
| SHA1 | cbf74e4ca1b6a6783961845e0212e3e67d1d4a7f |
| SHA256 | 39fd6059dc39c86a95185b2c44ac360944b8101dd8b28f6afa2c2253a7cabd3d |
| SHA512 | 6066b47d148ffda0cc09770f7a988f3dde14dfaea6cffe0fc0f1f056dc0c8f6d687916ff2a87ba780796f85ece5bb16b172e57c270497b6141393035d5015269 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c5fc425d460736f9a946c204af61c4e |
| SHA1 | b91d9f74eb0f019eecad22495ad7b15361d0d82f |
| SHA256 | d35078114d50eaba1a9eb27f1681e4a76a159970b9bcd6783d3fc90291bc9ffc |
| SHA512 | 1c8f05f94bda35929b1225ab9e215da3a8fd9c647ec052b9e644e7f22274040bf00cd244112556138a1831507648f6dd951cea410a27ceb33f7aece35feb539d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | cf670e19956585661a31383342e37dbc |
| SHA1 | 2e83bf0c4a749e6f36dc9bfc377f369b982b879b |
| SHA256 | bb0f633b34c2cccbd024f564c269ffb0eb9f2358a779f0e1e4fc164fb936b5d1 |
| SHA512 | 83ff0cf98cc5262ef5a8673f5c123a0542d714d33797ccd213fc6cb3884bb1af380de0afa984196e41164b01445c5a71c4be5cdb47b827deae0c044f5273a75d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 914444eaf0c98fec23612e8d71c3a986 |
| SHA1 | 93420b566c1ddaa4dee634aa1dbc02fa35f6dfd2 |
| SHA256 | 3802dfcca8f238446129098e2c9d961ab647dc22beee80dd2f6888379df5d3e4 |
| SHA512 | b66c875a07e085e056dad43071a4b2914ea7ad89aa119b5b3cdb4f1a4c9b327e0d2f0271a2ce0520fcddeef7c6d24094fcb3722eb4c3c72ff6f2d634c79490b0 |
C:\ProgramData\Lavasoft\Web Companion\Options\ActiveFeatures.zip
| MD5 | ca23166e127e3fe5f9f0be003010ac08 |
| SHA1 | 67d804f9515bdd679bf5af2f65e6183bddf6d1b0 |
| SHA256 | e71a4d6dd348a0d61b2292fadf49847754a96a8fad4b2132cd1d357c892ab389 |
| SHA512 | 86c8126ed6a5065c47634c0bd226038d2cdf3534fbb90f6a50ed60ab3885f90548221242dd6593e8209aa8d24dd80d87decc0bc94514bc01fd972f16db2987c7 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\fy1kf065.newcfg
| MD5 | e4308a22084be6f951aa99648cdbe1c2 |
| SHA1 | dbef8d6b73e101397816c3ade09d4f156987a53b |
| SHA256 | f96bacba602816427d078505dea2b0423bd391313950e8b60258471d7372b446 |
| SHA512 | 8d1aa1380a5623d247fea0d8e0178cc1dbb61141c7dc45c095930a420a904efbf7f80f3febb5411cb8a152ee12e5e667f6466cf33de58dcdf89e0199fd959867 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\user.config
| MD5 | 0a35fbae99f45bc0dccdb777ecfd0436 |
| SHA1 | 65e295fde91f90d55b107680e060895654fe66e4 |
| SHA256 | 19af84c48a15820c94367390d58588ddad8164b0ac4056c258a766c726329550 |
| SHA512 | db3a0973a373c039603c750f0f196cbf65553cddb83739f1942402eaacbe178a775be87c4b034feb706830ae69d20158c3e3ecad8d5d3febc45146b487c3c42c |
C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | 689fb134c2e7013d6b0626f53d253099 |
| SHA1 | ecfa796fb8cc983ea2b8f456613c9f7518e11596 |
| SHA256 | 29ef4260b1ba62f9000f913d4cefc5fe88c2043a03cdaf461e8a5d2790b09395 |
| SHA512 | 52700e0dd1f378cb37e7a689872fbad377e633f789fec5df547e1728507a87fd118d0986c3836d27fe7f2fa6b5c57484c2b0108b4bc64a8cc3c0f535862b4821 |
C:\ProgramData\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt
| MD5 | 3fc6b8ef579f74f0d9fb7754ade2e7f8 |
| SHA1 | d320ec8bf3d80c661f8967ae69b7278cae2a60e6 |
| SHA256 | 90176c3324f5c0c8d63cb98b5198640dda25df7caab8d132f055e829f39782b8 |
| SHA512 | bf0af0c871a3f9dfae3be3e5cc3196ab9be834c06f7b678327a8361adc57145836ea57a061ac0151820d6468dff8e7ab1df2e5b126590a11239664b503aeb753 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\10vlnelh.newcfg
| MD5 | 0f52567ff36ee6655a32219f21b54887 |
| SHA1 | 4fb341e09eaf176bc4e2d97f37a9de5d0c30872e |
| SHA256 | 89deccb3a952f09d39de0a9644cf37fd83afdb4ab97b52d9e0a9935f8a6ed152 |
| SHA512 | c44616767f441448cb32e40c3ae9c0f7836a726989424fa9d37c0f40af8779d8bb0f035b6763e7280063c3baa500dac59a3edf002195960cb85f53c2c9aa8c48 |
C:\Windows\Temp\Tmp478A.tmp
| MD5 | 5ca54cd49f99c588cdd530ce19ad40a5 |
| SHA1 | e71d24146b7226ac85a969b785a64a50e352c974 |
| SHA256 | 461bb2f1699bdf4533f1a3c9520ef03e7e8216430a36d5e8c4e0504ad99633ef |
| SHA512 | 4f75d72a4adc2dba4a41ca23b3882ba901d1bb3120bca35ad6bd5bc4f3a26ea560445b1c7fd39e1d970c046fb92e30d9291955514fc446e77c887f6eec112a81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131
| MD5 | e11b24745e4f36a28da0d2869653de44 |
| SHA1 | 62bc6f63371bc184c60bf34535ba7b219e3e36c7 |
| SHA256 | 7b981a978326bc88d40e28d641babb501b9ea4262e8eafe811b6aff84080d165 |
| SHA512 | e4c3b699e427375287c56303989317ce22c0617c46a44fa24304282f756291ccd27a40858dffb72c90e005814f4c30b1d2375026ed8069b5f0b91b698e485db8 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\mbj6u_bo.newcfg
| MD5 | f0872e1ce6ba3ab5fc6738a8119bdde6 |
| SHA1 | 0b47ac39f7aa40318eeb94295b6674d0e4871649 |
| SHA256 | c44fbf5c231c32b63719d924863faaec8154d192d9dc18a4731d78e629c3b069 |
| SHA512 | 8ef5a5a3fcbcdcdd41fc91572ce5e6c71d13e5e2819fa9a267d017244bfdc17647dfad6732d1018b499050c4eeb820d324a8583678a2faa851bd6660554916b4 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\cg3-sjve.newcfg
| MD5 | 6c15347458c318ed60377c88eb2db718 |
| SHA1 | c1a02db2eadb19e4ff489818037f56626b599a88 |
| SHA256 | ae3e90cf9a2b00d7510cc83fb4f1d8a4810af13eefe7556240e749e5a849f5da |
| SHA512 | df679c8d98da443c756caad864f8499e92591a3a6503f2cb6c97b20c63c9e228692736de12fff1100f5d26fb1076c89897fa235a55926b5c5c402e2a3eadff84 |
memory/4296-9601-0x0000000074100000-0x0000000074112000-memory.dmp
memory/4296-9600-0x000000000B1A0000-0x000000000B1B2000-memory.dmp
C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log
| MD5 | 189a5cc8f0eca3b66ad07bb3e1042a9f |
| SHA1 | 70c246e5e9749d1de5d96dda92cad77f843d789d |
| SHA256 | f77e7863d3e017bbee7d5c3394474248422fceac68dcd40ea4c68f15bdb57d90 |
| SHA512 | 0914d7c439551ecbe1f152ae72b4e6acfa0739cdfb2e45d874b219fc717db0713b72c003177d385f829fadd59126fc897aa3544b42b89bfb00e960f7c06c8821 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8d319c4ab0c13c1a0153ed0fb28999e |
| SHA1 | d78e1c7c391ccdd578f9e1043b08e5332dd5a6da |
| SHA256 | bb8218cd064deca01b455f10d2cbd66b556dcc1a286739baef0da2553c752e75 |
| SHA512 | 24324b44c7cd1255d9837b842fe945577d06cf4081a98e50d5669cb858e640c57343348a35fe065feaf82b7d957aedba5769931625cd0cee7ad6e698fd6769c0 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\eaa32e0c-9312-11ef-a723-7e3d785e6c2e.data
| MD5 | ebad44a369a0dcbef478244dda8c314d |
| SHA1 | 6500a3a7f4966604fa6fe91ac39665883f2fae41 |
| SHA256 | 5cb9592e0da8573032a9de2a49c4847df60be39dce69e1bee65b087b3cb00ff2 |
| SHA512 | 2e007fa539c97d379af430301325420fa8b346caf50dbd56684a4fb05b776db62982ba17c8ab5d260cae76773645794efcef631d9b1f17cd05cc02effedc04ab |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\e2020354-9312-11ef-b839-7e3d785e6c2e.json
| MD5 | 2744ce867ed6ba6c5e4cbb228b2a080f |
| SHA1 | 50fbac7ebd8c47ebac62d057b2aad8780f80134d |
| SHA256 | 68d67fb9fc73e64aa2d0df95ba9874d2bba83eb8fa46574003c1491eda8c23d3 |
| SHA512 | 4c4ff5d4a458ce301fb86d23bdc67d5e76ed322bc574cec11eb549734255a94d69d7484bc28268ae63ed1c3d9ca46780c4234369907b5d3002bbf33876d5c3f0 |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_WhatsNewSettings.json
| MD5 | 4fd89d4044db34bc8c94925938aef0a0 |
| SHA1 | 4f2f44787cbddade92c3f0751ab2e16995236135 |
| SHA256 | 938d475aef205f34678841f8db9e1e5e7fa01e2810c2a809200f0af17c9ef183 |
| SHA512 | bcd90ac4d27f503db6701b9959b556a1f2efce6c1e3c28f44c57c5f69c402ce7897888c9f1acfe2d2c0ac5712d6d173f0a9e3d83fb0de7ed209097ac1212600e |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_ApplicationSettings.json
| MD5 | bf8db8fc9c168d9ce1b65ccb6539bfcc |
| SHA1 | 1788eba2d0029cb3acb4c2a0c3bd98d78b7cacf5 |
| SHA256 | 6d361715e1bb064d2bfb01a990429594ae45f0755c3a9216e7e41ba4550a9b16 |
| SHA512 | cf8d2cf18312b39a80a7b04f6fc50cc6fe4f84fc33dd4a316bb365607eaadbdc56419818d5a71abacd7fb13c7f842088763d5e5ba653735a59f1ded7831a61af |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\22ba2873-9313-11ef-ae84-7e3d785e6c2e.data
| MD5 | 5f2bc333b3e880b701d01be2011a58f5 |
| SHA1 | 8bef1b436aeda63a65144e6bc7e8314fea3812af |
| SHA256 | f3b3672790ab2028e29161ed48877b764cb072626e0898fdc471f129cc0427db |
| SHA512 | 35799f7fd10b87ea1e2bcb46c8b55a27a595e38f2f2ea5c1c40093e9c92cbde1dcbe942e9c642333db1496d0d6457d14919afc85e61fc4fd5851d723e7736172 |
memory/7036-9704-0x000000001A850000-0x000000001A858000-memory.dmp
memory/7036-9703-0x0000000001550000-0x0000000001570000-memory.dmp
memory/7036-9705-0x000000001B0E0000-0x000000001B130000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json
| MD5 | 5a8295c4447f4bdbd9ef152b21f3e983 |
| SHA1 | 30740292ecfca4c2dc7680720ab557d1adeae33b |
| SHA256 | f96928efd3d3d827a054c572de1446d97f5f81eea95c1ca3ce21513263bd5787 |
| SHA512 | 95f32bcf354520e0000155edbb29b23e910ac4018a2d4c91852499b34d9d45bc8ed391a524bebb835405eb9b3f524912f0c64edb1ee52805d7eccad02bb41b46 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\eb44eca6-9312-11ef-9204-7e3d785e6c2e.data
| MD5 | f7bd0587a727928940f2cceefd411f63 |
| SHA1 | 67b749f8886a4e0161d9e4593cc8919503123943 |
| SHA256 | e041b07193cddb1a2c518a93475e9d4b388d7c4ffdebb15a744f75d99ad92741 |
| SHA512 | 2ff9d255e6c43469d923500b868b03fe87bd33fab6853478798efacbb0ca091c95faffa73939775d6e7826697d60e1ea1693957141235ef6a243d10fa99e17f4 |
C:\ProgramData\Malwarebytes\MBAMService\tmp\7c1510d0931311efac057e3d785e6c2e
| MD5 | 040324602c4fbe020b834a5b60592f2b |
| SHA1 | ed5b3887a141b24599ed75d073a36f23525dc27a |
| SHA256 | 386dfd586246104dac4b2af32914b18e7b73e201e6a58a46341c5cfbac6aa06b |
| SHA512 | 34d1b7404b5b06c6d74311182afe31c28f55f8995481570063314f164c8a45645c0c265895ee5d6ccd02c405f5868020b107a35ab871f383e735fb402d059c9a |
memory/7036-9769-0x000000001B340000-0x000000001B350000-memory.dmp
memory/7036-9774-0x000000001C810000-0x000000001C82E000-memory.dmp
memory/7036-9775-0x000000001C8A0000-0x000000001C902000-memory.dmp
memory/7036-9768-0x000000001C150000-0x000000001C70A000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\2288b664-f9b8-49a9-7ffa98e3a6e617d9
| MD5 | 3696c74360504d94326c9f1da20cb164 |
| SHA1 | b0d249cf0c2aa185e11b7eec499a79bfaee3c85b |
| SHA256 | 2ca5236262e86dc51e65e167bd6f41eb3ec4a316499ccb1025f07b6ef1e0a830 |
| SHA512 | 91251f1766bc3311c444b14c7da7972c9e8123582cb21a1afb76a1ef4878de4c8774cee8937d17e61c7e52a01dbbacabc83534dbbdf26cfd811f2a2b7854c977 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\_7d1nohg.newcfg
| MD5 | 73410a4916dfb2bafd49613586f6980c |
| SHA1 | a94cc135085d71bc4dc9467888d141912f7d8f67 |
| SHA256 | 0c85600408e67390b67ae6bf8cc1881f5082728f0e1faf4e08b4fe804dbe96d2 |
| SHA512 | f457145992ff2115a58a6a5958c14593cf32ac7121a24559eacc5cf093b3b8edbe626ee8ad1ca5d59d3cb6afa2e2560baa32d4ab6f1d58bd1a112f8c4544784d |
memory/7036-9815-0x000000001CAD0000-0x000000001CB19000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\golx9toe.newcfg
| MD5 | ba79fae6d702211f7b87e0eb047be412 |
| SHA1 | 9abb0c2d2c953bdfbfc4011fa4637499c3f4f72f |
| SHA256 | 7bd9abe3a91ccd80bad4453a5caa2c6a9521edcf8e6fb34f401c5d5e9726552f |
| SHA512 | 02b1675e966059467b27ff0b41748a61651835ba15c7254a9fd40babf25df93fcde45676dfec3c04f3094180e38c3f3e3708726ef4758ec989a3fe26bb3ffa58 |
C:\ProgramData\Malwarebytes\MBAMService\tmp\7cb34c82931311ef80e17e3d785e6c2e
| MD5 | 29de533f7906b6c15ef5178ae0072495 |
| SHA1 | 66696c7ff5a3a02f7110f8d9bead036285f5e2c2 |
| SHA256 | a66b0d9b3d9de86ab081c964f015e52583cb443e29f5c7f632f46fe1d54e1a79 |
| SHA512 | 9fa489ec32cec3db1947810b146bea0b8e220e3b28db95bb359c713d6f4f40d0e49b12c2dcc2713cddfade22c5e1bf3d281c39537814803e36c62a4579f3384a |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\5tqtikqg.newcfg
| MD5 | 74cf62d76a82e36da20001959636dea5 |
| SHA1 | a76257bc6b7c932c7725fd8dd8e0c878c2e43d2c |
| SHA256 | 10ffdebadd9bcb41776d530f02a5f8346587dfa866d7387dbf4e3186c60fd172 |
| SHA512 | 18e8e103d8b82f30bde3f74e01e8ff3a91394fff032b57f0165c8eb99e46cc094dba563dbf5e8262f5e9513b05bd16d67b50e711ab77886a57f15264627a6403 |
memory/7036-9836-0x000000001CC80000-0x000000001CD70000-memory.dmp
memory/7036-9853-0x000000001D280000-0x000000001D78E000-memory.dmp
memory/7036-9858-0x000000001D890000-0x000000001D900000-memory.dmp
memory/7036-9868-0x000000001DA90000-0x000000001DB1E000-memory.dmp
memory/7036-9867-0x000000001D980000-0x000000001D9FE000-memory.dmp
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\ixloxlx6.newcfg
| MD5 | 91f7c9cd6f9b189570a8d2f522d8b9cd |
| SHA1 | 2864de033ca6636b683cde6ba970617deb92f1cf |
| SHA256 | 1b39fc8f2239e2406e6ede31ee50b3218ee9e37334c2b848394c2b6ecb6f462d |
| SHA512 | 428655ce9efc09f143395c34e7cd6cb5ff53590193cd3df4466707d755530d1b70a762cf957b86ca4c489fba2b62f9156a8fb1f4e5bd9ae5edcac0ffcfd745fb |
C:\ProgramData\Malwarebytes\MBAMService\756b7ec4-373e-301c-346c5835af30a891
| MD5 | 7842d6a73eb394c8f97f0c991897221d |
| SHA1 | 81e5a94ef7ce6cb8e847537fd81eddffeebd0af9 |
| SHA256 | f0ce2df647ee32f31d900d5f432b646ca5b9d77854427e433a697c37cf94dcfb |
| SHA512 | b5512976c982f76fceef0fcfc1eb5882aad346d4a2f83d6596aee6b58e18a87a1004509d0fce18808dffefb970b31c27e9e00cdbbd17ae09482b0bdfa17a418e |
C:\ProgramData\Malwarebytes\MBAMService\tmp\7eacabbe931311ef84f17e3d785e6c2e
| MD5 | 39d493ccbe83b1ac228a92ecb9273c77 |
| SHA1 | b10287535627ee69a0a4b521e89d2270e5dd82ca |
| SHA256 | 7b017822f43b078c519fe14b58ea729fbc5e2d2147752852a03a3f5e293e30c0 |
| SHA512 | 72d96b0ebd15417608375e5191dbda6b764d42eef41f79385c00cae78f81ab823a51284b130421b141937ad80cc1718868e8824af55f3801e1808c0a6e99ff3e |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\e3v9c3n1.newcfg
| MD5 | 66f43468d5718d79355aa2d3a8951d86 |
| SHA1 | a89f3a35947699a609035058fb2ec2a334d60e1c |
| SHA256 | a275aff200c763f4a0e098ed63a208af51225b878ba270437ddb8efd9735da76 |
| SHA512 | 7602fa73075ea066da231bddc12e33f28cc7abccf6bb9e5a633058089bdd9376fc9e5fb6997c3acb9b91783025fd5550ccaf0d9a51804dc754f19154e3cf2e6d |
C:\ProgramData\Malwarebytes\MBAMService\tmp\82048930931311efb48d7e3d785e6c2e
| MD5 | 4020ab43350a847a8215c7d96dc33413 |
| SHA1 | 64265aa8583469d4a23d20706f1d2662d6afe1b3 |
| SHA256 | c160e0ada1e2d5957282d6fec43c5eea0146f63c84202790add6c70c9c643243 |
| SHA512 | 6675563c7429975fea9550325a21daf2f102319ce4495f9d97db16253a8e4a227140a1e8848cf6674b89a805220fb21ea35a57e61d25574223dc86c9cfa7fd57 |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_DCountInfo.json
| MD5 | c886175ee30561a71ac791a3f5edbbaa |
| SHA1 | b555e33b9f604d69cc97666e3d15ac3081a7137e |
| SHA256 | f15c5a4ee5ffda41da4f5917e8e5302af9e6779ed98219bafdd520861539596e |
| SHA512 | c3551def0cec2545e9dab95177f2bcf645af99c68bd63b0276927c2b9a5ec431c3c4115f08a754e3e643405e2169f5c2cacf8c7887e7693135f2aa3562de52dd |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 83bb7618a6fa1e3d7a3590627dc8ada6 |
| SHA1 | 72f3488d9ac5f0cceaba9ad7a26be712086eb6bd |
| SHA256 | 5321e1a231bdda4611830cbe83dc66982b3c4f0a2d30fb712dd90e698f20d427 |
| SHA512 | 0e1527da5d46e7b2ff5c3ceb5320ed517e1a484d8c7b9dc9c398cae2a9d239d75b0f6b2f52c192ff0bc98332aca756adfcddbf25413ae1e19131ae7dbf1f0330 |
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
| MD5 | 0d6022488426356fd3adc19da3e17801 |
| SHA1 | c10b8c0e96a75bb56ffda990fd73f480bfb340ab |
| SHA256 | ff593d6636dc6dd6292650eea1a40068fa45345e5e5e9677a2f3490592af4de3 |
| SHA512 | efa43c9a865b4c5f095c6b6d4ca4711f7edef74a99889dfcbce236c86a639ebe1de7293eedcd228cb1cbb1a7e873310d1cd9b55eddeaa623d07da85c14fba5ee |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 93ee352c154744bd613c567a29b2aba1 |
| SHA1 | 93c6020d714fe9283b7208a6b361fa0f5cfe99d0 |
| SHA256 | 29a8a7bbe816acd1b1224741a94eb41e20cffaa4313dd8c7102e800020406ebc |
| SHA512 | f7473dd6f38a4ad2a070470f3d41f0a9ab6002d160a51ed39f41ee3bffe483f00eebccef3cda249a167503a803772ab8ddc4cd44b09d179c12fd83dd7b0d0220 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 7af5294fb975be87dddbb03b03736556 |
| SHA1 | c6b5418c5bbb7364a2887e2f1e87f4512f1aa782 |
| SHA256 | 70d70ce169e6c4e2ceaa7b295de496c0bdd29cedbe195bc76f113b857651f36b |
| SHA512 | 5706efeaf9aa0526483668dbd42637915b3a872d4bd6f8c1ac3daa3abede8a76b08a016a8fdb1dd14a8d670d89ca262d038058fae1e53d3b3c904dd081deb725 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 69fdca3fe45e101f8a1b954bec792a4e |
| SHA1 | 1f0a46a092d8d5a2a85ae0b4e267e64d78bc5e7f |
| SHA256 | d3bebbc8ea5c86635ca0bf95920a6f1526549d080a70a66e77ba45ab02de9c6e |
| SHA512 | 333d3da6d6c10a3319d5114a6320d607a2243a5fa67e20b953b7bf40665a38c40215b0b18fea22aedaed9b4142fedc52415ca7bb7f4f616742373e846014b7d4 |
C:\Windows\Temp\TmpB095.tmp
| MD5 | e49f114fc236caf0e1675e6408348938 |
| SHA1 | 7ceb0d463c9f80888ed53400367e424e739333aa |
| SHA256 | e9c4b040922ef2ac210cba66df0b07c95eb9ac9e03dcbead77cc02e86abb4201 |
| SHA512 | 0f8927959991f22144ad8755c9e838421ffbd78277c88fde94e046bf4e1d47fcb43e76a77b22b3655dd94c7448599bb0c8587ba26eee925bfbc88de6bb1eea60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b69b5785592f8de23db31995bcc348f |
| SHA1 | 1e00f921355230503a39066e99323631f8cd191d |
| SHA256 | d19962c16ffafcbe66bf14527d6b0ebaf2a5bd788c93d6af9622b86e687693ba |
| SHA512 | 0a8f9aa4c80ef04c29cb861bbf4eea8a87cb1525ffcf7ded8c9aa74f34afd456e6495fa2460dd992c2f774a17db17a993571d0e365b14a5a1c0e7740d140d242 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\htqhep48.newcfg
| MD5 | 92c0d7c16ee03cc3a9523dd2a9ed1e5e |
| SHA1 | ace77c9cfecccf3bcb4f409a0f1583a0d935f1b3 |
| SHA256 | 5e0f129d3dad718497b767560739b0ddf752bf44260d9c1f595e74c984a8d9d7 |
| SHA512 | 666d3bc0aa356ef5582b98fa06f41a1a91a167c9e1d7766873932ce354ab2a6f85ec2423b5a667e96e7e5b96119ddbe592b45198b0d663c3336fb6695d868b12 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\hjzo5tr4.newcfg
| MD5 | 77d2e3c9fb113e794fb23212a61b371a |
| SHA1 | bc632346973ee644530935b5ac2fede9039410f8 |
| SHA256 | d9b4ad34526e2f5c669b4bf18cf0539acd9be26b1df52d40490de6c7e8649670 |
| SHA512 | f7ae0c99d1208399375fad0cc3757d4b644b78b48936f5cefdb704248ba8507c4385ef81d98214b6f6fad0323c169571e0dfe74d97b7992442d2a65d987eeb55 |
C:\Windows\Temp\TmpB401.tmp
| MD5 | 10e008d42c9119dfd4213bdf8e293ab4 |
| SHA1 | e69ce3c33072ea3bb8180afad42f602976eb9ae4 |
| SHA256 | 27858bd2df0fcb01934c24f904d402c0be9b85da7679895e07e7e6e4a386622c |
| SHA512 | 189b2572f99d45f47a62d1a1e1ba97887f25f214c71004d0521b9cb3b2cf1919a200a41d79ff707a57a0001fdd20549468ea5740ba330cf3697deb028d00d5a6 |
C:\Windows\Temp\TmpB412.tmp
| MD5 | 579be1c7389b3f16312431f333a6d659 |
| SHA1 | 7c355ab2983857d4a421675a625e81a89839b133 |
| SHA256 | 5b76d1bca501afaf9e80d73e8e0bae59e62bbd937b117420b7f328f094bf7d5a |
| SHA512 | c8b6d0367051d1d5bee4f41b769e5c676bf48d5391d40eeb42e1fe0ac432883fae3b8072e6c1d1b1b3341dfdd03322f31856e58c784b528f5555b971238548e4 |
C:\Windows\Temp\TmpB432.tmp
| MD5 | 7c92f85b9acebfb4ca0898924b3f2759 |
| SHA1 | 4f5754bc8eafb12258921837f6b9179aa0352243 |
| SHA256 | 78a27e3ea624588db605e04419739c33a0a7ac431aa6d47adcca805b9e2f6501 |
| SHA512 | dbaa2d9b0957bc1c49950a0ee35f296bbe1a0bf7bdfb6205c75277e84eb20dd48aac68733aac68cd9595ac3642c4d9fad12749f14c82e915cdabc6ccc1eeb7fd |
C:\Windows\Temp\TmpB4A1.tmp
| MD5 | 250211303b6a6560ac1b6a342d3a19f1 |
| SHA1 | ee302d35d1b7bb80b06e47dff8e73378854cd9a0 |
| SHA256 | 4b54e0f493e706a4e961170a02f455502724d92e243306292627f50af1bcebd8 |
| SHA512 | bd1208ea7719e93bea9e5431d8384cf7e578f699d302b48fa42b02a1d2ea0d2607691d5ba1d46719520edd1b83b34096a52b90e17935f56700e06b35e4894bd7 |
C:\ProgramData\Malwarebytes\MBAMService\AMECls
| MD5 | a8d82c2f06eb87123be2996d585d4f76 |
| SHA1 | f6fb493d7544cdba835725c0c18b82ea0d4c3ea7 |
| SHA256 | b9e12128a8d9be6b01b64ba0c630cb66509ecf0319460e2c1a3d04953e5fbd1f |
| SHA512 | ec2b43de91e35d293a3ba668e6de0a35295d915c794a5612e3cc00b23db44cdff444a1ffaccd0549b711eec13ccf8a984e3e07024e15a97795c7ca0d5adf7f4b |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | ae17174eb765d04f6d492c58dded199f |
| SHA1 | 93cb68d0c125b449e8480ed46b97af58db0be852 |
| SHA256 | 7b042be15187f989df154765ac26fea9a84e8172837a29d575882464a5e08d92 |
| SHA512 | de38ce3b49b84725a72f4720213542757e26a0e05285a7ba871cbc1e94ab08c91395183ec0d97e2183e76822db442432449d9cab74905b60efc78306409e41f4 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | bcb0973fbb9967574dc9562675c4e2c3 |
| SHA1 | 7b3c6b8a04c17b48385754c4076d67ebc93a120d |
| SHA256 | 4b75ac62af18d761e6428d8a2a782ca449da1c5b9e78f2d8b3a582abebec467c |
| SHA512 | 29bd435510216ef7a66587621a7a2a8545d944b0a508271ceef39964bd584db35b029a37a368dd27cf909757a5805373716a511b8ece5d5bb516fd463fbb1ce3 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 0628d8257ed4b3edfd09abcf1750ab9c |
| SHA1 | cded5aa0585e6213c5c0be8c5491c79ad058e57d |
| SHA256 | 62a8b7e08991db9611a8d41551c1878c73819ef0a8273ceea962a1eb6757b5bb |
| SHA512 | 5105aacc966e488b3ae07057f5e97762e2fb8103e9327916d8a30bc5947715fbfb18da5597a658fdd7f3709d221b26f75aa4a6c2a15d65445bb6f9fb4f9c64d2 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 7f963cb086a242c08f19dcaeb1481f24 |
| SHA1 | 1510bb5fc1c01e412766ecc0b122423a1862537a |
| SHA256 | ea69c29c4ca51d3b93842e21fe4e66e10d0bdc009a142b1eb2e137dec0e74af4 |
| SHA512 | 59913a04645081bbf4ddec5afbde46d9be21627b97d7a20db8b31550e922bb0b67daf9427553f39cf08835a659881cd5b1911f4976fcbe76ac7f73d5da44bcd5 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | dc28acccf2a1769da983217f9e48ed2f |
| SHA1 | 1fb65e9ecfbe067c123ce71a2eb7d1c32577b24d |
| SHA256 | 2d799145b079dc3b7416bf50436dd671226814e7c2f81e7a692240f51a1c94df |
| SHA512 | c20de1bf2ad576b717ccc12e393991441a46376be6eac922a9dba82af7cd6db42c7ef330a6963fa82d871ed3809a28e8cb3a37613343145a40d1c21bae9f368f |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 8ce18eaf75a79c6a605e2679fcff68e1 |
| SHA1 | ebeba4aab86699662bf7247401c0c3d288d5ec59 |
| SHA256 | 94fc1a254f7b406f753f060b53cc22c8934ca1326098c0f5dc46da047eeb8ac6 |
| SHA512 | 18de10669b78c27e3f6e445539b956f1d947cf4a11378d793d62a49307e4edbbf787c13f5c3a59e79b7c06ad97c4e53ddf1f22e16dab9e4a40341dccebcdf61a |
memory/6836-10336-0x000000001A730000-0x000000001AB04000-memory.dmp
memory/6836-10337-0x000000001ADB0000-0x000000001AEE6000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 68fa6b050d25586d39bc6613f411c8ee |
| SHA1 | 887ea877758944f95caf3be18ff6d4da7f2749e5 |
| SHA256 | 023d431fedccd38f015d01a4a0043b2ca8bf70978ffe1be05a927e8239776e4a |
| SHA512 | 214a9706349100fd1975cce2009e4c09ef251952488c12582595d877ac438ce5161bf3a0b85782d02f2e0d1c33c08ce01c57aef8ec75303611812cde68b0fa97 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | f5aad8b171107841e5847a48259eb99a |
| SHA1 | f114105cd9db01e9c1ac66451463a381f98477d8 |
| SHA256 | c938ee5569aafa04e8475cdaea0cf7cad82421076a0440d200393c2ffd710dde |
| SHA512 | 1540e32d6c355118e74811627005acc03febc2bfef66cac7fb9aae86626794b9ee85b95a90b723795b4ce943c64d7001ed25be082dfa041dbf9bcb87b774254f |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 9a386737ec3e94bce1a5bae452d49e1a |
| SHA1 | b3f4976aa3d5f0b1b3b12fbaabfce2492a90800b |
| SHA256 | 86180d546381b4b113ef26ee2a39e397d71b64927236759fffef4d19bf3d57d9 |
| SHA512 | e8f1276e35f2c09624923e4fb6609add345025cf021ee8b55f3b1533cb12fe080cd8bee00ad91d7376d5750c9a990138654f95896a58da5d46dce2fb884e7bcf |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 76e5f702169917efe74340ff83d8fc8b |
| SHA1 | 8954eec2002d12ca0d8a520c7d36aa6c4f7d2f84 |
| SHA256 | 0b43ab37a0581ec10b7ea3164536156b5f59cbe9408622624fa5cdf02db1ab86 |
| SHA512 | 0431f82349532dfa0da29240ba8b74ebdfcd49c4debfa9add3a3e8c67aebfdc50f9ea2efb521146bf060741c99d828e3bb3f797a9817d1ee22c724698f45a006 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\6e0a671a-9313-11ef-a48c-7e3d785e6c2e.json
| MD5 | 5b3a31976cad78f0517065bcb5715f04 |
| SHA1 | 0513f6669431337898a3be558aadab212f4e9df1 |
| SHA256 | 22ef8ce0751c455e577c264507fc05b311f5e57bffd5beacebe1c30bac85ba64 |
| SHA512 | b662ac45da0cdb2a9fb528cbfc0205161b50d1f65f3d2eeedb5a691be54e337016580dedc881d3a882c7371437797884c1d4bb490e9d50e8288ef909224591d2 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\evca6btd.newcfg
| MD5 | 683674e4b3506a9a5b6c490a23cbd281 |
| SHA1 | 582c540aa294908463d3c8eb117bdc6bbd38dcd2 |
| SHA256 | efbe574e5fbe6d5682e9a44249e0579c06996a15dcad882596ed069b515e6bcf |
| SHA512 | eb7444283aae6ea3c0f90f32a791279cceb6dd4ced9bec23bf32ba4ab009418f34cc853016a963aa47ae4009ebb5a6d5cc8f4539cbf16f570d79ec3c5c598061 |
memory/4712-10489-0x000000000FEA0000-0x000000000FEB2000-memory.dmp
memory/4712-10490-0x0000000073A60000-0x0000000073A72000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 0cbe49c501b96422e1f72227d7f5c947 |
| SHA1 | 4b0be378d516669ef2b5028a0b867e23f5641808 |
| SHA256 | 750530732cba446649e872839c11e7b2a44e9fb5e053fc3b444678a5a8b262ac |
| SHA512 | 984ea25c89baf0eb1d9f905841bda39813a94e2d1923dfb42d7165f15c589bd7ff864040ec8f3f682f3c57702498efff15a499f7dc077dd722d84b47cf895931 |
C:\Users\Admin\AppData\Local\Temp\e8bd9880-9425-487b-9b12-0c60fd395fec.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3664_543421991\6ccaf859-16a6-4d5a-9cf5-19fb816d8262.tmp
| MD5 | a2283844ba46ed3c67801ed1e183049c |
| SHA1 | cd35dac07b8eb5530331689aeeb967206aaaf76c |
| SHA256 | d05dff4ec1937fae7223ce7158c65801c5efe06c8934977d378ee963bdf29100 |
| SHA512 | c5935be75044046070832fe77a8c201909fa433932cbf2d7d965754f22bc59e9467b4ffb425784958b9e17f7c1f1c7d5097112d2d20a4713a1c3432cd1c9db61 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3664_543421991\CRX_INSTALL\js\browserDom.js
| MD5 | 984c50675ecd2eef449f06a1b441dbdb |
| SHA1 | 0e7eb51fff4258931aab6aa60aee5f575b8ef896 |
| SHA256 | 1fd90beb829d55e34c076a2f2613e5dabfa0b4dd009afc8638ca029c0849cdf0 |
| SHA512 | 738cb5369c3acf493b0d4885bd220d9cae45b62de47851d75a43216edd1ffab45db127a711e2f2e636fe15aea64c57f0c563aa99de853c8fc1a33543351ad89b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp\2.0.0_0\_locales\en\messages.json
| MD5 | c6fa3a1f7148ede7f5fdd0f7a36fc58e |
| SHA1 | 399c3233acb80042f82bb47ee132aa74e5b58566 |
| SHA256 | c49bb1f9c49ca3f67404995c6ff4dc8ca416d4daa6779de4112460607f6f04ba |
| SHA512 | 7f96b48f5185f0bf385c6eb2073549636cf9f4bc287a4a7dc443ccaafb190fcd0a7b56fa5fd7ce5fa5fc4a0d02b40481adfa1416cb7974bc868cc0eb4e680ff0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp\2.0.0_0\manifest.json
| MD5 | 5998fd13e70872b5ce1fc9b6b32bd696 |
| SHA1 | 972882abcc6ac0d844db8e073895eb2858d3f3d4 |
| SHA256 | dcc9d7dd5b0ac4474f3a9f26660e53dbf8d639d8c768cdc7915a514dc00de7ac |
| SHA512 | 83f116a72eba0c0647504b27b522d7b585460d9cfabf3fc87bb2710e98a7eb68bf3ad8f3fd0763f5e382697f131bb976ba1a8bb2d8a8eefdebc22a24a42aaa68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 44028b96fced67497ad7d52f077211b2 |
| SHA1 | 4261bf28fba187ed7e426dc805216601face615f |
| SHA256 | 0cd004977ddb143d001ab18ed4d206ab119b39cc1aa9757ff61488baa101db93 |
| SHA512 | d10fd9b26b96d64258f1176583b6e5e0e7accf83ecd9d2a16bd567ea43a258d7d4e306f98035d3c6c626fecf36829548a791b673264586aa23556914672b6219 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 476992a01114560dbf89e8b0a9cf3899 |
| SHA1 | 012ecab83cf6b5f1d9311c5a4812de84c02ca5f3 |
| SHA256 | 15515ba9045553c3c554100b95e0e0e7fcd7d26af21ec01d1fb5104f7a495c6b |
| SHA512 | 0ad1f06679bb15792596fa1495e35ea6faa67bfbca8540df90bcdf713ba786e56f8906f28001029c3593b290313388c532e376b88fb320b8ce22615af3826a39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\834ef1fc-06e0-4e70-aa57-704b3d73d2d9.tmp
| MD5 | 3e3bc3b23101ffdbde2558789962a361 |
| SHA1 | 663fa8b6a6b19cbb958e33156d19b77019295108 |
| SHA256 | 230a3255e55699e625ad5b8a823863e0fc81840ff73723ba6d98a1ac9ff60fe9 |
| SHA512 | ef21cee20abaf8bb7c4d3281592a25d5d51eabbc619e93e3ac4cf12905d9dd222f358309da35900bc4e2f7b3218a76440fb32fd86c729e1f0a012ff76172c243 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\7188b7de-9313-11ef-848d-7e3d785e6c2e.data
| MD5 | 4fa7ab00cf635ff84a4060363c9e5a49 |
| SHA1 | 3616e565f6ad9256e8d256b4bcd4b03fb36256b4 |
| SHA256 | 6f0438042f724c5e14c9a96a0d7e800c4f2c23134513c1ed43be9526ae8c0664 |
| SHA512 | 18fed139cd5234e3ca8c0f96382d4d352d7b7e507178cc51342fcdc6d48fb2833cacda1af217e8e19951a060c380857cad2d68b67dba4cfafea4500f65dfbfa3 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\83594488-9313-11ef-9114-7e3d785e6c2e.data
| MD5 | acd879008c7a707e557ef8040903ee06 |
| SHA1 | 3f00bc643e479d22c8767508f1d33d767bb3c02e |
| SHA256 | 5c813bf223fc37e3c6ffbb16314e55b7368ae5505ec13a13f49ba20b877155ce |
| SHA512 | ca0087fe7d8fb977e58bef820f620d5fc56cfa87df747fdebaa4096cc1e406b7e2c6fc18723f0d49fe31e0f70b3f655792585ed1989533475b05b581b5625b73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | df34f904337e5ab8a333e9ba273ec5a9 |
| SHA1 | f49ed02c61eb943c9a654a1ee30bd1ee4f85106d |
| SHA256 | 949647ce9c5c9f9570f1e278883fa23fe8276bf42ca49c98205680715a897ade |
| SHA512 | b55954b5935132a841cbf4975307bc6dbdfd020886d488d69decb3381a326ecf4bc8a7365000c2ffd022a7bec1109ce736584ec4cec0df8bc0bfc616fccaaa2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1fe6dfcbe9d2736c99a428a4e848d9e2 |
| SHA1 | 3d6b1a0ed8fa894b37ce2e30e85eb36cd5485ac6 |
| SHA256 | 04553fb3c308eb5cf170314e9678950c33909efbdc7633f20a9fd2a245e7e0d6 |
| SHA512 | 1652d90beb4f05e9bee7b95587b1401e4afeb79b6713eb9418cb3e3a7f8d2fe1772120c90167412a48499c6d611dcad1776918823fa13877a9326fac984e4196 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe622332.TMP
| MD5 | b3b8a9141624786b19373a7cc95c4b2d |
| SHA1 | 174a03070ca48ab157c8e2cd9cfd0354f01192f3 |
| SHA256 | 017ddf62f077da965f1e3fb68efa4bae2eb0858e01fe81ddd696293959a68f20 |
| SHA512 | 6ab8f35c72fbfb56fa8f751f7d2f1367ddbbd8010a30b99ba765af2514835ee8e4dfd7659c0b77e4780ad2c4235fd12672855064030da843f04366eff461aa77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt
| MD5 | 40793833f5039b1de5b1993e097da1ce |
| SHA1 | 670cae9da6564df754fb745ec65a44b00581673e |
| SHA256 | 06c0efbe7d85a8096f2546454889da54f65d7efc38576b1cd6a37efb0ebff779 |
| SHA512 | e140d7ea95c8c3258ef6f462b41542a796f387b1f6739531569de4f9ad3b4218390466ba79af8914593b35ab68f5ae8d6a0b768cf56d9bf8ae7b617c5f8b56ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4452953aa6dcfb409445ac8a94248f2a |
| SHA1 | 51049a738a2fb92d5dec87d5fd17ca9697fb695a |
| SHA256 | e27508c8b36c8d1cc2f9be5d4deb58de5717180ed6ab5fc61506a99bd3ce367b |
| SHA512 | 6baac8287b61a11b6f812e9520b52f68eb08005287038564b871c860e6403cb37d0a4e7bdfd9d2a8b448c6adad082aff865e01862d7aaf1ac8adfaa9cacd442d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f6857b1ea672a4c7cd711417cca76225 |
| SHA1 | 05f981ce3976dc468a7b0214759ca70f4f934fbc |
| SHA256 | 61a1e7dd4b6642b6517d99cbec6666809e20ab964d5975a99f696a8744d79f8b |
| SHA512 | a63ad4f75a7c34174adb69ef6b2937f2e388821d6a6d0adbf139658563a662a6e138c40a3e76d5c5605d7b1c0f07c74838b075b17a1cc8f1c52f5bca43db948a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 3450cd9ef78a662dba8d575b760a975f |
| SHA1 | 547030f86369c786824fc5608513b2369610dfe9 |
| SHA256 | a5684c70559f9266fbb11095e352f629867989ef6bde6ead17894b96587a0251 |
| SHA512 | fc6044fcddd9d243973719047534ed167e1cd44f0f65c486deac3a97b875f9c8277ebc9cb1ebe33e14039ab1133ac997f8c1702af1915e7700208498bd554f99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1f15fb1503d03416b11442bfd8aeafd6 |
| SHA1 | dd5a035363e82007a3034c41738df6a4576dfd2e |
| SHA256 | 5607404cf45019437020eff777964667dbf5f2d4987158ab5c686802f7217fe1 |
| SHA512 | 09a644cacca7aba54e8038164040b32c2738a2b4f35b85ea45ca36101425d5b0ae9b396e86f0861eb6b1bd1dca69f20b0031b26c9ce985bec3825eabacdbc1e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 036c433e69aa14f3f1d66d0f880b20b1 |
| SHA1 | 0feb3151686f534250e3350dd62f9744459733bf |
| SHA256 | 33ef5c8f836b6b39fea04bfaf3dcd50533e03e07b609001c5a489675706dded1 |
| SHA512 | 160820b3ea521c4457b92d831fcbe6cea76dfb3ed66ee54fc8c64be5ad301e31c06aefc20225627aada205339784068510c8668803a3023ce5f725d26e524c45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24473d4f39cc047a176ef7d4a0c2bc93 |
| SHA1 | ae6b4ed52e22ff421992af8853fb910e7771eec5 |
| SHA256 | 8044a8d0935d40eaa39ca60a96fc3f6694df5f84332f8a417cd63ab45e40d106 |
| SHA512 | 470e6e73ba1f3a55206307e20d4b5b59caf8758b210c11ba988a0c89f4d11a1f381a9c9fb42ae42b246a864b3c460e6042692902f2350ef9262bc369779148b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 33e955792a335d2647606205d5c7b7b5 |
| SHA1 | 8e24dcd08bce627cd52551b421beb5e5c3635a40 |
| SHA256 | f218f81a07fa551881c3e6bf5363de5dca4f2f92515c2f5eec1d81df5dac2057 |
| SHA512 | 36a72d7e43174279ef072be3a83b7800a3cbf7fecda91ec0b38e5feceb21e965c1c24cd682d73650799b54d5ce213ac27135f148b21dd71219d5657bb39a2849 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 22d5720220dd43fda2d7b1d1b02b9f0d |
| SHA1 | ebac6e07f24e5b967595df4bce1693362e39eda9 |
| SHA256 | 51460c7dba441c3c43ccdf07137ce0026c450b34eab91bf521e10e77aea821a9 |
| SHA512 | 545654a84d0382875f9150ca9c5df4ad660196d81bfacfdbae194f23eb133fde968ce0b6f55c5cf597cbf662320c36492c390cd5de62eecbad47b6e1061161a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 540b5b90fb7537826a600222ac091441 |
| SHA1 | 49c197b1698d1d6a4d53f5a99579ed6757fe203b |
| SHA256 | ecf130eb9d4b6e550f98e5820c4a590331474792de45e7b46fedeb33e9f05e2b |
| SHA512 | 59cdca2f8591199a052e4282b3aedc4d4937e0edc038570ee4d5032db01ce8b179a63c88ec10f5b696dda555ec0194b5cdc75a542141f27524783dd46d013359 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f2668c627ea3bd09940b87570524505e |
| SHA1 | cd50578db916e9ef103605ca75b4f7e5de34e0df |
| SHA256 | ba89c9e06649878e44bc97fb691247b61d38d0199e8e5200bd13f0e699b3752f |
| SHA512 | 2feafd84e53a2e2bd44191523aa51565dff31f217d89864b389107cc6e467c19ccb72ddaa630c83c29949d544eb76172877b1c898447bc690d1e71a0a0436bd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 04f599dc09dd0f6af8eef21497a0a916 |
| SHA1 | 371604341d24f3c5ddcac9772695528076d1cd83 |
| SHA256 | 865c97e4cdd5cf9e9486ec1161c6c018b07ab9a8f3aa69efe9f082f7c4dfa88a |
| SHA512 | 1fd011c3c63ed2a4b66698941ad71e4f51a45e61f5ee3f9328d93c30b7ef07a421650163aabb0fdfa0bf47d15ae33545c16de6caacd389b94cd58f75d43fe0c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 364d0c29438ef401f75c2d9fb079b860 |
| SHA1 | 517ed4be136655de39a1b6da6968bc58f839c8e9 |
| SHA256 | 39eda0a6f3f9124fe1ac61d76fd12dbe5ba04a7977611b7d291c951c68351509 |
| SHA512 | 7fad052126ade7dcf9dfaf373aaf48809a4a8616806559513ddf90e5468589d7f81e28d5cdd8d02d11fde1c9f1b784b9fe1beaffe07bd45b810c2424b8332069 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1094fe61e70fa4f5fda3301cb082c682 |
| SHA1 | a1a06de74a3e4a0cbd49b451cb5cd6bd6f803927 |
| SHA256 | b9c2aef75d7ffca5651aaeaf17d5ac07395fc7200cec8d845576836ddf6a11a1 |
| SHA512 | bbd90317bac2362df353246f2d58322e4ffdd25421c83b65b79b1f55b759556fc835de9233692f3138c134a79141096bf9d4f81f37a744397d690d2a3b1ac456 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb69dc6e5333c29cfb391f8ff179915d |
| SHA1 | 113a3bf6de9f82abe3283db456503e13ada61312 |
| SHA256 | 85d7b945f6c28e4d29d84065779f2aef25de17294cd83e64f2fdcfc154cf645b |
| SHA512 | c59c5a8f0f22e23c395c68c58cd30559cb12bcce76f08c6949abd9a0f6bf03161a412c263ec76fa5a3d3b122f850a50cb56190bad9433eebc84bac5614d926c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 08eb30e6095caa8eebc2fc2cdbbe3441 |
| SHA1 | 47ef5e1ad9b37f9849d24e5cef0668078e949485 |
| SHA256 | 9c6c9f6f0191ee2936574f56fa218d69d8d2831c7761adce68ac027c1f6c82a9 |
| SHA512 | 35e592b5a0e63f86d9714ec22af45fea1ad30a483083a55bbb1baa827758bc508dd9300c1a25ce3c1ab50618db009d59b3f1c5a25d0e6378096ee850d2e08afd |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\gub470l6.newcfg
| MD5 | d266e81e7255cf8382346d3125e7b7ea |
| SHA1 | a6814f2ed0135b0cccebc181191f551688237f88 |
| SHA256 | cc41f083e8cac923cc5df8381007f7ccff28849b514b2a81c4de450e29444905 |
| SHA512 | df209d79f831992362a10ebd505b1153137bfd87ec1b55829f7dd9162295ceaa9abc7bfec126f3d9cdb9da5f52909797fc3baec31823847d0ed95cb1a7ae2ebf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 23955f35531a36a340767f2721d08531 |
| SHA1 | 2e182f3f5fda4103b453940789df0f63e9f5594d |
| SHA256 | d632bc9eef72b3fc8b652fab0e86a8ad0796d6cd2ea74e49d4cc31b413d7d332 |
| SHA512 | b739405cbaa2ac8b3ab849942076fbda01c175d56d9e196eadf6db719820f44ffda3e0fe3a057c392b263c2e6b2d21394a0070e38e307b739754118e666104ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3999ed5989e80ee0f95d403da358f95 |
| SHA1 | 74ef2316a76eb4dda0b7736076b69407379e01ce |
| SHA256 | 7a576110b34f3a120844e52e9af3f731063469de2de1b5f4af94e2f82f3bec64 |
| SHA512 | c40ceb23497bf60f9963e3d9787d9f68b19bcc4bf9925353905da4cb9ecc308bbbfc8c7868524159f9cef1cb4a8b2261267ea7ac763c4c65e2c572957c7b0b34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f505e5612ccb986e3fcc4e48bc418f4a |
| SHA1 | f7aaec204ff9213823c9b3625b566f901cef32c1 |
| SHA256 | 8762a67c37787b160292c6b70bda99a05e61f9e3cc551a969733d01533f0e057 |
| SHA512 | 2d921193832017ebaf09dd137380ef6cf4d65e02d4f5e66b897047f76e9f7d62c0b3e17a07cd7259aff3e5037c9952837a014bf5f132c8c2f32ecd08a245ceeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7850cbc5812389c8db72c2f44ad29b35 |
| SHA1 | 4378f61d068b6bf0cf75dddba513c37f7dd404c8 |
| SHA256 | c429e5904724f8e6425ef38d74578b9338e731b22b5ba64d304f5590464b7df4 |
| SHA512 | 5b2a92213b62ae14111095f1eec35b56e853b78159e78116f50726644687bebd2be2785383752cc4cb727c86df5a67bcfcdb773a55c17f218d2d9e1f6b6947a3 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2ddc30361d96e93f77af26018f73694 |
| SHA1 | 3a5510675364faf8e753a17bcd12c09df0023845 |
| SHA256 | 5675fc37d42a95e0d525dc69fdf318b13e9b51d617766ba59c23db9fc5a81e4d |
| SHA512 | 22c415cac63473ec977d4378f16324ec978d45845884f7dd715424a8c2315b299c564375d0179599ad63729471b831b915f38831f91260ff499afce88d015570 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbf2a2f7e249c8d7e8bdfcdb61e8eefd |
| SHA1 | 801f08ac3d746663553339b29f7e57983aad227a |
| SHA256 | 9d2f2a93e077c4b4777b2fcec9cd140c332e5e6e133d12f8a39752ee183d18f9 |
| SHA512 | 62ef539a1dedee1ea383ae77d7ec85cc29f60e77e3231620aa9082be3077589c712780197024eca2679ca4e4f88c04b0b17516aaaca4ac2b6568148930bf7e38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8636173a5a4eecb0a27182add3951c0 |
| SHA1 | 96f60dd3fc46daaa762dfc633578c15a6db5ca4d |
| SHA256 | 5c07faef7ff6fa969a8b1b7c8c7e9f680ec985ef74bdfd13aae49fb9338cae51 |
| SHA512 | 2174d4e1a3422ba513aa9378c31a2924af1f9659ce56354335fb9319259964434f89c7450bcc1e5a45769f230eeb3ba1fe454e35cb6fbac9bc8c1295fb92c2bd |
C:\ProgramData\Malwarebytes\MBAMService\BlitzCache
| MD5 | e45853488cad4ea3da9edfcc9eb1d5c3 |
| SHA1 | 690cba681b61f6947a7f3d9f3a8e115670e1c0b2 |
| SHA256 | 3d7eba95efa124f22b6764997f822972610402dc2383b65533b3ad5e9f4d40ec |
| SHA512 | c96f1fc22c45dd3bc802cfa1e56b6d8ecbb64b7329d41df13d08369ae1116240981a322c4a1393afcf2a130cb74d2507e1f6a82276fea4300dc72ec00a445c87 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\user.config
| MD5 | cde9d3e27de05fc2b0edfd235b60cf62 |
| SHA1 | 23a952ca43171b3ae632b61d2a94bb9dab1b2c1c |
| SHA256 | 959aa5c7834b44d0e405f0ee9e278fac77268b29522b612d69164937f61a0dbd |
| SHA512 | 660aa4a9322497d8663c0439ae850fb36001ca94a893459f9c784d00cdd64bef6487e35950a5a5da6fdcbc5d801e4d15d05a0d3623f982f3bcfe251f00a13481 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34dc54ca6380308ddf0040bbaff851e1 |
| SHA1 | f75e82c41608be68bf89c77aa65dd2b5051d5954 |
| SHA256 | f0662fd707a717e8d9c2c124afe2bb2889b274af7eb37476b151b8a1ab484a79 |
| SHA512 | 7bfa4d3c90724f084ff47e8f777cdfde51bdf99137aad9ea47118f0b136e5cd6747ac3dd1dac8bf0d1c0e6887221d4c58110b98b787d15570426ed9d1bb4bbd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00a8796d68341d8f6ab15baaf0422529 |
| SHA1 | b576967f8ae5cfcb2334bdee096ed2326430fa75 |
| SHA256 | fce8d4818b384c73e64cd071e8e2de9ef095f62eaa5386334ae805886f6e27c4 |
| SHA512 | 6329e4c2bb50fa371177d7ba9bafd6ecb4daca14388ebba4f5a91c29302be48fac5bf49cad30a788976712e53ad84b13daf9d716021cb6c8613715a4b5114230 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fab47f42ac8434c87f39a6411e3f015 |
| SHA1 | fb408607355e4e14e1e757470b161fbcbec9ec68 |
| SHA256 | ccef53cea589c71692d6bb6ec20d75600448797a710ac9fd941f27ffc6cb5f45 |
| SHA512 | 5722640ad7c9446e87ee7692c219a68b6840ba589f2d002408841784435a13cd88ca6d148d7265d38f419f20dfbc04b92f3c398a77332991bce0b2a0907231a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 633b7e8194c067a3a0631f4e25fcb526 |
| SHA1 | 41a78c640a949d881f29106a4db6b3314aba7fa6 |
| SHA256 | f964651b1b0045e2f4385eace5e6c70997ad0ab7ad6a529cd348f10eb847bc10 |
| SHA512 | 7313f8d216746a6f9b87380cc8a60e995210fac8d61460cffc0fcaeceae40cc4cb0d0480015008eb366d1b52e447c7660ee8c3cb2ee53982491a853d5ffc3749 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77c44f665ff8adb58cb2eb717c910c88 |
| SHA1 | 3ad120495141a224431c48f3e89725d232c75f62 |
| SHA256 | 4b44d362ef41ccf8a7802533181fadf685cbfe223543239b58e7588745e595f4 |
| SHA512 | f31c9f667b71abedac8b7ca1700b72e9404c17e3ead0299638fce1977e48cd98e56d871c14fec2bbb05015c4f52da7ad625cc3c5a1473903c4f4fe1ce207ea4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8369cca5544b3415493059f15512c8da |
| SHA1 | f274fa9b05f3e85348d4be0c77ca0d01c8b96d3f |
| SHA256 | 1bd525a7badaa4c37476b91cc17d7a70db018c9bdf84d596862713bf8a7d5a4f |
| SHA512 | 792a2abd3ed438c0cc5a0a8dff5fdb614829f418c04de1c829ad528b10fce45a8a8826cfb7c8e8c7ee1a45edfe13ccfc09507f049b77c258609ec5676c596d11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0f93f1c679243722c05a0af5f278dc1 |
| SHA1 | a997b03074793f2aa778e8e3b964a9335624d836 |
| SHA256 | 47c81916b1632656307a7196add2342d726f5e9a1a855cb75477ac2530a16cab |
| SHA512 | a0fad29ee7bdf68a4e21057596c40da39139ee3e544875d3d43ebb9354797ec0914f4a0d7eb4fdc57f5f8a2747817a897aebf856624d6b4faa1babb79f141338 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c09b18443e678f1374faa5fd465dfcff |
| SHA1 | ac495a048ca50a5e5c686f7eac6c02d2942bf9a0 |
| SHA256 | 90b3dca6b38b260bff2af4e15cae1494c7be75d879c6d2487e87ced971a89e6b |
| SHA512 | e764dce6f6cfa1c5dcf6a4bf278a91e0b9728e6502a056b763338b95c6622e3d79f3efda246201614f3c1b5b4b8bb716284a826976af82398818015f9d3259dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\50d1bb65-96f0-4a34-a305-43c530e2509c.tmp
| MD5 | f870de0b5833a7cfe1698f2e928ebd0f |
| SHA1 | 266e2175d4235d10e802cb99e91f9cf285fc8f8c |
| SHA256 | 1aa1ea14acb4b2e67b72cb7e22a68aadc402999275d04a0664a474e265ea09a2 |
| SHA512 | a6ece2ba530852bee9469754c55fa4f131045633e8a2a2986f77485ba5e85131026b153b97cdd95c750028177c9ee85c98890810c1b6b1f104d554999e842835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f4765d16-0d29-4044-ad2a-422233d787f1.tmp
| MD5 | 1112b3bd107618f8b8caf6c4d4a480f8 |
| SHA1 | 29c0952e2cd1780787a16b9589367336711ee64d |
| SHA256 | 0adad5731480ab0189073f3e38f551efce131e34d531111e50f3ccf03972e9a4 |
| SHA512 | 8ffb2da14877eac7db93b2dcc1125270ee650ad1c56cf49a336f40d77481d8f9a6f74f699481c14e3eee3f78ce645f9ae75bdc14105066bd48146e449f9c68f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\44751338-ee56-4708-a001-a6a44e83ae32.tmp
| MD5 | 66570f032d3935efbb36cbd7e800e0f2 |
| SHA1 | 10a1a038c3b3d7cc9eca63ba6b74fc4b7a5eee8f |
| SHA256 | cc5fc23352571f6558b51337a61a56d84b856825c1e453db9c42b564506453cd |
| SHA512 | fe40fbcdf86ac417aeace301f56478ebca0222b58cfc8d22050e46f42ea612146760b78529220cf71ebbf4f5e16455cb3255e23e15245d396ffd6e8e4dc987cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | feee39453a590cc83446f9e988c5f34e |
| SHA1 | 9f9315310f7f66c8d9272519dc97b2790c19d8a3 |
| SHA256 | 1fa351222f1d9f9d5795cd6781c849f12c801e5937bc19237e3908fbb351f6a7 |
| SHA512 | c89d011cc19637fb3750dc8827b68231b24b7514bf3ed1d33641a9427c11e5f6d671209cd4008e1fefd40a466ca28258605c43637f87b46b9873bcbadf163cc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbebd92dcedddd463759b7a7b72442a5 |
| SHA1 | b6c0ed208b61d3ab7d2d3655464528f73fea3db8 |
| SHA256 | f50f7dcbca9fd716456c5217cff9d6b363a1f0e2b5c05fde53de80269f723c95 |
| SHA512 | 01278e9c4466f00df24eb4055595543337ec36d3ba85f23dd79a71721f7efd7e1fce517450ef7cef78e188d6e5e70bfab116a282fca734236455cbcdce0f64b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4dd40db29624487bc94ca1e9a948be7f |
| SHA1 | 97c0565a4764c464fa33bf6cf46bc05acba3c07a |
| SHA256 | 8094a1296d3bb0a5b6f21890be7d3f1d24bf4a7d3fbfe1fde072397bb7310e1e |
| SHA512 | 528263160e0dccdea57ff0ca6952ae6a3f2ddda0b9260c04696000a819d6bef7874b312f462a98243172121cfcb556fcddfe13933064e22ab6934a2c2acf20cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bf01977a2617e67a09eda54106be8289 |
| SHA1 | 750958b5a8b5cb271502251be30ca4e3b8ee2940 |
| SHA256 | 689f033a0f23eb36071f3bc9cbeaced1541ca946accd6a1865660e2aae2918fd |
| SHA512 | 3234591d363c38f24bfac910ac32124c1ba4f94a8e724c21cd833bea17e76b030a4b88e4bcf791ddeab893cd6c39b2a6a0149ad58a2f491c47e0aee6cc3fa8c0 |
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng\9.1.0.1207\user.config
| MD5 | 52031e517f45f648c58d88c9785ca61a |
| SHA1 | f09213c746c5a3eedaba5c4f99cf1b142733397f |
| SHA256 | dbc9f310b74988be0eeb857db560321c4b341e8d5053bda4fbeba23e2e070e3d |
| SHA512 | 84e717cdf08a29c20fff788d25b60dce7ded001ba6e24b41ad5d368746f5616a83d49555618e9a8fc50e4525722d4308036b470847298e3e352c00cd06102c7d |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 038b1c6c612273af29e9519a6831bf35 |
| SHA1 | 90086fd6a50a36f779a5c14dd479df6361ce43c7 |
| SHA256 | c92a7a5595591572e44caf07710c9925aed6baa0bab810246adde99d38a889e6 |
| SHA512 | d9bcd63ce17a1c2a6a9142be845dc99e1624e383f513f1cd5137ccccf6ce678793df0f5f7a6b2a0481991fcf2a5d42409a4a50248bc3473bf4e0a448f7fbe869 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e83f12397cba38405e8e2b9fb4f8700e |
| SHA1 | 68f591823a9a1986b67db34782eb4d07eef15ef3 |
| SHA256 | 645c43feb881b7b344f7ac4b1020eac65f9fa382868e172883b83f7800f66bb0 |
| SHA512 | 32f626f8dc097d082e1375087a62d65e64ada20ecd0869cb10903819415c6f1085def55066115c17f70ca91a1b270b2434a5a59e8e21c6c264bc9f053e6646a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | abca2eeb2cc5f28ba27974a1c1ad6f6b |
| SHA1 | 6aae25d34fa8e769069b1895a9e58c24cb7e9369 |
| SHA256 | 8462526e3a769c591ca75fa5e97cfd8c17c3a236a249ae07ba113e53b196d4d5 |
| SHA512 | 7e48876d92c6d2fcb03e0766256a407650a2e3b737db2d842108d3c6e4950476d6831dfcaa92e7b78139a224894b0359a783a48209803919d4a6374b14f8fcdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 11fd9a2251175b6520f5d2d3978aeb52 |
| SHA1 | be8632d35ec8c8a2f3bb3ea065faa7300b8cadbd |
| SHA256 | a92949bd6fead4e0f49346f6e67cc3d6129731c965b42f4c3af6668b7a03c3a6 |
| SHA512 | ce5bb8b3e325324c21d784b09f37ef29011f9bbcde4b3b29e9c96121a47eddaee6a60f99e4927749358dc82235309cf2da5a255c05e2b6ebc0c3911488499cd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dacfdeba6125f7eea2d32bea8cb74214 |
| SHA1 | 19964dfdf5b51c67137b5f22682503ceb1aa837b |
| SHA256 | c0c5a16e06a12c29a56e71aa20a19cab796884e1189189aed0dd98f2581a3311 |
| SHA512 | 429517766f528a166b2b61cdaebbeeb3810f5a23aa07d689acbc074e669f7774ac91ccb69639228536e27c6dd5f6cefffe4b9bfcf53008cd4313a788d816d9fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2a44bc736c2c00bc7e35153791df76f |
| SHA1 | ffb26bc3a9de1562650e65885efce11013f46e05 |
| SHA256 | 0a56224cd3ad995a36ccba9e590d24d0039bd6f3d05ae47599c8c3b9bf787260 |
| SHA512 | c439071bdbf3e9e3537cbfab5b6c503ab23e51ba5f7277a26d88d09fd7bd04cbf3df1ef15a48cf19003830e2d6bc9b2a7fc4e7cdcb39be24b312a649f11da5c3 |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_NotificationsSettings.json
| MD5 | 6ffed9077511eef8f22b4a01e8c4f5c3 |
| SHA1 | 08f5a823e993fd6d54b68a0e9f7886100881f3f0 |
| SHA256 | a44420bd36cf76c6565481028fe03ca3fc3954da2242da42661fe15f2b824188 |
| SHA512 | 7e47381060252ae9412ae3780c8850a68f4a28323424b03ee3a0cf7989ef95b3c1d9fd736b256cb62fb1f842c62f9d499248dfb5b5b1ed7fcda4caa74a1cab7f |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_SecurityAdvisorSettings.json
| MD5 | 3e12ba25c55cadefcf7a628302766f16 |
| SHA1 | 86f457eacd522ab3950d27bbfcffdebe3d53cf89 |
| SHA256 | 002d7233e8efaeeac24da5743dc714de9822966cb3597c4a289d31fc19ec204c |
| SHA512 | a4ac9431ed9339ee0071b9e8749cbc476f9e4d4410bf3594f4105c8bbc93065d7af895e22db2974ac9e525d80e58228770ae826666e31185ea7ac82b7b1bc5ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c171a2beac8ea4bf4b9d73399a5140ee |
| SHA1 | 4953a6241cdba011206d0ef6bb52cac167035fe2 |
| SHA256 | 0102380df1bce9863aa9d5dba613a65e049348346ca1ac4b005aeae956e5b0d8 |
| SHA512 | 744c5ca322abf69db30be72c0ac4f1d4b095a63bf8ddedb9e0a24bcede832a1d7742e5e377a01655a11567fd2013cfba19a6d03ce84ea80ea95e6d7cfcef5657 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 745365fe31cdf89b5ba581dcf9e55148 |
| SHA1 | 9a1c4af047899df27f24e6d8a9190a994d630b93 |
| SHA256 | 000b22a3bfa7292541a72cfb596e6d42cd4d5302c457bf8fee82f68f1716c216 |
| SHA512 | 9fb92be659f9c6cba8c17f4b4656b5ff9979671941d79ec96009c762ee49248c4fa53ac850289aec23c8d4c57c02b92323ca88443691016bec6c20c43983e273 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2d5893b077b3caa6d01e5103ffa86499 |
| SHA1 | b097023d4140ebb1dac0076fdc43b63617aa0189 |
| SHA256 | 2a15977cf8b4b1d99deb7a9c642266541dfe398c1d8b56992c9a1c779c558d1a |
| SHA512 | cdd97f3b41e07af3cac53cfa63f8690b966ca6307e6582e005e64fef4c6141ade89e03b74ef1bc751700fe990f8e2b4e24fe5bca1e8041905d487ecd735aaefe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 898d6116a85e279c8c7b11fb3982cc56 |
| SHA1 | 2a71de4f6757925f74339caffee73d3ee4c0f529 |
| SHA256 | bbcb79a9148d08df6a828f8545122623c62c875e351d52e3114bdc59768ea57f |
| SHA512 | f08fd58b95a9324fde0794a11c0054d5946bb3ae7584493db921aedcf89c6c6ab5fa941c91de49bd1fad9a8178256237a71b881b4b233ec33c76515f5489c46b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a9bc5782fdd09dd1ccdc7b198d45524 |
| SHA1 | 23448a67c7cb4e5723a2de629baf4e2f78676c48 |
| SHA256 | b6e075fd9fe4187b9651026f3eb3c5f4e07bcd4966b8dc18ce1720a0faab24a8 |
| SHA512 | fdc214e79e1b76bf44ba240de758d3a065a5fe35cf3003454b552e97a0d89ca891b45c522c110f0110c149386c6741c86f688cc5c345e8279ed9514f7ac27eb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9dd09d11fc6c53fd014576bf1d2444ab |
| SHA1 | 5b50a775d33ef47beb8fe710da1e14e08940b940 |
| SHA256 | 5e6c64521957ef0059d4e0e3325e8b52da504343940e9d42f52dcaab4f0510a5 |
| SHA512 | 78ba7087e76138b4a4c77d11bbb14f21e040c3b79f4c2a05c8bc13e6c1c29e54100cfe16495b69623d33b96eecb9e286fce71a1dbb6bf156ab9c850a3ba83cbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2026936afa5f51e1cda54ba5f6a179f5 |
| SHA1 | 2b0ce0b1cb4adf496bcda48b1fc7b039ab76609d |
| SHA256 | 08107373c4a9b3348654d519e24a29704a5bb0c5cd2362df6a034c13498f6312 |
| SHA512 | e029919bf2647dc7ea9ab73830005d253fe88ca514c476a55b14b0e39e030c35252ba56483925be74860b05bf1ddd225bf426fb09f30c03a405719dffae5d4cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c8cd8d90054e32dd14549a521d8bdaf |
| SHA1 | abb59786c7d34fe3329046869bd0efd1c47cc147 |
| SHA256 | 1e365cacf892be98adb1e71f1e683fea2757edee87e2d492b8707515ec2de55e |
| SHA512 | eb6c1abe7112e0a5a31accbdc47f9dd94e198e425f929e57389711bde69e2b52ebb235a1fadc0e70c56bdddb79ee36188e9ec27f4b6cd72a8e2f73eec03b8308 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f45560924c0f6085c66bdc5ec5f2f87 |
| SHA1 | f5a7bfeea374e30d8e353909440cc7491a0b8ae7 |
| SHA256 | 5714cf3f295c6aa48cb8a35419e98cfdbc9016783d61c2d91a24c631227723d0 |
| SHA512 | ab213ef420a8a1079f160aed98302d0486e700a0237c7d1da65e1494accaf5919a509b485318900f32b6a7c3bd5a8069fc02283f48d5b5ca0d23ee2aa922fc92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcdc89b1e85a75d8e9620ea824668ede |
| SHA1 | 72f8e48245516a8e3a320d3e44bb52f97120126d |
| SHA256 | 3212c6b511244bad270bc7b023de9611ab8dceee86637da1b64637c3b7f7a1d9 |
| SHA512 | b03f5636431b0112e32496b5a86d872c0135851b1bde8c56be9fb5368cda32fbe4c59dbcaf8fc8f72ad3d947cdc055c42edf560a636d8ca7f056c014ff8a707f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a905912154bcbd6a99c2e58b31160768 |
| SHA1 | 6759a8717624c3b76fff40841925871afd814349 |
| SHA256 | 4048305c3185bd39557660c3168405456e186671e9e8aae03b585638ea4b8ec5 |
| SHA512 | 246b3edbf83dddec1039a0f4ee6eaf17b63406d11ae6c68848e1c851ea9ffdee1943202b35524df15ae7c8971932f9ecd9409e28364e74f4dcf2426b798a745f |
C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log
| MD5 | cbf5101c91b3de2c8344ac2f7d779cf7 |
| SHA1 | 75fb51c0f6a59ec74e9b9a9d18ab5beb78ed30a6 |
| SHA256 | f37c145352c3eb960fa60caad9ee11b73fded38e7c2cbbbbba963d21999641c5 |
| SHA512 | 3d423273e83d64a3bcecdc24070fe59966326bbfb9fd7692c34742b96e48c6065226f42c98b963635af7a5db1e4a6f5637d7c4745eaa74b22d7d2508dcf5c8fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e1360290e7b02df6a6a9c2898187345 |
| SHA1 | 45e82fc3815b0c4264a7659de876381094d18957 |
| SHA256 | c9a05d6b3ab3f53bcad371c79d52d0feb902bc45f9b43bf68c7f2535b5392252 |
| SHA512 | 4b35352a4ed474483ebd80b65c7fcb1377ad18a69daa224580f5a79f500aef753e826f15c1a05b28cca68bc9cab4c654d19183fd45ee69541b82ead7908e487f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47666929d1ef68c2d2a10cff50d7e08c |
| SHA1 | 400c9feae38b6552937be44ee376a1dc48606745 |
| SHA256 | 172919db2f7e3c4e0d363b86cf65ac52ae13f20c6432a6bc309553c555b488dc |
| SHA512 | f28ccd553f44fee43e8bfefa91638bdb56c562858d78f1718254933a666f8423612f883e4e475f10620cad18de42d0f513cd2de208d6c083fc53897eb86bd6aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 43a485fb2c568d1f6df07ce4e6b7062e |
| SHA1 | 28907466109e93d3c789ca84aa3b2d2965a69a21 |
| SHA256 | 35bb31fc6f60e20f723a5e58f196a777aa031008c1be3f2ccf592b40d480b02c |
| SHA512 | 08b2af8adfbf0651a817cbbf2f32936b128008a21408062aa279c71e417ec75fe6f6c537159a89350b5165d490f5dd48540622aaec7e29484ba9037263f313ce |