Analysis Overview
Threat Level: Likely malicious
The file https://gamejolt.com/games/sonic-exe-the-game/16239 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Enumerates connected drives
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
NTFS ADS
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-31 11:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-31 11:36
Reported
2024-10-31 11:57
Platform
win10v2004-20241007-en
Max time kernel
1134s
Max time network
1208s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | drive.google.com | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0320.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_touch_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_r_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_r_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_dpad_right_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\controller_android_wasd.vdf_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\chunk~1a96cdf59.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_100_target_0050.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_vietnamese-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_lt_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_right_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_touch.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_dpad_left_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\minithrobber08.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_lstick_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_lt_soft_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_l1_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_lstick_down.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_110_social_0110.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_l_ring_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_rb.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_lt_soft.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_l_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_color_button_x_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_scroll_down_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\shared_german-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\friends\icon_groupchat_idle.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_buttons_s_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_details_hover.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\vgui_korean.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_dpad_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_l_ring_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_110_social_0110.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\shared_koreana-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\shared_thai-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_p2.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_profanity_latam.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\ssa\eula_german_bigpicture.html_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\Receipt_PreorderCancelled.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping7500_1362749432\_metadata\verified_contents.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_button_x.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_rstick_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_button_steam_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_l_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_buttons_s_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_capture.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\VkLayer_khronos_validation.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\SteamOverlayVulkanLayer64.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_mouse_5.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_lstick_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_ltrackpad_left_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_030_inv_0308.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_r_up_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_dpad_left.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\GameOverlayRenderer.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\steamui_postlogon_romanian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\hp_m2-1.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_p1_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_vr.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_outlined_button_circle_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_color_button_square_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_color_outlined_button_triangle_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_Bloons.TD.5.v3.6.zip\Bloons.TD.5.v3.6\BTD5-Win.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steamerrorreporter.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2045521122-590294423-3465680274-1000\{127B5BC3-92B9-4734-9DAB-DEE32C147DE6} | C:\Users\Admin\Downloads\ChilledWindows.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 534692.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 463064.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 69932.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 583906.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://gamejolt.com/games/sonic-exe-the-game/16239
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb346f46f8,0x7ffb346f4708,0x7ffb346f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2588 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5164 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f4 0x3dc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6092 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2580 /prefetch:8
C:\Users\Admin\Downloads\ChilledWindows.exe
"C:\Users\Admin\Downloads\ChilledWindows.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7480 /prefetch:2
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 420 -p 5124 -ip 5124
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 /prefetch:8
C:\Users\Admin\Downloads\Dolphin.exe
"C:\Users\Admin\Downloads\Dolphin.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_Bloons.TD.5.v3.6.zip\Bloons.TD.5.v3.6\BTD5-Win.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Bloons.TD.5.v3.6.zip\Bloons.TD.5.v3.6\BTD5-Win.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,3063893115049695356,14321393649690329959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7312 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=7592" "-buildid=1726604483" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-userdatadir=C:\Users\Admin\AppData\Local\Steam\cefdata" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1726604483 --initial-client-data=0x368,0x36c,0x370,0x344,0x374,0x7ffb244cee38,0x7ffb244cee48,0x7ffb244cee58
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1664 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2184 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2512 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --first-renderer-process --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2932 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:1
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1244 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\cefdata" --buildid=1726604483 --steamid=0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1092 --field-trial-handle=1736,i,852668519558659935,12877541214575849523,131072 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,SpareRendererForSitePerProcess,WinUseBrowserSpellChecker /prefetch:2
C:\Program Files (x86)\Steam\steamerrorreporter.exe
C:\Program Files (x86)\Steam\steam
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gamejolt.com | udp |
| US | 104.18.5.160:443 | gamejolt.com | tcp |
| US | 8.8.8.8:53 | 67.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.gjcdn.net | udp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 104.18.25.184:443 | s.gjcdn.net | tcp |
| US | 8.8.8.8:53 | m.gjcdn.net | udp |
| US | 8.8.8.8:53 | 160.5.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebase.googleapis.com | udp |
| GB | 216.58.212.234:443 | firebase.googleapis.com | tcp |
| GB | 216.58.212.234:443 | firebase.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | global.proper.io | udp |
| NL | 18.239.83.70:443 | global.proper.io | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 70.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| NL | 18.239.83.70:443 | global.proper.io | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | abcheck.proper.io | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| NL | 18.239.36.108:443 | abcheck.proper.io | tcp |
| NL | 18.239.36.108:443 | abcheck.proper.io | tcp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| DE | 91.228.74.166:443 | secure.quantserve.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| NL | 18.239.50.110:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaselogging-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | pxdrop.lijit.com | udp |
| GB | 2.18.27.132:443 | pxdrop.lijit.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IN | 142.251.42.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 132.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| IN | 142.251.42.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.42.251.142.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.enthusiastgaming.net | udp |
| NL | 18.239.83.4:443 | api.enthusiastgaming.net | tcp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 8.8.8.8:53 | v-2.gjcdn.net | udp |
| US | 8.8.8.8:53 | vplayer.enthusiastgaming.com | udp |
| GB | 54.230.10.122:443 | vplayer.enthusiastgaming.com | tcp |
| US | 8.8.8.8:53 | 4.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pghub.io | udp |
| US | 35.241.45.217:443 | pghub.io | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| NL | 18.65.39.29:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | 122.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.45.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.39.65.18.in-addr.arpa | udp |
| US | 95.100.195.53:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | download.gamejolt.net | udp |
| US | 95.100.195.53:443 | www.bing.com | tcp |
| US | 104.18.15.32:443 | download.gamejolt.net | tcp |
| US | 104.18.15.32:443 | download.gamejolt.net | tcp |
| US | 8.8.8.8:53 | 53.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.15.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.22:443 | th.bing.com | tcp |
| US | 95.100.195.22:443 | th.bing.com | tcp |
| US | 95.100.195.20:443 | th.bing.com | tcp |
| US | 95.100.195.20:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 22.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 204.79.197.237:443 | rewards.bing.com | tcp |
| US | 204.79.197.237:443 | rewards.bing.com | tcp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.2:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | squerys.github.io | udp |
| US | 185.199.109.153:443 | squerys.github.io | tcp |
| US | 185.199.109.153:443 | squerys.github.io | tcp |
| US | 8.8.8.8:53 | 153.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 95.100.195.20:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 142.250.187.206:443 | drive.google.com | tcp |
| GB | 142.250.187.206:443 | drive.google.com | tcp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | tcp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drivefrontend-pa.clients6.google.com | udp |
| GB | 142.250.200.42:443 | drivefrontend-pa.clients6.google.com | tcp |
| GB | 142.250.200.42:443 | drivefrontend-pa.clients6.google.com | tcp |
| GB | 142.250.200.42:443 | drivefrontend-pa.clients6.google.com | tcp |
| GB | 142.250.200.42:443 | drivefrontend-pa.clients6.google.com | tcp |
| GB | 142.250.200.42:443 | drivefrontend-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 216.58.201.110:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | people-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | clients6.google.com | udp |
| GB | 142.250.178.14:443 | clients6.google.com | tcp |
| GB | 142.250.178.14:443 | clients6.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drive-thirdparty.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | drive-thirdparty.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| GB | 216.58.213.1:443 | drive-thirdparty.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 210.143.182.52.in-addr.arpa | udp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | youtube.googleapis.com | udp |
| GB | 216.58.201.110:443 | ogs.google.com | udp |
| US | 8.8.8.8:53 | contacts.google.com | udp |
| GB | 142.250.187.202:443 | youtube.googleapis.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | tcp |
| BE | 108.177.15.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.15.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content.googleapis.com | udp |
| US | 8.8.8.8:53 | blobcomments-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| GB | 172.217.16.234:443 | peoplestackwebexperiments-pa.clients6.google.com | tcp |
| GB | 172.217.16.234:443 | peoplestackwebexperiments-pa.clients6.google.com | tcp |
| GB | 172.217.16.234:443 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 81.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.252.19.2.in-addr.arpa | udp |
| GB | 216.58.213.1:443 | drive-thirdparty.googleusercontent.com | udp |
| GB | 142.250.200.42:443 | content.googleapis.com | udp |
| GB | 142.250.200.42:443 | content.googleapis.com | udp |
| US | 8.8.8.8:53 | drive.usercontent.google.com | udp |
| GB | 172.217.16.225:443 | drive.usercontent.google.com | tcp |
| GB | 172.217.16.225:443 | drive.usercontent.google.com | tcp |
| GB | 172.217.16.225:443 | drive.usercontent.google.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | contacts.google.com | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.178.14:443 | clients6.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | udp |
| GB | 172.217.16.234:443 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 172.217.16.225:443 | drive.usercontent.google.com | udp |
| GB | 172.217.16.225:443 | drive.usercontent.google.com | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 142.250.200.42:443 | content.googleapis.com | udp |
| GB | 216.58.213.1:443 | drive-thirdparty.googleusercontent.com | udp |
| GB | 142.250.178.14:443 | clients6.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 108.177.15.84:443 | accounts.google.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 134.252.19.2.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 136.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steamstatic.com | udp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| GB | 2.22.144.9:443 | store.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | 9.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| GB | 2.22.144.33:443 | store.akamai.steamstatic.com | tcp |
| GB | 2.22.144.33:443 | store.akamai.steamstatic.com | tcp |
| GB | 2.22.144.33:443 | store.akamai.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.144.22.2.in-addr.arpa | udp |
| GB | 2.22.144.33:443 | store.akamai.steamstatic.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| GB | 184.25.193.136:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | clan.fastly.steamstatic.com | udp |
| US | 151.101.3.52:443 | clan.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| GB | 2.22.144.13:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.22.144.13:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.22.144.13:443 | shared.akamai.steamstatic.com | tcp |
| GB | 2.22.144.13:443 | shared.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 13.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drive.google.com | udp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| GB | 142.250.187.206:443 | drive.google.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| GB | 2.22.144.5:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 5.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkout.steampowered.com | udp |
| GB | 184.25.193.136:443 | checkout.steampowered.com | tcp |
| GB | 23.62.192.121:443 | steam.tv | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.steamstatic.com | udp |
| US | 8.8.8.8:53 | 121.192.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | avatars.fastly.steamstatic.com | udp |
| US | 151.101.3.52:443 | avatars.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 2.22.144.23:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 2.18.190.80:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 23.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| GB | 2.22.144.23:443 | cdn.steamstatic.com | tcp |
| GB | 2.22.144.23:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | test.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 2.22.144.36:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | 36.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp3-hkg1.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-hkg1.steamserver.net | udp |
| HK | 103.28.54.102:27021 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext4-tyo3.steamserver.net | udp |
| HK | 103.28.54.100:27021 | cmp1-hkg1.steamserver.net | tcp |
| JP | 45.121.184.23:27035 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:27020 | ext4-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.18.190.73:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 102.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.18.190.80:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | ext2-tyo3.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp2-sgp1.steamserver.net | udp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| HK | 103.28.54.100:443 | cmp1-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sgp1.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-lax1.steamserver.net | udp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-atl3.steamserver.net | udp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| US | 8.8.8.8:53 | 21.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.124.10.103.in-addr.arpa | udp |
| HK | 103.28.54.102:27021 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 69.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.124.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | p2p-hkg1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.201.99:443 | tcp | |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-hkg1.discovery.steamserver.net | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp1-fra2.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp2-fra1.steamserver.net | udp |
| US | 155.133.229.4:27019 | cmp1-fra2.steamserver.net | tcp |
| DE | 155.133.250.20:27022 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.4:27023 | cmp1-fra2.steamserver.net | tcp |
| US | 155.133.229.4:27018 | cmp1-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.18.190.80:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.18.190.73:80 | e5.o.lencr.org | tcp |
| GB | 216.58.201.99:443 | udp | |
| US | 8.8.8.8:53 | 4.229.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.250.133.155.in-addr.arpa | udp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 205.196.6.132:443 | tcp | |
| US | 8.8.8.8:53 | p2p-sea1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| HK | 103.28.54.102:27020 | cmp3-hkg1.steamserver.net | tcp |
| HK | 103.28.54.101:27019 | tcp | |
| JP | 45.121.184.22:27036 | tcp | |
| JP | 45.121.184.22:27020 | tcp | |
| JP | 45.121.184.22:443 | tcp | |
| HK | 103.28.54.102:443 | cmp3-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-iad1.steamserver.net | udp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 162.254.192.99:27019 | cmp2-iad1.steamserver.net | tcp |
| US | 205.196.6.132:27018 | tcp | |
| GB | 2.18.190.73:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.18.190.80:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 99.192.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| GB | 2.18.190.73:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| HK | 103.28.54.101:27019 | tcp | |
| US | 8.8.8.8:53 | ext7-hkg1.steamserver.net | udp |
| HK | 103.28.54.173:27031 | ext7-hkg1.steamserver.net | tcp |
| HK | 103.28.54.100:443 | cmp1-hkg1.steamserver.net | tcp |
| JP | 45.121.184.23:27029 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:27021 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-syd1.steamserver.net | udp |
| AU | 103.10.125.156:27037 | ext2-syd1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 173.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.125.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| N/A | 127.0.0.1:62038 | tcp | |
| N/A | 127.0.0.1:62032 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 2.18.190.80:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 23.214.143.155:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 208.64.203.140:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| HK | 103.28.54.100:27020 | tcp | |
| HK | 103.28.54.100:27019 | tcp | |
| JP | 45.121.184.22:27020 | tcp | |
| JP | 45.121.184.23:27033 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 2.18.190.80:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 45.121.184.20:443 | tcp | |
| HK | 103.28.54.100:443 | tcp | |
| SG | 103.10.124.5:27020 | tcp | |
| SG | 103.10.124.4:27018 | tcp | |
| US | 8.8.8.8:53 | udp | |
| SG | 103.10.124.5:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 162.254.195.75:27018 | tcp | |
| US | 162.254.195.69:443 | tcp | |
| N/A | 103.10.125.148:27023 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 2.18.190.73:80 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| GB | 23.214.143.155:443 | tcp | |
| SG | 103.10.124.4:27019 | tcp | |
| SG | 103.10.124.5:27020 | tcp | |
| SG | 103.10.124.4:443 | tcp | |
| HK | 103.28.54.102:27021 | tcp | |
| US | 8.8.8.8:53 | udp | |
| HK | 103.28.54.101:27019 | tcp | |
| HK | 103.28.54.101:443 | tcp | |
| JP | 45.121.184.21:27038 | tcp | |
| JP | 45.121.184.21:27029 | tcp | |
| US | 8.8.8.8:53 | udp | |
| JP | 45.121.184.21:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 162.254.195.69:27018 | tcp | |
| US | 8.8.8.8:53 | udp | |
| N/A | 155.133.253.52:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_3968_UENKYMXCTIUDWHMC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 93b67983e3853c3cbb70ff4d580ea51b |
| SHA1 | c944f3b3d6a489d46eb32c92c7471da3e0f37711 |
| SHA256 | 226d7aaf3a5edc3e5076686ed16b753bb869eb1c66803ba7758a34f2d8c0bf7c |
| SHA512 | c9504daf89051a8035f865627c9f80b7fad4af01317d5770eaee4c6de851983f0db586af9ef671c7f808791ed529e3bdbf066fc793a9b9aa76be7074bbff624a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3d4c6648227034ea2f89e245053091d5 |
| SHA1 | 37d3b07ff01caf721fdd5d47a1b710398432bd4d |
| SHA256 | a605483158968ed1dcc152e66880ff943cdfc9dda598e21db62887f4cc8f93a0 |
| SHA512 | 71e4645374045d8d1ac0df3cb9e0b8bc9a5ccff47f35a1c9edbffd56ae36b88bec6f36407b96cd887e25e094355d387300e0c6e5bea63560198acdc55a838148 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b709888d6f49ef6950487b4b9ccbd88d |
| SHA1 | 4d43bc68e3c653158514fefae698782fa528e050 |
| SHA256 | c6cbbf986411f65b46f6da9fc24fb56955e15cd5006460771618d1edb16726ac |
| SHA512 | 53602b3b1ff7b8ac082d198713fab5785aef6610bbde369da13a014edebf536577f40da91f0b14572356aa3f200f5e95d7c659924e24b34416432118dfc33ab5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7031f03a0d62cb1119f1d54cf4bb046e |
| SHA1 | 346b875b2b6c578ab01c9c9e6e0426108aaa69dd |
| SHA256 | c9d77cb27b53aa579c52d89ec6a9328ef504289fb651bd749252270a6273989e |
| SHA512 | cdf664557b8eb501f435b05c0b05809a0cc603c7bb5d7b2bec3ae5dd450cf26fa5d05d3db24611bd611ec3b013bd5d5bfcab2468203bda4b04344f86adaec40f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7e12fa4a0f4c023d9cb2585438d6ac94 |
| SHA1 | cc2632615d8147246c27938c5be975cbeccee436 |
| SHA256 | 4e59da81eeb77e26ff375202aa2bf71064eea8d5afd16e9699d27abaf02e3aa7 |
| SHA512 | fb6bcd4d4914def84e010d6d993116bfc213fb8fc7a7d96c37eef580933116f7a5f16cbfc949883b707edd5d86ee6280a2fa895eefd277aafc1bccd71fa20151 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586cde.TMP
| MD5 | 9cc8a47daea975e68a9161b925a4ea68 |
| SHA1 | 85a379cecc5f216b9f0a3d22f69c6a9fb0fe337e |
| SHA256 | dd471cbc77a543a91260f83b7ebdc8abc3d6563698b14360f818e6b1c095e108 |
| SHA512 | a2d1095fc56a6a85c7f20ff4c416611e01e01f8d3a4bc4aab4fc2d94a1f6eb97fa6c4701ee42e2ebc3eeb2b24e7b2638e7a6622f0fd3c915db3f949de7201aad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ea2bd56ae59b19c3d7055b1fff33643a |
| SHA1 | e85d9dcf95122c0fc5fdb91f1f157bfa9df3788d |
| SHA256 | 7a37b0443f734f4ad2ccd49223feb42cfc43dea57965a9a44ea1e6eb9b14a71e |
| SHA512 | e3487dba37be46027b5ce5c547558c1ef56bbecdb1abce5c9f7e78a489ab711ad436caeae5399626147536d481d16caf3bd7cc00fd5a6714f0518384dd351f6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c5c63fe05f93946b21ceeaed5f895db |
| SHA1 | ebfbe9639230a483f019cc04bef2e4fed292cc2d |
| SHA256 | 062bc917778f1e34f793d88ea663808811d438ee59539b56b267c05c51641979 |
| SHA512 | 30a6c3a52de7a2fbebb3c5b76a5c78589054969cdf9313be7a0881e3290ababec9550fdb7ca0cddc51c56a7579f489828aef58d4b74754f79ca2f0f9954935b1 |
C:\Users\Admin\Downloads\Unconfirmed 534692.crdownload
| MD5 | c8aac36721c9a3ea8f6d6b538819380d |
| SHA1 | 4df0660796ee1b75a67cdd6b6c86a5218db85b61 |
| SHA256 | c648e72f2d223792a076026f1532b2545b61bd19bbd3a18c22722b95bfae5cb8 |
| SHA512 | d020a2b7aaccad419a654da4578bc87c283de68945621d788655e5f8be4f144fa1a42b41d84c0948b35c61c4e63f9dbb5801ebb81dc8738408b3b40696cfbeb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e468e38e0a28b636881b5acdd845018f |
| SHA1 | dc5ec3dd358ab1c94f866a0a6a18b87ef460081b |
| SHA256 | 71493ef94864394f100d304ed9cffa6d9210154b698617a92a7b22a87d992e11 |
| SHA512 | daa3a80a06b6521788b4350b17e5b2b6160ea465443f3d4bc5ae7ef682ab0ae2a1cbe8dd048861fd71e80cd87260ef5794ac3d6a98359aed5c4c0ad2ef8f837b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cbe949714db22b79afb83fc6c8a1bcfc |
| SHA1 | e135b57c5f2ba7120ac95e36fab24b4cf8bd4939 |
| SHA256 | 07cfb0eff530a7430dab947b6e2369216896dc49f852eef41e8ebead3abac267 |
| SHA512 | fbb34c19d9d79691a94b7a2232feec9e8a349076e32c6cf437fa5317696699d351c347d168b2e054eb23e076ca3efd4623e8b925da4329c02d239a64bb117772 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4ade54b23efc0ad307fb09a9eb736e82 |
| SHA1 | f265d363db91b70a209d82c5fba170e9ec3a9c98 |
| SHA256 | 98beb4299fc9e135e6c39d2371193c88e8c4d2d2f974910d3c6d4a650a2c74c8 |
| SHA512 | 33791dd97bb5292475a4311c4efafbaa4bf3778bf4c2b71277fc4a4223c9c6422e7d813f2814b8b71d4fe4820ca0671c0f3d4a0b56a5230aa81b0172f1bf3531 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 25095fdc408a16f84c8f3bf8340bb35c |
| SHA1 | 7841ffda16cebeda6959b3e8aca109997b42cec7 |
| SHA256 | 6285eb644342db96baad494f42305399c8107e9e37081d13763538a8b115a8dd |
| SHA512 | 0730bf6d72f30a5079a292ea6ef5d33a789e6d3cd3eba1c251c9aa8a10b5da85a20ae06a2270a64221e63e3a6846483f78962b5db2cdd736d8775df602c21a48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d3ea798a146fa0c1c0ef9e74283620b9 |
| SHA1 | 53f9edc0df2878bca727ca3c2e1a98650e062e20 |
| SHA256 | 7f746b134a3d49d1cc68a3159f4ceeadf393a0b84eb8d327916c1299f1d3b1b0 |
| SHA512 | 136b76e92e9248844242f960f95c60a894fc98facf2ffe51ceb86fff35fcb0afa46a1a0464a74f01aa51601c0bd343d27ff9f308d7f56543ade7a9027b871f3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ceddf09d42cfddfb4f42723ad5b1712b |
| SHA1 | aa40927acd28fe6bf172bdb5b5fd3cfd1b4ea7fd |
| SHA256 | 43eb2d317c12da754cc7ba9cb58262daf1198be56720a4bfa8966bbc14e8e4f2 |
| SHA512 | c45c027e08c7040fd429af5ebd8ffcef4066e86c58080fba5ab9c764098964376e21925823b66f0050eac342eb076a6920f3a59ce759a95e4091dbff9699e95e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a9b0fcc883bb121f80ff05c43da5c833 |
| SHA1 | 0c04e10a6cb9e4ae83730c2a91c98bcb622bb134 |
| SHA256 | 586c5b6d2b5df78e871e1c7e04ebcc1afc1dd96d6140ccb290e812bd4e9915bf |
| SHA512 | 7eb599f1d00e4b4cb7bfbdac5e6b586bddf5f7cf243907ee15694e1a83e53a6c31c11deb6051f91ebe52ad8cbfbaf94471b087d08053e180de654cd6a2a2732d |
C:\Users\Admin\Downloads\Unconfirmed 463064.crdownload
| MD5 | 6a4853cd0584dc90067e15afb43c4962 |
| SHA1 | ae59bbb123e98dc8379d08887f83d7e52b1b47fc |
| SHA256 | ccb9502bf8ba5becf8b758ca04a5625c30b79e2d10d2677cc43ae4253e1288ec |
| SHA512 | feb223e0de9bd64e32dc4f3227e175b58196b5e614bca8c2df0bbca2442a564e39d66bcd465154149dc7ebbd3e1ca644ed09d9a9174b52236c76e7388cb9d996 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 57ac95c7aab9f51d4ae126db0b1b09af |
| SHA1 | 8eb4d97837adf80b6c904f72c3c1232220a3aa0f |
| SHA256 | 99c69adceecfee1e1a7a978a5c5bc294240d2ec0cdc1bc4023aad096a8acdb09 |
| SHA512 | eb9f2754b684693598832b3545b1d00a7df7d825d318a4d9eeb8e992312cb9521e4ebb5dff5906466676e5df689b42cadaccf826186646a17689f2bc0e684cb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d268416e6519af0fa498b88db779bc43 |
| SHA1 | 3fd4c1fa05e5c481f80b6fa0ecc8201cb43b1f97 |
| SHA256 | e38151928ed8e87d181c02a0fc4ea9522183904818045510e0b39142e589c039 |
| SHA512 | 4cd6f722f3801cc2ec8254292767006b5fff1cc262f3d7180a872f29500e7319936671a9449790cbfe8a5ed8c29747f968df27ef2f665e363c4350bb339ff836 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 78839f5c177959cd4cb96d6119330951 |
| SHA1 | 0d79bd4016065e824b11f21639d1b90d24700643 |
| SHA256 | d29da9ed6c3b812d5426834045df00dbb4a506164a4c56f1e169a8166783db6c |
| SHA512 | 2fa456b79becd35cd400570abee5758a37b2e6cd3f316827ec2231c893dafedd655920c76e53ec324b510af5f78409a08c92407ec2949e8e634ab98e356f01ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90eec9f722605dde2b87db82c139194a |
| SHA1 | b71fd4da3b7de9beb37366d97bc1dfa91376fe29 |
| SHA256 | 5ef2c055d13b8f3c2f2c0e8bcb8ba4fdfc73f3aa602a898024fb9c4a2f09e681 |
| SHA512 | 56ffa86304e27b948b7b793ba7cf7822fa3a8dd046db5ba8ee6d95edeee5a64ee385bd48d3a95e161d62217285a084d48c554048c5a77f2fec215cf960ae460e |
memory/5124-1136-0x0000000000EF0000-0x0000000001354000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cbf1687f3e510f6673c9a6bebfbf0e96 |
| SHA1 | ca6a047f952b054788f7db0c574a23e81808eaf2 |
| SHA256 | 52fcd2f7cf65bfa5f41053b8719c3008f00f3a90e71df4e9f0b28aa5b737f163 |
| SHA512 | 8e6feba3bc0a081c7d7003c5a924f4b8add5619aee31dc368fc4bcc92eff670636041106ae6824520d66a6c72d69ea486ca1583739e9cfe511f659b6704b455c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f2abc237f2970f3f1b5edf5a16c69b7d |
| SHA1 | 1b45ed37bbaefea64029494dd8a6a4a1481343f5 |
| SHA256 | 0c43a4acf03127f091ffb7e2705ac916d9215ad11a32bb2cf60d321989333cb2 |
| SHA512 | e156a32a8bb1494964162d1897fe01fd1ab9d432c9d26a34fbf3fec6eb4bfaae1f5cf59add3d97e4e687d0cb7cb9c275cae336e5cb6279e0e37ba74475e66ed8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d3afc32082eb6f7b93589648f8961c06 |
| SHA1 | a94bd0b8923ae0fc3bffdadc3fdae1f30d266dde |
| SHA256 | b908e060b726b9996383abd10f8daa7e082b64a2b25c49f8771145b5c8ef16d4 |
| SHA512 | b27432eacc7da4c5b23ca9bfef70d6568c1fb491270e1ba22e8788ba1dd3af0773ef9c19cebc35181fcebfa810a2c494f07b0ca386280e8c20b035667c0a9288 |
memory/5180-1240-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1239-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1238-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
memory/5180-1258-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1257-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1256-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1255-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1254-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1253-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5180-1252-0x0000015F0ACF0000-0x0000015F0ACF1000-memory.dmp
memory/5124-1260-0x000000001F250000-0x000000001F258000-memory.dmp
memory/5124-1263-0x000000001FBB0000-0x000000001FBBE000-memory.dmp
memory/5124-1262-0x0000000021CE0000-0x0000000021D18000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | abd68f948d79fa1e7406bb1e91ca0989 |
| SHA1 | 584c1eab53ed46113b0dccc72a21dd5c727753cc |
| SHA256 | 6cca68c909c86e1e3bcb24a3232ef66bd9b57249ba29045e76727015809a2159 |
| SHA512 | a712602df29d1f5ab4ef53e359f2a75f69d38416d4359af4c96ffa668f8c8b38bfefcf2974b7551bdc98504454f15c4aed7292b8d913edb4336adcc5680586f3 |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 4fba02728d49c8ad6f7dcdb45d98feba |
| SHA1 | c6ff745542a98f2eebf71fcb53cecfaf8ff66a81 |
| SHA256 | 4a91eae8a9342c1c698754c7d8fbff044395522e573a5ce8535f59893153cb72 |
| SHA512 | f559d89952ce957bf4fc76de26fa5fe311ca796e24867ef46aa6ac1359d5eb6e665b2d5976b981efc47bbd2d9df9a2685961e5de870ea0d3899bd78bdcb2d7fd |
C:\Users\Admin\Downloads\chilledwindows.mp4
| MD5 | 698ddcaec1edcf1245807627884edf9c |
| SHA1 | c7fcbeaa2aadffaf807c096c51fb14c47003ac20 |
| SHA256 | cde975f975d21edb2e5faa505205ab8a2c5a565ba1ff8585d1f0e372b2a1d78b |
| SHA512 | a2c326f0c653edcd613a3cefc8d82006e843e69afc787c870aa1b9686a20d79e5ab4e9e60b04d1970f07d88318588c1305117810e73ac620afd1fb6511394155 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4264bed187d6a59ce8c331aa09f76f2a |
| SHA1 | 158d2ddd6161d7bb3d5f3b80ac4f011fbc83b514 |
| SHA256 | ee91a92b57fdef4c47eb2e0402653f1939355538c05f44176704c1d969cf7a2d |
| SHA512 | f0dac5100a7735d01513ce1f8fd1e20eb7afc405235394686f2b1fcdaa493125b29760d0f4f02bda921c9e9747eeddd5d35f409fe19d2e1b31c3b729844bca34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 148181e07662b7e6672318890f849df9 |
| SHA1 | 0bc1a371fbbd6b9f46360e0d0297954544f294c7 |
| SHA256 | 4731aca84b3e5e1eb2b1b3c805277027aa81bca72ce7d5f4c9847643db4be460 |
| SHA512 | 4a4852af768143675033d4320ea936cb04a9376dd86cfc4c4de44d7fbfd2aa4cc40f05b3e312dbdf89ca40b1baa420e7b2e89ed0357dc105c0077db906beb22c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f3b36a0f8e79c8dcb3c64e18b7951de7 |
| SHA1 | 7506bbcabee03a1235200d1ec723fdd692623320 |
| SHA256 | 4534f2036d1108e64f9315a8b472322875591b2c31d072fa65aa8934dfa372f1 |
| SHA512 | ea29fd37f3bebac65a16d3a4c92b27e054c76ad43b5df33575163f5ed764a22f772e286b826553ba8ce54700a0fcf503a56863cb7ecf52b74923a7256ffabdc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087
| MD5 | d4586933fabd5754ef925c6e940472f4 |
| SHA1 | a77f36a596ef86e1ad10444b2679e1531995b553 |
| SHA256 | 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2 |
| SHA512 | 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bfcb20d0549993fb636876d7efa9d0d2 |
| SHA1 | ebd28cccafea9af62f2ae127bc03acdc39c2d123 |
| SHA256 | e9cef8bd0af277fc9aa9f1f3d87fe89bf6d36c63734c9ea5f709719901862faf |
| SHA512 | 9e04ef6520d5a681f478fa32385c0a32b512af78f096e1d4643cbc5e6043c8e6b5877ef27b765ebeab4b47790147db8888a9b79d9e9a45f18849dc1a2bcd9df4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 54c0d767bc685cbf7834f72ebaf07657 |
| SHA1 | e2fbe84c402f1364ddf2723a7855ee6c415ce0f8 |
| SHA256 | a7bcdaaf8b66d4017883f1e266b7a758225b5ed2db2ed50c925e4a3a1ec2a9f9 |
| SHA512 | 0a2419369df1f9d0083a8c7a4237375e6f061df36c8e2223c0c8b4fbe4e150a3b5302415a7b8953381686310e1b3cd0ce63d9214e15c8d2ce19adc97d717ca77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | a9465c21e604405006eaaedcf990c0e2 |
| SHA1 | f64722155e6e63078a34044936c38fafe20b75cb |
| SHA256 | 0608b5700daf8d7af53240f787584b9079146ed2c301fe3a2e270dc26704e351 |
| SHA512 | 1e4f87202121d72e04d2c7277358a81021c9a3e82c769d9df55fc83d2bb6a3081bebe83f0596e5697ca2f674a9e08152a65b16a35817948ce49a26207fdfa664 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | d7a93f58cfc9af643c57d1a4ebf6872b |
| SHA1 | d202fdd3a8b624112c029e8e5107fd0ab01cf8f5 |
| SHA256 | 41b5194bae5ebcc2d0f5d6cf41f2d22e249aae0a2cf04a0258ce73ec618e156a |
| SHA512 | 1246bfa7eb2506309074bbbf00a986e531668a31ee4446bba2840f7817464b0f0657d2d60a474938d7d785800b4bb4ffc3ccb905acc41a8eaabeb3636433525c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 2b667cd1e67199f55d6867e77aa3e135 |
| SHA1 | b724830cc748699281c440d1f50eb5e839fc424e |
| SHA256 | 555cba7e199ae01c5b12f977572ac272f31344e212696504a04b1be0c4725cfc |
| SHA512 | d2ac63b0735c1a0fd2c209516b78ef575c11ed1a3ee76ecd972fe8ffaf42ea0004dd128b5470cba6aef77ac11ba3f18824c5015bbd8ec8113a7db601586cdd40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b
| MD5 | 706b08e88d22cd1515e7ac6552a848e1 |
| SHA1 | ec86ab7c52c00b2ff4315bfc4888f224c53cd646 |
| SHA256 | 53183b98a1090f2493708fc963eab0c5dc9dc0931cb8ce4e7b00f47facbd520a |
| SHA512 | 9f06529ca0e63cc88314c7f9175468acc44d55f6140db20a4d85d53d7ae05d90800be0320d25a3b278a5db2231f6c7b3238dedc48e2c6b5da2e8594352e6a92f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9b80f40ab958d3103209a4777966aa5 |
| SHA1 | 60f3323ee84669ef1163c84d221eeca6ef66e78f |
| SHA256 | 91e7ffe2014f4a23b3a7707cec98b35dd3ec1309ce43e33d814ec5ba8ca791b5 |
| SHA512 | c5eccd8ea11d8b1b30b2f3556fcff195a502ea3bcab5d5c1325b9fe4cb7b4a98c911294193728fbe4e189e438d9ec3d60d6e8e2678d4691579e7cdf2b6b7c63e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070
| MD5 | 4c290df68fb26523ead660c3fe6e5b64 |
| SHA1 | 7302ac0bde0aa325b42e4f4b00dfa0b6b90a3898 |
| SHA256 | f7501b84155255d3b39d359bf15f5c0765655fca885ec1bb9c43b270b9a0df46 |
| SHA512 | 6843c4720255df135c1cbba1a61479cd7e8f932b9192aff39ed5b281c92b84113b32d1e88107ae8eb1ea28ecd89bd656a47e73d185cfc99d012d0b5487485c8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 01c06b4b035c745f28fb4660e7a89a19 |
| SHA1 | a26ac2be15b94198d6db941577ddc3708379c8cf |
| SHA256 | c7af7964b962d034ab2b8264204f3dde6dce4f4488f2a9360a5394b070175b8c |
| SHA512 | 49a7c788856985b0e977a77a9130c946cd61e73e1d0ca9b0f65550dc4b76cf584331a185bb05db99f4a4c9c4857f2f22a3a65f91011fe2a25e3ec53b32b754ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\de9698447d08268a_0
| MD5 | 750dd39b0254a9fa1922c8874479d854 |
| SHA1 | 3f4990ec7157e9847aa4c8638be6ee8d8c6a4ade |
| SHA256 | a08a224350d6984be89b874584184eef4a421ad897394aacc39e55f6399100d4 |
| SHA512 | fcd297cbe55fc95fb65d792b1d4d6f38a68576c09c73c642aa910ba6adc5c516f9e3f18e39a850bce563871ae19990246f3174f970afe83b1574ea3e7002da28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078
| MD5 | 32e192b6865ced23845cbdcd33ee8182 |
| SHA1 | 442398ff456df5d499dd254f8b7aae7ca6c8dbb4 |
| SHA256 | afb574b0d738fceba3d0870e25ea0eaf1dd80b505e3fb98be9f6e136d17cb5bf |
| SHA512 | 98cd14fa49c870233ff82608f30207594d14b2d50dcd82b22bb07a275ab91524f31125f06f95181c651102bdfd5319178fdf669dbe278a16ac5a46e699cbbcff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075
| MD5 | 0360dbc6e8c09dce9183a1fd78f3be2e |
| SHA1 | 6cd4b65a94707ae941d78b12f082c968cb05ec92 |
| SHA256 | 2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3 |
| SHA512 | 93c9f1856142da0709f807ca3e5836065e61bc8160f9281fec9244f31ed8ae8df500cd5c64048ac59b4dbc36ebd18ba8e7fbceef58134dd76441079fae147ab9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7bd2c3b2bb4cb718c5abc38ae01c59e5 |
| SHA1 | 06d32dff80469cc5e184fa8bd8855787a4d7c656 |
| SHA256 | 2eaa78590508be8e998bc82ee294c3f890e632812fdd4abbba44a36327f27b55 |
| SHA512 | 704620f0c189dc822f50101a0b4527409ec9382a490b214b569cd1dd2bf2e743ca8f4835d17bc31cecea9fa59fb8fcf56fd900857bf5fc3c4c757824fac1bf39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e
| MD5 | e036c584f8c5842bcf19c22e35008486 |
| SHA1 | fae3e2b04e3a18061e1fe0ea6ee4959983e26036 |
| SHA256 | 4b28f4c834b466f0de20ce2c0e4d98b68879f69a86bf417f5e179f3f57045e66 |
| SHA512 | cf284436d0dfbad4d34f197c69ec3f535bd04e52251994244c333cea6bab7569cce677a1709d396d1d913e96e5407f60df055e42ed992e9a7fe2044b738062b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | 75f3f5748181f1ff5ab8c10aaad6bbef |
| SHA1 | dd77e69deaecb69337535a07e143154e6689f349 |
| SHA256 | 7ded1660e3ac64f4f7f7a83430320bb8c17afc73e49d099347c17b674d5e7832 |
| SHA512 | fb852191cd0defdcf8f3de5cffa12f7990b0496839a7a998150990d4b47320e2e45792c473675055209db28d3b0b37bd292f6dc7f32b6826c0124201be80ac64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071
| MD5 | 1fc02d4eb1a7c51e4abaaa805bd80fbc |
| SHA1 | 58a863bb3ff505179317e2929f56669dac400805 |
| SHA256 | ff91bc694f048e778a8ba8bc41705be81e50472f687f4169f70d15eeb4a7a774 |
| SHA512 | 9309d1679d58533b29eb5eac9daa31fed60924bf18f1eb860e8b0cbc6df8aff30ee1952fde117a3824aa2ac4c86921ca4247265d83f88de6aace439a72f7e351 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 56a2717794482a628bdc2b1e13e1d4a2 |
| SHA1 | 25caf5771066b70d9bcfc0610279fa1efcfa0728 |
| SHA256 | ffd23308bfd0d355a97a0e37b720201f477880d7002d4d6f9963ce84a0200ce3 |
| SHA512 | d595795b6e9e2de7cf2729b6ab63c2da300637b1b7406ab92d26cc12c60cf39a110b29e696c36be616095f655568f0486e6b5f2a3f635a860a19f52731688a4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 4b9177f7f48e91a684548b6341dcf21b |
| SHA1 | e12ae0672caf5e6e0f4cb65dd4577c077d3fae27 |
| SHA256 | 4f204954309d04d3c17f4a7f6cb84833e22fdaa41f7c610da6da6a28794639a8 |
| SHA512 | d17b16e7bb1c47edcbd8ff0f2d0eb76e4098d3e008a32564ce2ee2c3cd768940ae96916a9f9b64790a90ec6eb6881f0a2f6b3a68dd227802e60db95bdd92d5b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b
| MD5 | 3808fdf3f2b59157e071d69c1266ce13 |
| SHA1 | 1acb5a994e5ca9675507fe3bdac3cea40b4c280f |
| SHA256 | 61a3eecae506b10579fc8058c19cc8a6cd2382042c534c76c7cd61dd061c4018 |
| SHA512 | fe47e7fd4271d8e9f5cff07faeaa28b3c45dbb2861d2adbadf555c32e9cc0d71389e0e9eeb3c252bea921d619e69262a12c832f7276b780ad1847b46e4da52ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f
| MD5 | f79f2f844ef06af05997235e3248619d |
| SHA1 | 32aa08b48d142f29faaff08b6c93b5b66a80cc1f |
| SHA256 | c20139341e758c5b6443b6a8375e6bd8fdb80a188b050544a8cd0e3e7713ce11 |
| SHA512 | 2dea94563a5a635b91bf65990dd692045c7db92606f971e631603427228288256458f7d8cf4d63b0acfcea62fc3e25907ed2d2ff099a0437881150e6ce0530f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc76e44b75b7daf41bf7303603dec228 |
| SHA1 | 0cf48a014c8dca7fbb7e04bd300427b2a396e379 |
| SHA256 | b37b4cdb9783046549744a99a8b1bb9ee4fc456db7b0a959962884a6b539b0d0 |
| SHA512 | 1ddd3b5a311d7d74acfaffa2352efca8b9e38610d271c8169db183bb60d1d958d6f978477fe6656ffb2604566a6c08615296ecf69762ca5a593a73a3bd8cdfa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080
| MD5 | 748da140c27a0d76a59a210178f24aed |
| SHA1 | 191b440d1942a24863d81867bb80a3568a4c6887 |
| SHA256 | aee0bff9283c83c48da206dd3efa4d5cb47379746f855ea927c8d86895b3c86d |
| SHA512 | a6f21792e8358a3a053600eea5e4ba19d1aa90c403ade43429a7a9cf326278cf830b0f3329d2dd98fe8534dcd58a4f873947744606f44276c54508e248100ee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 75a3e78c03bc8bf838bfe039ea63dced |
| SHA1 | 1ac4140361476935ca52ef2c9e6a06ac0e2145a3 |
| SHA256 | 7a64e6588182570e73962e4c591c57eaf70dcce8641ed0f338e832219086a3e5 |
| SHA512 | d922f079bdd97ad094490984df01657034a69eb08940e9aa40792f65f53092d4b77b7af6b2ae6530c83983926c6ce84aec944493cf2031e855ea9c5eddeadc4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000081
| MD5 | 7c558d16466b04193b92f9b6f83ff83c |
| SHA1 | be1d966272a4bbf4ba4776d0ced5469878776174 |
| SHA256 | 944871c0491b2d420bf763e0a4e66e564f24073ffdd6c34fead51453bdcbf63c |
| SHA512 | 9b9d9d2088eaae589d4d4beae4eb91cd6531cc12caabfcac8ecfff866deef3da99d1ae8d4d1a8f7e4b10f6996d8784a8f61eaac363becc3c8ae6fb54f1d61848 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082
| MD5 | c6f8c7424989efdd675f67d51d674ed2 |
| SHA1 | 2f31ca655c988fb34a6d6264e9cd3421b9b52b3a |
| SHA256 | 9b2fa44866398993e490e9c61fa561ff5e3a4732a77990e151fcce49e82b12f3 |
| SHA512 | 276b136966c0c6e809ddd3a532c7c1cb070b64865bbec79325981d69c4d70a9c314fc5a56d3029ccc7319058e634a883c89e9d39d03668c1c3d5129766884365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e84abd223b5fba0_0
| MD5 | 94351864ef28b17bf2546c4c1c37774a |
| SHA1 | 351d04e65373f0e57e17d3e691d4e97b67e881f2 |
| SHA256 | 8a8913265f692fc6036e097142bb1c76831d61790990ca4d94ee26147e4b326e |
| SHA512 | 8f186fc9c0a0eb874eea33ea0aef71e79edc0b9184b0a2665a9198718e643576071e433102b2603d67057c02e3d5d0a9821a1f1c97e59ddbf4707500582b03ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ade9cc3cd4cf815a66a4148db1fa191 |
| SHA1 | 6aedb4a4c4618de8df259409210962e554bdbac4 |
| SHA256 | b6a5c9d47ae294d07114b620af884b9f2066bf2c4676b7682456d5281a135695 |
| SHA512 | ddb1bd02aeaaae5e2ec6b5352f426a719d939886f7d234779e7377ea948f791d66d960b09413b88e494b97015be78428b449f6b7eac9439afa991689050933c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d5c5a2e8b81b21878c5e479e75b03435 |
| SHA1 | eafaab893347b578eacb7968518006f02117934a |
| SHA256 | a397ae4d665491328c95276fb85ec0db045e00ef36b3a03d88ef57b8907e2d32 |
| SHA512 | 8b8aa62728150e97b895fe03f1b83bda73d1034e8d3f432334d39fa8d6b0d068db482786ef991925836a1e890fb004a80229bfcbe51092b25013e8a42da5e0ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1a7989fabcb67810f5107e4379b30b1b |
| SHA1 | 887ae766ee6dbcbb1a7bbee419e5b1c0b1774f82 |
| SHA256 | 57bb9e2f9c6bbca1ce0588f6cc5d6712c221265b92a0ed0db87b520801454544 |
| SHA512 | d5ad2fd6fdea3b1704cdc6884304ccea860838bcba3d8c08afe94a7911333a997e7cefad6bebc458c91a6c774721ffe6ab8b6636eb81d2988dd235ae33c16c3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a6fb1c5329b237015e6c416dfa9184c |
| SHA1 | 0a1b00102b77ae5d660b61742219a8a558601f8e |
| SHA256 | 9c6b6182d8dc2e06a3e64afce99a87426a6a5d97eb472362ce7df725e70bd508 |
| SHA512 | d66591a50df44ec7c11be4ad5d6937b049ac3320168e6a78ebb270e631a1591fdb4515bbef3ff793ec205bc42aa564fe7e42d17942c2d4b88acfe3091e29d9af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c9d8c1d65ef48d9c847d568431fc782f |
| SHA1 | 9fd2193eaf397d7563d3f1002570b3a8b705877a |
| SHA256 | 9be3feb68993cbe86f7ae186f9489d3ab6c949099eddb9829bd085f034307c30 |
| SHA512 | 3a3b91deb289634f2cb9733654f2ff768a8050378a43b23a9032b7c340b05823979c576962858f87e492e8999e82caab8b63a738c6df8a048d674c1534ccd470 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b1617b10da7bf795f4ec4fb61f864f1e |
| SHA1 | 20bac3527424d976c277b8951f5a4a3103e065d9 |
| SHA256 | 7a4d78689726f7919a441f1339c3262c1246115b5bae0413cd3098d6df5f7da7 |
| SHA512 | 4983df4699ea2700fde57d36493fe18c3bf132857df1a3343faf02525d8e5ffa3a549ea67bf22aef1733f65010c585befa5681844b7b8e67f13463445b619e9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2e4e14f1d72e6bcf760f7bfb54ccb7fa |
| SHA1 | 12f16d5f95b4b082b0de44e2836e68a0dcd7cf25 |
| SHA256 | c48a51c6c6074dd469717619a21ebb5428822667eb2a2b6321fd755518f8986b |
| SHA512 | 6d6c5d4606a42cb3b0b6809667d48f7654d810d43695242183b64f0c5a4b309f0ae15f3e23db692f7fd5d6f21ee48c18ddfa8cc9f2ccf7c214a744fb24c7b4c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 95fb0f5e6931434ce3877fcf3db32128 |
| SHA1 | 201ec7501ceeee7e589582dc23bbadff2aa36e80 |
| SHA256 | 39eb73d1906e85f1048262bf81aa740193498ca07ed1ab4ab51b5cf43b82d288 |
| SHA512 | 77f1fc236412117763e04c26b2efeef4936872ad023ff91d7beb0afa264c2631a789f53f916292bfb00d0c53fe3454e9b0f8a6e05c8e43c4cefbe34439e9248c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a04d45c80446085058626fcd85dd4d15 |
| SHA1 | 78b1180ec4640df87f856b1657c6a8ae590d5aa1 |
| SHA256 | 77aac6cf237e19740fa777e4818b540589fd4315bddd4a4d7714b76c359bfcf4 |
| SHA512 | c942e3d1561891a0259915439702cbb72059549c0b3a4d7cf3d2dbf40aa7c81141aa6593ff1fdea9bc00eb3e9ec31369361ceec6b168d5fa12dbf2e3e3c781f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f659c500e7c227b69c26b0a5eaa4f886 |
| SHA1 | a44306922a070297d5f16b869224bc4aa77ec1da |
| SHA256 | 8962b076bbc21ba55c4179105338afa0a61c8efcad5b943ca76a268e123390ac |
| SHA512 | 7869b2806002f8930c7ffeea634d0d51b36d973e6d89ba136f58a51ef69ddeea33e552181ba1d54cf5911c6be88e052ccc9b4a950021e63ef5549ee8587c7b99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2505ed8321aae2e459231fb8415aecea |
| SHA1 | 3d3603ddde5e0ff4bffd69ae84e38a93b0c375c6 |
| SHA256 | 532443fe9df28d87a043f2cf0dfb5496dab634e4da7021c14592113b16d18162 |
| SHA512 | 6b327f1f655938bb58331b23ef5f5ab3785f260311ad82b9f9c398c8a1bfad3e1ce4a183f40029ed65cc6653eb42a6a9d2d446e8f53d2aac6515a280393fd29f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 67111b0c8df2eb73e97538451737b232 |
| SHA1 | d0a1e94f1c0336575acd8fc368f7159039f1b151 |
| SHA256 | 0bf3b4854dc7c85a1435e8997b8e2454db577394c66c77c40bfe1c327dfc6e01 |
| SHA512 | f6ed2d04e16378ca0f4a072bcffed1d5835f8dc926d74e17e42fec5586b0bd3edc9d31165811783eccfc35f9a6178efd2b1f33bf0dba22dec7c67dcd173f297b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5114eda651ba67d71eac0b1984e80ad3 |
| SHA1 | e5c490c8dd12d7cd448fbdd6a1df103a6b6c3d9d |
| SHA256 | 0e5f3b1ed7f23261890e3946f7eb45120a953186693e8f5fdd197f01acdfed84 |
| SHA512 | eac99fd95296aea34c7d397c04d2440a3b984e65e70373d64ed6a179b4df4cb44ec79b6cfedff0c9585d64360da58f8412084e9fb215cad2f9bc70989b094643 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000094
| MD5 | 3e860c7bc49209c1105973d69e12d93a |
| SHA1 | 08e9070c7031c7e6588d314f7516d038b7224b81 |
| SHA256 | 0bb2c6a7dce36ddc07f2bc7ffb1b27f8b96afb3e8da2695e1e6c37e37d86c2bb |
| SHA512 | ff64c4d245842a6861d820708d7c16cdf3b8a4540ace90c3a1ff15542965801f422f4f2fe051a311e51541d3780f0b067ed5d79c3db864deb39a7243e64ae8aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | abc9e6aba2743b78079ad0ea48b6e72d |
| SHA1 | 5a15eb06411711d219c8360161b6524708374f0d |
| SHA256 | c1d625a4861b7071c013f286186437f6314497456baaad26ff7fd7053c8afd91 |
| SHA512 | cd597e6b9bbec2f694bd8198960ba9e84ab69e581a1b9327ef0d130f6674cca82cfd36ef9fced81d66fce8a0e83bb4f54e80d7f8a1148cb0770140f31dbbcd53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 746e5bc28d6fea51583e62ab6649c968 |
| SHA1 | b68bde91bc6f50379533493b5b1f3da46456b88e |
| SHA256 | a75eb369efaf144b0175f0dae84e6ce402557e71c31d4d736327422992465f06 |
| SHA512 | 17fd7184ed179c096675e8dd213d43d99e6e012f4d97543d750f8f25bd2994db718c6bfffcb1a391cf8ce1e393bc8766d7a3da4e30ac6fbdd800f7cec0e1d155 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | 2227a244ca78dc817e80e78e42e231d7 |
| SHA1 | 56caeba318e983c74838795fb3c4d9ac0fb4b336 |
| SHA256 | e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24 |
| SHA512 | 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 31e6b6a013182b5082774334fa7ddbe9 |
| SHA1 | 70142292eb3eb1506d5e7e664c74997950429331 |
| SHA256 | de84f015a529c819d7b4a656438c3a32ce69c14bbd7498ae1567a49c79755f5e |
| SHA512 | b0be320ebe4b8322a412e5ea67afed6d7771bd07c90377b1f98fed31001c2a89700d4a4bcc642689d7d72f2b4a6fdd8751582178bbbfb3d9cda4ef8a7f3dba6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 106498de811e5552ad33f00b854953df |
| SHA1 | 8744ef48d90a400556f9f4240ad759d118c5c7b0 |
| SHA256 | c137889679ad009575985ce6d67bd9975c6ccb26a38ce674fff2473d9fbf0fbd |
| SHA512 | 3548e8b35e56427234c7a84537540487d16cf5746a7f3fc5c699ba94c32792d06827085907d0cbaee42bef896db8ef888648acc9245814e9d498b395bcb2c02e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060
| MD5 | 382066c45c0bcd0dec5403492274c6b5 |
| SHA1 | df8fe723405dc8a94a503216df23e1d67277cc1e |
| SHA256 | 9bd0ba67f98ec609bf06f7abdb3483dc954616295ec54cffe473019970498cba |
| SHA512 | 6f5496afbfc8cbbcba42569466e6a230b81d7793b3130bf10f4ce9100d2b69727ad3c7daa6e490abe3196ec7fe6e1a5b7b3c590329de6bfb9fce8fd724a715ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0e686347bed9e283dd65224b0c6e323b |
| SHA1 | dab49d116aa626f7168c276f6f8c0a7ce1e69d5f |
| SHA256 | 0214e4e1d66a2865a4d6ef18255cd996e2caea5a23d3d2cea36c44e9516f5634 |
| SHA512 | 4a1deb3eb6f8b07b9b0b9d1bf9867701c847334675f9394fcbd92e4c38f8b6d4edc5f87f76cfef1154eac4d1dc5084d850154f1a19e8dc70adc02e5a85b0bcc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9514470cbb7be2a4caec733c46b4dcb7 |
| SHA1 | efcaad0d4e082a93540f24498d7aa489b08218ea |
| SHA256 | ace6cc1279060840b2b8d3228e856157c3789184c5fc805c2f5b264b5e9aa8b5 |
| SHA512 | ec2671b054199fdc331e5ec841358152d5c99f7599f3903ed5761fc188907362ed3e388714c166d78c33b6d6551b7d5c26d43dbe4933107005f6efef1ce8b917 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6d2f260a3c4d86ff0d436da1ed7b5beb |
| SHA1 | 933292debce6c75ad61fe85dce4bcbd54ac96bcb |
| SHA256 | 6510859d9f1e7f80dfa1be096af30b12eade29f6d93eb84b82544f59ef62d035 |
| SHA512 | 609d9ad767d8f8b5b748ee324096f1197358933c4992e9c09ecf1dda44e6e1e729515fac81786cfe895f15b72bc0d329dcaad73f1e1967153ddb77144b7f2b86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b4b18ae004d2089bcc68a3d85bf5f952 |
| SHA1 | 8a08cb7173db11f290ea1092c091644b48682186 |
| SHA256 | 60a6e193535fc636cf0e5114e7154e595f65b795434e89945bdb023aa5015431 |
| SHA512 | 94a547b49c70960539c4355bdd8cfbefb0aae252f461aeaef140bdd46434f5a65cba003f32f7d5420bcad9228bd16b132695e69a63ce250101d85a7e2798f243 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c77517f246ba3320146598e98d1a687b |
| SHA1 | 9da1b6e99a2e82ce32f456c931e37d422d9295de |
| SHA256 | 0453353027d7f9be00851461b555a7eb03d02c3d40adaae460f2b665ba123473 |
| SHA512 | 63fca2394b1724cbf012ffa277f28beb8bd50e75a097f42ca1291d5f2636cf9de7d7a4060f323515de8de0b03d3b785de66d0f2a716f7e66dcbfb660b5fa4c04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9
| MD5 | d07fe0483acbc3805f1e48cb971c606d |
| SHA1 | a8d9fcde781b5045cf6572297dab853097a2178d |
| SHA256 | 1b8a56da98c2552790865d9295586b5116c9f2f08cdf69bb4479432f249c6380 |
| SHA512 | 03cf0c25ea172525572ce45687207854a3a5d9c7a69d44b2de295529da7205322846d611baf9f2dcaa48235796eeee4568439cc201ea9fdfd53cfb19f2001232 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc
| MD5 | 25081476466948e2df11adc8c9937804 |
| SHA1 | a8bb6209d8264de390513e4e44df781260ce6c32 |
| SHA256 | 40d8df14959a05ab2648d03121318a336d5b346b997619dc4c76423317b04476 |
| SHA512 | 9b274130212f0c07c1befbe3702febe0457faa5455a64455cb8f1372cd7108a6ab7d9192ca2f8fbf4cb121d826a345df7049cccbba28b848abc9fb9e3bf228d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fb27f33872283ef33a6efc284f21ddfe |
| SHA1 | 0770f655d66bf3673bfdf5a9e6aa194c58801642 |
| SHA256 | fa2be6774f5e9bf010c209baa11e6a5eb04a220ea6c249085d388a8612c14728 |
| SHA512 | 51223fe9b7640bead3a7695d9e848417b477f6cc1ce9e67b6ef7faad5a3fe3845e40b8c6e6ba398dce19347114e1b3bd680b21185f4e48f3aeeceb2a41f6174f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a
| MD5 | 52d9d84a96978cee1041f678c55aca6f |
| SHA1 | 182e5aba11733940455115228c1bee4f43c7acc0 |
| SHA256 | cbb1b238ec4dc6fbb203cab36076a245fbcef04dfca6b7f0e29735ee018f0dbe |
| SHA512 | 3b85a7269daa613c55b0b70de3c6ef3be3e39fa58eac52d8895d31886e02e80fa6c358acfb1facad7e1a7a9957e8fd83aff1102516867502c5f8eaf115640604 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011c
| MD5 | 81d72046d97e4e906981ee8bfbae3a7e |
| SHA1 | 5dc528721d51b10ca551605eeb57f3113ca776bd |
| SHA256 | e3da38ef8935759329b8b15329c698dc013f378b39bcecd32111da2fb03117ca |
| SHA512 | b60212bb3dd7615d70576dc6d72dcb2a00b4878b5cac19353dcfc8962ff6dc3203ae8b47a3a0791ab8c4b92ab55892c4fe7f8371b7ce83ae8ac80aa9ed110624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | 4432ba6759218c592d12ea3054b8f9f3 |
| SHA1 | 67b1acd1aceb6162e88f2dea0c2fa327c7a6e741 |
| SHA256 | c9297f0ff7cfe9f8a788d5d283a548dcfac9d7ee0c914882e993dd7732b08a80 |
| SHA512 | ecb956ee95847206a9e11db82bed59fedc03ce35e4f75f05539af1c38591fb99a478eedec89ea1364ac3d0a655cf1441de7a6b9c3ad01b86a5d8e7383b811e3d |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d2
| MD5 | 78a8ffd7e2178444be7f7e7e9f63623e |
| SHA1 | 9091c60b530eb757743195c27ae5563c06bb85c4 |
| SHA256 | 8a31d782af13ae9128c4130657c40293c82e82a95021f39db31f0ed625e644b5 |
| SHA512 | 875f733e39adecf44a4110a7721a8b98f9b38ab9c6d483e8a9f17d014689c49a15a6e2a2c568f9f65dea57d5c28c34213d8f40ac5a4de240bc4f0fc6a70b42fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c8
| MD5 | 1473f8a94b63a755d573ed4fd1081db8 |
| SHA1 | f376d3446e5538d2e360f78a56cf9b615af30878 |
| SHA256 | 4536fc6db111d60eb6e9212866291cfd029e4fc8e5a18d9302bdfe21e8644273 |
| SHA512 | 4e97b53c3cd6c0b350c23f55fb11c5d0100aa16cd763ee834ac94811ad6ae8618bbd0f30c766f24b4b21181d963936ae1d68c96391f87f9c6bd81a0680317b63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d3
| MD5 | 23dccd50c1598cf87c321dd0e788e2e4 |
| SHA1 | 4697f41531098e96b97de4ca6626fd86621efb1e |
| SHA256 | 167b5e3d2fc6a069ef986144f71f70ca1ed8c4332846757c8aa4792703420635 |
| SHA512 | 00174629a41be7b3d69e0ef03041aab41adae416c39209934b8a9c3923350010ddf01ce8d37cedd6bd57769796b41ee3c18c1b393726988039b556416c20f676 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 59de154a1d0d941a170f177a7cba3bf4 |
| SHA1 | 5904b02ead792e7f71d4759b4412d4ad90c8498e |
| SHA256 | 3621196cdc4681271cb2db94035ae48931a7059831f8597da53c92079d5a7797 |
| SHA512 | 7e619d9321b1d591d501016304ecf063ad3fabd703304af61abc59287761ad1457c00111014024d9dc418c06beac53d921febcb8c06ac2a5bd9e811a1ac3a882 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 697a206b9b27eb975d47e7180aee8506 |
| SHA1 | dc79df8021ad029eceae2bb162b46cae543eb040 |
| SHA256 | fef03164b0ce88d9850619e65be5844068b5087517abc6dcbfe0755bb2117c19 |
| SHA512 | 71e5063f86842905bf6c120ac3fb3419c2112d013118cbab3a19ddff764e33147b0c2ea76a692384544c2effb93dbd842d3917decdfcb68113b69b841dff38cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2731dc70c7b4e648e35ee024b5e991ba |
| SHA1 | 7a7bbad720809f83f4e4d51e80e79ac850c8c6f8 |
| SHA256 | eae06d8e2875098d29c22b90ef4a1b981d886bc89c6058715f53acf289cad1a4 |
| SHA512 | e01045c38420862f2e52febccc4490d633e32e8b05dffc62b7b703c88260f0a3512b02c6aed56f6cdf8bdebf60fdcd08f9b84031feb687754dd4a7ad7e70beab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 60a361334f735943c9ef1dc8c3ba6e4e |
| SHA1 | db965064162aa39fed032dd3c8d3c8d474b27c46 |
| SHA256 | a22890c84cd37d5924080b6633cf404070517746c1d71dd4453a7a1605fe90c9 |
| SHA512 | 55dfbc836c1db5e8ba2e1e63f6a4f6cec18ecc0b345eb1ca0a858110ee6b92aaa201d1bb6f4a54c22c489f398cbf023175cd7ce26e53766b61e47167752cb2fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a878b8b91d749ec5491003ef2cd314d4 |
| SHA1 | bc16196f6614fca4328d89d07ff0cd5c1e75f694 |
| SHA256 | 852854a34ca1c0108cdb74672cd3e3278936d21e1029b351ee39a23b226ef331 |
| SHA512 | 3e3bb01f038fefb9b147bd96deeb5467f5dcfaa56af7682f4d913504a68fd90c4739d18a999119b4dd730bed5a3dc2b366c9e764db98a4e9ed5baea0e73b47e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e2a87a03650af86e23cc226650124d4 |
| SHA1 | cb95406f1c9f2d3b7ca25135e7fdfcbee7d7a159 |
| SHA256 | 0014c99cbc1bad6148119efb2eb53cfab1f073aeb810ac48c11c389644ad494a |
| SHA512 | 9fd1fe052fdac82c30d7da38532ca7ad22631122385a40f483cd8f22a6bdcdeaf8e0dfc950758d5fdd65a95f8aea07eccbdb28ca8ec18f5e7814181fa6cd90fa |
C:\Users\Admin\Downloads\Unconfirmed 583906.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2a4684f4d7647b31f507d44ae5f02834 |
| SHA1 | 1545696742432b75afdc279caac14017f85dbe63 |
| SHA256 | fef5d265d4cc53e1511a26c36ebf2bcc0fad57c52a16f69979376872585d8cec |
| SHA512 | dcf7556bc31e870eb42096009e92b1d9ea5efcad1f168d0b29af310df1b155a71386e440856ed67557d0b6e531511178e2e3d393ce92b5dcdd29e1d6a3555306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d709f73888d2249e88d6e7ea6badc357 |
| SHA1 | cf3cd52fd0acac1c24b4345387944718b112a437 |
| SHA256 | a0af07b53554fb6f36b4e3933c66da1719989d0ec3d7e2510be70f8d5884a796 |
| SHA512 | 21c269e3abd5537f6f62b1d9235a4ad3e562f7debd9bede9b82362f61d1c915f7c9fae7a088ae3bbdecda786120f531764db5de1464eb37f430687e2aa0d2e94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 32b69a3f1bf4a23a7b4113fa9679d76f |
| SHA1 | 6c3a008e950173d70c0467f534688585e3bef61a |
| SHA256 | 9c82c07fa6b8d24c88f79f19246ef6cfba78696cfb00dfc94bf1d2292e963c02 |
| SHA512 | 443e1c8fd1838299e0a5fb3787d2d84391a01e0f0e6563054dad2d28ce8b1dbe516d845edf2b3aae8ef3d3b1035dd53c9e7718ea290cbcb98c57650b9e981b48 |
C:\Users\Admin\AppData\Local\Temp\nsw5034.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 33bb560fd8322d441d9ac73d47b84a12 |
| SHA1 | 382c2f5b2e5992e1b0629b9467d4efc0fa6c1665 |
| SHA256 | 17505d85f967fd442cd2da69d93c49e91cb80462dc73ec88ec66859a311f6bce |
| SHA512 | 75e0a4a6a0c359658bbc78cd9c4f6977b3b8a02a1c6e1ad2ec55d00964c19039834ab5673d02f303835d5e5198c7bdbdee97112356c57a0d25af1d676812acd9 |
C:\Users\Admin\AppData\Local\Temp\nsw5044.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Temp\nsw5044.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsw5044.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Users\Admin\AppData\Local\Temp\nsw5044.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Temp\nsw5044.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\siteserverui\images\steam_spinner.png_
| MD5 | 220d457252003a47bd6c120b059c2a92 |
| SHA1 | 35f68a1017339b27c98a64d87540d7adcd241ad1 |
| SHA256 | 4d1f5f98d7e42ba4338d0388fb386344d5c374a47d45fde1ef5b3606080f5e8f |
| SHA512 | 7768d3c36cc77be7088a1ff5529e6cde2ccc1b0715c8f3dfbf7447685414e7982aa0202e85fb913eaae8be4ec70d3a8c5d09953e7f3ce524b97ba8d266f91d5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e1
| MD5 | 0e0bc6ab39c2edd36778f3464d7de6dc |
| SHA1 | fe67f81378646827ed47f88ae1f9569f60f759ea |
| SHA256 | 0241d56723b5adb0ad3f71e39e08abc2a06659b861e9743b2b63a30250425015 |
| SHA512 | b0675461158bef933d94b956fb5cf0905ee79a40495cf08dcf324e88105b83878124a688dff5b1effc52250405156b576f63147dde0425c93647b9ede6759a6b |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
memory/5468-15700-0x0000000000470000-0x0000000000922000-memory.dmp
memory/7248-15719-0x00007FFB43450000-0x00007FFB43451000-memory.dmp
memory/7248-15718-0x00007FFB42660000-0x00007FFB42661000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
memory/7592-15765-0x000000006FF30000-0x000000007131B000-memory.dmp
memory/7500-15773-0x0000029290370000-0x0000029290485000-memory.dmp
memory/1572-15774-0x000001C0B9A20000-0x000001C0B9B35000-memory.dmp
memory/7248-15783-0x0000020B60050000-0x0000020B600BB000-memory.dmp
memory/7248-15784-0x0000020B601E0000-0x0000020B602BA000-memory.dmp
memory/4888-15786-0x000001E998680000-0x000001E99875A000-memory.dmp
memory/4888-15785-0x000001E9984B0000-0x000001E99851B000-memory.dmp
memory/7592-15792-0x000000006FF30000-0x000000007131B000-memory.dmp
memory/7500-15801-0x0000029290370000-0x0000029290485000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 78d186c25c019aa01a721c38fdfa0122 |
| SHA1 | a34e46b5ba054c13b89f06710663bfa498826da8 |
| SHA256 | c921ac5cbf64dec62600989d8602967d86dbc94dfaa2b414865af825cf5ed909 |
| SHA512 | e26bc3c253ac19bf4f1d309cd29e9a1d15bfe5273b4918302a01ba56a7fe94a9d6c9434431ca70dae13cc274615f6870d4f1d57538b9b12e4e6b0f047ef41d1b |
memory/7592-15847-0x000000006FF30000-0x000000007131B000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 9261579ca9864fd9f2e61f5d70f23db1 |
| SHA1 | 75e3c7a29c80f5e193a65cdfdcebc36b0377ebf6 |
| SHA256 | fc8726de4c8fbe4fd2902e39a15d266f7a805fc2317b818fa45ccc85671faca3 |
| SHA512 | 05bede8d0191864b335a4505d0e6753b8ec0096bb2ab50c154fc77b9994fbaaef27a5546f80148f5da6b37d1a16ade059451720dad9153b31117819681ed9336 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe641212.TMP
| MD5 | fe8f8c181bf3b6b801550ecc6a216b8f |
| SHA1 | d23e0eb1f52b9edec9e780cf0136a7e05dd59120 |
| SHA256 | 7fd0e232fec9ceaa0a7825b2334b9ebaabe29a222c2531f916a181002dfd5e0d |
| SHA512 | a8ca9d10ca1125b5705a26905cbdb1f8d987dc54af1325504ede812349b92fcdfca98f24b2385a70bb0e4ff35bdcb13c03158eb54dbd8092c65d8ec14428afd1 |
memory/7592-15863-0x000000006FF30000-0x000000007131B000-memory.dmp
memory/7592-15870-0x000000006FF30000-0x000000007131B000-memory.dmp
memory/7592-15877-0x000000006FF30000-0x000000007131B000-memory.dmp
memory/7592-15885-0x000000006FF30000-0x000000007131B000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | e2271fc5b5d522ca176efc97838320c5 |
| SHA1 | 9e558c21d1e8cf68631acd0eb7e5ca0cc4e4644d |
| SHA256 | e8f7560ea32124cf20584e7ae35dc3301c43e0cc7c4c007feba03471b846d003 |
| SHA512 | 635442204c1ec5ff6e9e2cd09b2d7ca3ba80250d3c9dfe43bfd83733ab7524039cad75f373cb6b145d44446a00c3fe7689e9a4a9a0ded3a6b6f3fc1024c379ba |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe64af9a.TMP
| MD5 | 0b60cd46739e9c5b9f778c3fae7b5b67 |
| SHA1 | 1429cbe0213c68ac8938a3b76156c35125217cf9 |
| SHA256 | a0532a8db0c5c323e26350a146ea71af87ea2e5ba6e6fad4a52e5bde32271ea9 |
| SHA512 | f388ff37b7ab6b854eced253a4082111d4964745a5af4f6f9daa6dc46ef82ee89e704325365341f2438fcc967b792e3d6f1dc3d9bf5c28cdb79fb13c58d36b1c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\3a133182-fb75-4441-b30d-fffbb41f0ef4.tmp
| MD5 | 1a26cdb5f96820dca833275d1b9f8541 |
| SHA1 | 018edb24a42b15da02bc558ffc3e2a0fb7bdaf73 |
| SHA256 | 5831464ea472ad4ee486a0bf0fbb45743e3fa6e738aabfb737729781e527dae3 |
| SHA512 | 96d998030e4a669c18e0ec55e5b28f6b8523c832654b0a7894f04d2bf803e734b7eb7dc1e5f8a640f4c399988277236c56d9a40c9b67ca0459cda289dfed124a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe64c5b2.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping7500_1362749432\manifest.json
| MD5 | 32ef54fcac37d3d390c05880067559d6 |
| SHA1 | ab44258473c7c1a920596ccc33463a765e5fe60f |
| SHA256 | d97f5e50808d1ef75bb241df2dde8f7293b9bfcd498dc525e258c97b39564211 |
| SHA512 | 3bcdd94edb8b0df2d1684ef865f9711bf544c4c4f6adde927611b648dab2776e398e3b29681369a80e8c7ebfb9cd100ba8469ea69c5034ec023c796d8cbfefa0 |
C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping7500_1362749432\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | bd0d80595504d9140633fe1143ab0cf7 |
| SHA1 | 2ad7dd373f3808d62092c9266aefc0fff275a81e |
| SHA256 | 2c118b734cf4bd1a92cca7b747d2ed1016c03606b1971b3799cbdffa96d5342f |
| SHA512 | 84f686dfa2338a463729853b62c66983e56d4a47791f43ec5c953474a14470d71f32c2a59c0065fd66abc73fa1714c6e62e8ff1c6793a505d2131b8f99aa7fc8 |