Malware Analysis Report

2025-01-18 23:45

Sample ID 241109-m6vbjswlfk
Target ads.rar
SHA256 5823597ef4cb5af219548736e91dce71cc90599878807d4db29bec04a5239aea
Tags
steam discovery persistence phishing privilege_escalation
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

5823597ef4cb5af219548736e91dce71cc90599878807d4db29bec04a5239aea

Threat Level: Likely malicious

The file ads.rar was found to be: Likely malicious.

Malicious Activity Summary

steam discovery persistence phishing privilege_escalation

Downloads MZ/PE file

Checks computer location settings

Event Triggered Execution: Component Object Model Hijacking

A potential corporate email address has been identified in the URL: =@L

A potential corporate email address has been identified in the URL: prebid-universal-creative@latest

Executes dropped EXE

Modifies system executable filetype association

Loads dropped DLL

Checks installed software on the system

Drops desktop.ini file(s)

Adds Run key to start application

Detected potential entity reuse from brand STEAM.

Checks system information in the registry

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

System Network Configuration Discovery: Internet Connection Discovery

System Location Discovery: System Language Discovery

Browser Information Discovery

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: AddClipboardFormatListener

Checks processor information in registry

Runs ping.exe

Checks SCSI registry key(s)

Suspicious use of WriteProcessMemory

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Modifies Internet Explorer settings

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies system certificate store

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 11:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 11:05

Reported

2024-11-09 11:05

Platform

win7-20240903-en

Max time kernel

18s

Max time network

16s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"

Signatures

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-09 11:05

Reported

2024-11-09 11:21

Platform

win10v2004-20241007-en

Max time kernel

975s

Max time network

974s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"

Signatures

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: =@L

phishing

A potential corporate email address has been identified in the URL: prebid-universal-creative@latest

phishing

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\Downloads\Install VALORANT.exe N/A
N/A N/A C:\Users\Admin\Downloads\Install VALORANT.exe N/A
N/A N/A C:\Users\Admin\Downloads\Install VALORANT.exe N/A
N/A N/A C:\Users\Admin\Downloads\Install VALORANT.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamerrorreporter.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steamerrorreporter.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
N/A N/A C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Modifies system executable filetype association

persistence
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\Update\\OneDriveSetup.exe\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Standalone Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\StandaloneUpdater\\OneDriveSetup.exe\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" C:\Users\Admin\Downloads\SteamSetup.exe N/A

Checks installed software on the system

discovery

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Detected potential entity reuse from brand STEAM.

phishing steam

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\downlevel\api-ms-win-core-shutdown-l1-1-0.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\Microsoft.Bluetooth.UserService.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\NcdProp.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\spp.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\wshelper.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\downlevel\api-ms-win-core-kernel32-legacy-l1-1-1.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\69fe178f-26e7-43a9-aa7d-2b616b672dde_eventlogservice.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\CloudExperienceHostBroker.exe C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\DDORes.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\DevDispItemProvider.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\Dism\CbsProvider.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\ConsoleLogon.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\d3d9.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\dhcpcore.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\Unistore.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\WWanHC.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\downlevel\api-ms-win-core-errorhandling-l1-1-0.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\comdlg32.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\computecore.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\C_1149.NLS C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\d3d10_1core.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\dot3ui.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\gpsvc.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\manage-bde.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\modemui.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\bthprops.cpl C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\config\DEFAUL~1.LOG C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\configmanager2.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\cmdkey.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\dmdskres.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\pnppolicy.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\wininetlui.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\Dism\UnattendProvider.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\dmdskres.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\AuthBrokerUI.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\C_20284.NLS C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\autochk.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\shutdown.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\wsecedit.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\changepk.exe C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\immersivetpmvscmgrsvr.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\sdohlp.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\w32tm.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\webcheck.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\wevtsvc.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\dmusic.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\compmgmt.msc C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\cscui.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\icsvcext.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\securityhealthsso.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\TieringEngineService.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\Dism\de-DE\OfflineSetupProvider.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\dmcommandlineutils.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\DmOmaCpMo.exe C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\hid.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\MMDevAPI.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\powercfg.exe.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\altspace.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\cofiredm.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\dlnashext.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\Dism\es-ES\LogProvider.dll.mui C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\BingMaps.dll C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\cscript.exe C:\Windows\system32\cmd.exe N/A
File opened for modification C:\Windows\System32\de-DE\msdrm.dll.mui C:\Windows\system32\cmd.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\libcef.dll_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_050_menu_0060.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_lstick_up.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\joyconpair_left_sr_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_plus_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_l1_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_l4.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\gamepad_joystick.vdf_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_080_input_0020.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_ring.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_right.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rt_click_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\deck_ui_launch_game.wav_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0312.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_ukrainian.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\vgui_german.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_dpad_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0060.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\dualshock_4_spanish.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_outlined_button_a.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_gyro_roll_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_dpad_right.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\mega_btn_on.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_left_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_rstick_click_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_button_logo_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0302.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_tchinese.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\locale\co\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\loop_5.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_down.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\config\config.vdf.async3752.tmp C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\_metadata\verified_contents.json C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0418.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0140.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_up_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_touch_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\resources.pak_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_l_click_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_030_inv_0040.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_r3_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_swipe_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\InviteFriendResultSubPanel.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\Receipt_PayPal_Success.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0050.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\support_flag_right.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_right_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\locales\am.pak_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files\VideoLAN\VLC\locale\mn\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0318.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_010_wpn_0424.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\localization\friendsui_thai-json.js_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_button_mute_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\btnOvrOffTopLeft.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_r_ring_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\INF\digitalmediadevice.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_netdriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_computeaccelerator.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\INF\c_smrdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\wsdprint.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_ucm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_receiptprinter.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_swcomponent.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscopyprotection.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\xusb22.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsopenfilebackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsreplication.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_diskdrive.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_linedisplay.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_apo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsundelete.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\oposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_cashdrawer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\ts_generic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\miradisp.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsvirtualization.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_media.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\PerceptionSimulationSixDof.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystem.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_sslaccel.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_proximity.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsantivirus.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fshsm.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\INF\c_display.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_processor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsinfrastructure.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_monitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontinuousbackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_camera.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_magneticstripereader.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rawsilo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rdcameradriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsactivitymonitor.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\INF\c_fssystemrecovery.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_volume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscfsmetadataserver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsencryption.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssecurityenhancer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscompression.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsphysicalquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_barcodescanner.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_holographic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\dc1-controller.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\remoteposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontentscreener.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_mcx.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_extension.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_firmware.PNF C:\Windows\system32\mmc.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\SteamSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steamerrorreporter.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files\VideoLAN\VLC\uninstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steamerrorreporter.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steam.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\PING.EXE N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\mmc.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\wermgr.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\system32\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\system32\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\system32\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31142553" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{5BB90A9F-9E8C-11EF-9361-DEEFF298442C} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ab44cbc7ac5e824ba8748f8001f100a1000000000200000000001066000000010000200000008993c40a374f190a80818e88c9f5dd26d35f4b5195928ca15595e492925cede6000000000e8000000002000020000000f1affc627e0610323bbb6fd3825848343ad6a4378006c75758f9d1efd02b26f9200000007fea76bb25534c86ca19565085a5ad9aad3f4eeb6725609d16eb06af5b770fa140000000246d599000dc33b5e829f327a85c4a2a5958f1590e6f38c67412f9484594b30ef2aff0dab1befb4f657c55a3ff8aa5faad1313a7506e837b58d56f068d1c7576 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\MINIE C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff00000000240000000004000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "808204999" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31142553" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ab44cbc7ac5e824ba8748f8001f100a10000000002000000000010660000000100002000000042055f370881aa3c17f21a474d7b68c55f075aa5d3c422a88e814adf7524179d000000000e800000000200002000000061785acb9fd4d2a68278cd9fb0330d8be9f0ba6f01b1642a8839bf73409c49df20000000edbba343a958589f8c72b38b91d9b945aa61168401aae525db4fdb55c66b1dc840000000465d9cb00f8cb679e342bc3ff8ae220e746445087fbb21b20f41d50d3bc8c3292d8c7a9bcc7c672133446ced31c71386e9044ab7129f9b0798c30dacb6b7e645 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\IESettingSync C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "808214885" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50d442319932db01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\IESettingSync C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40004a319932db01 C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756239886531366" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}\ = "IOneDriveInfoProvider" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\IE.AssocFile.URL\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\Open\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\VersionIndependentProgID\ = "SyncEngineFileInfoProvider.SyncEngineFileInfoProvider" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9E0BD17B-2D3C-4656-B94D-03084F3FD9D4}\ProxyStubClsid32 C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.FileSyncClient C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.AutoPlayHandler\CurVer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{AEEBAD4E-3E0A-415B-9B94-19C499CD7B6A}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\mssharepointclient\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\Microsoft.SharePoint.exe\" /protocol:\"%1\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32\ = "{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.dav\shell\AddToPlaylistVLC\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.amr\DefaultIcon C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.dv\DefaultIcon C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\Open\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{C9F3F6BB-3172-4CD8-9EB7-37C9BE601C87}\1.0\FLAGS\ = "0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{638805C3-4BA3-4AC8-8AAC-71A0BA2BC284}\1.0\ = "FileCoAuthLibrary 1.0 Type Library" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{0f872661-c863-47a4-863f-c065c182858a}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ = "SyncEngineFileInfoProvider Class" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mkv\shell\AddToPlaylistVLC\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}\ = "ISetItemPropertiesCallback" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{679EC955-75AA-4FB2-A7ED-8C0152ECF409}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8D076AD6-9B6F-4150-A0FD-5D7E8C8CB02C} C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_CLASSES\WOW6432NODE\INTERFACE\{2B865677-AC3A-43BD-B9E7-BF6FCD3F0596}\TYPELIB C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{F904F88C-E60D-4327-9FA2-865AD075B400}\1.0\FLAGS C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\SyncEngineFileInfoProvider.SyncEngineFileInfoProvider\ = "SyncEngineFileInfoProvider Class" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_CLASSES\WOW6432NODE\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\TYPELIB C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ac3\shell\PlayWithVLC C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{22A68885-0FD9-42F6-9DED-4FB174DC7344}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\BannerNotificationHandler.BannerNotificationHandler\shell C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp2\shell\AddToPlaylistVLC C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ogv\shell\AddToPlaylistVLC\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.it\DefaultIcon C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\ProgID C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\CONTROL C:\Windows\system32\regsvr32.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\LocalServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe /cci /client=Personal" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.AutoPlayHandler.1 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.oga\shell\AddToPlaylistVLC\command C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\LocalServer32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.wma\shell\AddToPlaylistVLC C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files (x86)\Steam\steam.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Program Files (x86)\Steam\steam.exe N/A

Runs ping.exe

Description Indicator Process Target
N/A N/A C:\Windows\system32\PING.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1600 wrote to memory of 2004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 1140 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 3468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 3468 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1600 wrote to memory of 2696 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2200,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2268 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=2316,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4708,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4728 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4884,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4400,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3540 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4492,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4828,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4860,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5312,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5136,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5608,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5760,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5752 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6024,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6048 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6468,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6316,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6276,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6620 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6536,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=7068,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7160,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7320,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7312 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7180,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7292,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7728,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7444,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8092 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8364,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=8512,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7756 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8476,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7744 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8408,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7572 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7840,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7560 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7576,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7380 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8280,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8056 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7312,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7600 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7244,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7356,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8276 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8368,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8224,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8016 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7980,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8536,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8216,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5916 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=5920,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5012 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7528,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8780 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8788,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8804 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8740,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9032 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5932,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8756,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9292 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9468,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=9600,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9588,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8104,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9896 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=10060,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8764,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8760 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5744,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5780,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=5532,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6896 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9424,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc449e6f4h1d75h4604h8981hf25fdf94302c

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\wwahost.exe

"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault4f7a073ch8a33h45bahbb9eh133734e5ff8a

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=8372,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9788,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault5c60dcdbhfb08h477ch8c39hff5d2d43c0ec

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\VideoLAN\VLC\uninstall.exe

"C:\Program Files\VideoLAN\VLC\uninstall.exe"

C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe

"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=C:\Program Files\VideoLAN\VLC\

C:\Windows\SysWOW64\regsvr32.exe

"C:\Windows\system32\regsvr32.exe" /s /u "C:\Program Files\VideoLAN\VLC\axvlc.dll"

C:\Windows\system32\regsvr32.exe

/s /u "C:\Program Files\VideoLAN\VLC\axvlc.dll"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault35c46d8dh409bh4b99hbd1chd1870c59d4cb

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault983d4dc4hb397h4425hb9cah122be5f893d8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xd4,0x10c,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1852,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1836 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2176,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2252 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3260,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3660,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4644,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4656 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4776,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4768 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4364,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4356 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5048 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4388,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4888 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4416,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4400 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5028,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4824 /prefetch:1

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "7288" "936" "844" "940" "0" "0" "944" "948" "0" "0" "0" "0"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1944 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2044 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2280 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3212 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4588,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4508 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3168,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4684 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4716,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4776 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5008,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4764 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5136,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3192,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3240 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4f8 0x31c

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3424,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5060 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3920,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5676,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5680,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5812 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5612,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5624,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5348 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6020,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5876,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5376 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5428,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5656 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4548,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6236,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3504,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5808,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5688,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3464,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5788 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6312,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6420 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5620,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6192,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6428,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6620,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6624 /prefetch:8

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2108,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2100 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1824,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2464 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3208 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4552 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3880,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4736 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4840 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4836,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4784 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5036 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x228,0x274,0x7ff65d494698,0x7ff65d4946a4,0x7ff65d4946b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4412,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4864 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3444,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3220,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3432,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3172 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4568 /prefetch:8

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" /update /restart

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe /update /restart /peruser /childprocess /extractFilesWithLessThreadCount /renameReplaceOneDriveExe /renameReplaceODSUExe /removeNonCurrentVersions /enableODSUReportingMode

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4756,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4048,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3164,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5516,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5616 /prefetch:1

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe

/updateInstalled /background

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault28f70f2ch4942h413ehb7fdhfbc46cb02be5

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4940,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5332,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5980,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5444,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6008,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6036 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5328,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5452,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5852 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6204,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6012,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3456,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6288 /prefetch:1

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5900,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1148 /prefetch:8

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4540,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6272,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5556,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6300,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6120 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5924,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6276 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6524,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6720 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6348,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6868 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6864,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6816 /prefetch:1

C:\Users\Admin\Downloads\Install VALORANT.exe

"C:\Users\Admin\Downloads\Install VALORANT.exe"

C:\Users\Admin\Downloads\Install VALORANT.exe

"C:\Users\Admin\Downloads\Install VALORANT.exe" --agent --riotclient-app-port=55843 --riotclient-auth-token=FkApFKuzdfRBsQd7nJna7A --app-root=C:/Users/Admin/Downloads "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc

C:\Users\Admin\Downloads\Install VALORANT.exe

"C:\Users\Admin\Downloads\Install VALORANT.exe" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc --disable-auto-launch

C:\Users\Admin\Downloads\Install VALORANT.exe

"C:\Users\Admin\Downloads\Install VALORANT.exe" --agent --riotclient-app-port=55927 --riotclient-auth-token=Ar9awNaf9im0pOkiLIDQpQ --app-root=C:/Users/Admin/Downloads "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=3468,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=4736,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=6520,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5448,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1496 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5312,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4392,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5580 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5940,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6456 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5608,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3248 /prefetch:8

C:\Users\Admin\Downloads\SteamSetup.exe

"C:\Users\Admin\Downloads\SteamSetup.exe"

C:\Program Files (x86)\Steam\bin\steamservice.exe

"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Desktop\ApproveImport.gif

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5768 CREDAT:17410 /prefetch:2

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=3752" "-buildid=1730853027" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1730853027 --initial-client-data=0x27c,0x280,0x284,0x278,0x288,0x7ffef473af00,0x7ffef473af0c,0x7ffef473af18

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1604,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1608 --mojo-platform-channel-handle=1596 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2272,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2276 --mojo-platform-channel-handle=2260 /prefetch:3

C:\Program Files (x86)\Steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2808,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2812 --mojo-platform-channel-handle=2804 /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3160 --mojo-platform-channel-handle=3152 /prefetch:1

C:\Program Files (x86)\Steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\Windows\system32\PING.EXE

ping 8.8.8.8

C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Program Files (x86)\Steam\steamerrorreporter.exe

C:\Program Files (x86)\Steam\steam

C:\Program Files (x86)\Steam\steamerrorreporter.exe

C:\Program Files (x86)\Steam\steam

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=3924,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3928 --mojo-platform-channel-handle=3920 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1956 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1592,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2096,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2352 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4512,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4492,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4208 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4476,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4712 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4772 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5036,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5068 /prefetch:8

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3768,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3840 --mojo-platform-channel-handle=2084 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 73.82.67.80.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.187.234:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 142.250.187.234:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 speedtest.net udp
US 151.101.194.219:443 speedtest.net tcp
US 151.101.194.219:443 speedtest.net tcp
US 8.8.8.8:53 www.speedtest.net udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 219.194.101.151.in-addr.arpa udp
US 104.17.147.22:443 www.speedtest.net tcp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 b.cdnst.net udp
DE 92.122.215.75:443 cdn.ziffstatic.com tcp
US 8.8.8.8:53 b-code.liadm.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 diffuser-cdn.app-us1.com udp
US 3.165.232.83:443 b-code.liadm.com tcp
DE 92.122.215.75:443 cdn.ziffstatic.com udp
IE 3.162.142.187:443 c.amazon-adsystem.com tcp
US 104.18.128.216:443 diffuser-cdn.app-us1.com tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 prism.app-us1.com udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
IE 3.162.142.187:443 c.amazon-adsystem.com tcp
US 104.17.31.174:443 prism.app-us1.com tcp
US 8.8.8.8:53 cdn.static.zdbb.net udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
IT 92.123.48.219:443 cdn.static.zdbb.net tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
IE 13.224.68.126:443 config.aps.amazon-adsystem.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 i.liadm.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 rp.liadm.com udp
US 3.94.241.169:443 i.liadm.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 22.147.17.104.in-addr.arpa udp
US 8.8.8.8:53 75.215.122.92.in-addr.arpa udp
US 8.8.8.8:53 216.128.18.104.in-addr.arpa udp
US 8.8.8.8:53 83.232.165.3.in-addr.arpa udp
US 3.165.232.16:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 187.142.162.3.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 174.31.17.104.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 126.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 219.48.123.92.in-addr.arpa udp
US 44.195.5.240:443 rp.liadm.com tcp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 trackcmp.net udp
US 172.64.153.42:443 trackcmp.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
IE 3.162.148.221:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 d.turn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 live.rezync.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 zdbb.net udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 gurgle.speedtest.net udp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 185.89.211.84:443 ib.adnxs.com tcp
IE 52.16.55.91:443 dpm.demdex.net tcp
US 18.213.136.7:443 gurgle.speedtest.net tcp
US 8.8.8.8:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedlon.hyperoptic.com udp
US 8.8.8.8:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 3.165.148.118:443 live.rezync.com tcp
US 8.8.8.8:53 speedtest.london.macarne.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 st-1.fibrenest.net.prod.hosts.ooklaserver.net udp
US 64.74.236.31:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 londres.speedtest.angolacables.co.ao.prod.hosts.ooklaserver.net udp
IE 52.211.253.2:443 zdbb.net tcp
IE 34.246.139.66:443 match.prod.bidr.io tcp
NL 46.228.164.13:443 d.turn.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 185.225.24.21:8080 speedtest.london.macarne.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 a.ad.gt udp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 speedtestlon.orbital.net.prod.hosts.ooklaserver.net udp
GB 185.241.227.127:8080 st-1.fibrenest.net.prod.hosts.ooklaserver.net tcp
US 172.67.23.234:443 a.ad.gt tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 94.101.144.102:8080 speedtestlon.orbital.net.prod.hosts.ooklaserver.net tcp
GB 185.148.112.227:8080 londres.speedtest.angolacables.co.ao.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 p.rfihub.com udp
US 64.74.236.31:443 b1sync.zemanta.com tcp
IE 52.211.253.2:443 zdbb.net tcp
IE 34.246.139.66:443 match.prod.bidr.io tcp
NL 46.228.164.13:443 d.turn.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 16.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 169.241.94.3.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 240.5.195.44.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 42.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 221.148.162.3.in-addr.arpa udp
US 8.8.8.8:53 84.211.89.185.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 118.148.165.3.in-addr.arpa udp
US 8.8.8.8:53 91.55.16.52.in-addr.arpa udp
US 8.8.8.8:53 6.112.37.152.in-addr.arpa udp
US 8.8.8.8:53 252.101.10.45.in-addr.arpa udp
US 8.8.8.8:53 45.46.92.45.in-addr.arpa udp
US 8.8.8.8:53 21.24.225.185.in-addr.arpa udp
US 8.8.8.8:53 127.227.241.185.in-addr.arpa udp
US 8.8.8.8:53 21.82.148.51.in-addr.arpa udp
US 8.8.8.8:53 102.144.101.94.in-addr.arpa udp
US 8.8.8.8:53 17.12.22.31.in-addr.arpa udp
US 8.8.8.8:53 7.136.213.18.in-addr.arpa udp
US 8.8.8.8:53 1.8.82.185.in-addr.arpa udp
US 8.8.8.8:53 227.112.148.185.in-addr.arpa udp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 18.213.136.7:443 gurgle.zdbb.net tcp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 c2shb.pubgw.yahoo.com udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
DE 37.252.173.215:443 ib.adnxs-simple.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
US 8.8.8.8:53 p.ad.gt udp
US 3.94.241.169:443 i.liadm.com tcp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 8.8.8.8:53 ids.ad.gt udp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 id5-sync.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 52.16.55.91:443 dpm.demdex.net tcp
US 172.67.23.234:443 p.ad.gt tcp
US 35.164.11.89:443 ids.ad.gt tcp
US 35.164.11.89:443 ids.ad.gt tcp
US 35.164.11.89:443 ids.ad.gt tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
IE 54.74.74.210:443 bcp.crwdcntrl.net tcp
DE 162.19.138.116:443 id5-sync.com tcp
DE 141.95.33.120:443 id5-sync.com tcp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
GB 142.250.187.194:443 cm.g.doubleclick.net tcp
DE 37.252.172.123:443 secure.adnxs.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 172.67.23.234:443 p.ad.gt tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 static.criteo.net udp
US 35.164.11.89:443 ids.ad.gt tcp
NL 178.250.1.3:443 static.criteo.net tcp
IE 54.155.31.240:443 ad.360yield.com tcp
FR 5.196.111.72:443 sync.smartadserver.com tcp
US 35.164.11.89:443 ids.ad.gt tcp
US 8.8.8.8:53 31.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 56.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 150.93.78.3.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 2.253.211.52.in-addr.arpa udp
US 8.8.8.8:53 66.139.246.34.in-addr.arpa udp
US 8.8.8.8:53 82.49.171.54.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 210.74.74.54.in-addr.arpa udp
US 8.8.8.8:53 89.11.164.35.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 35.164.11.89:443 ids.ad.gt tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
IE 52.212.221.245:443 secure-us.imrworldwide.com tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 0e90550da78838e58fde34422e2b2a32.safeframe.googlesyndication.com udp
US 8.8.8.8:53 gum.criteo.com udp
IE 176.34.255.223:443 rtb.gumgum.com tcp
GB 216.58.213.1:443 0e90550da78838e58fde34422e2b2a32.safeframe.googlesyndication.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
US 104.22.4.69:443 pixels.ad.gt tcp
IE 3.162.140.119:443 cdn-gl.imrworldwide.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 142.250.187.194:443 cm.g.doubleclick.net udp
BE 66.102.1.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 bee.imrworldwide.com udp
IE 52.212.221.245:443 secure-us.imrworldwide.com tcp
IE 3.162.140.78:443 bee.imrworldwide.com tcp
US 151.101.2.219:443 b.cdnst.net tcp
NL 185.89.211.84:443 ib.adnxs.com tcp
US 8.8.8.8:53 dis.eu.criteo.com udp
IE 3.162.140.119:443 cdn-gl.imrworldwide.com tcp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
US 8.8.8.8:53 c.pm-serv.co udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 hblg.media.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
CH 23.32.112.27:443 hblg.media.net tcp
CH 23.32.112.27:443 hblg.media.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 warp.media.net udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 lg3-a.akamaihd.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
IT 92.123.48.226:443 c.pm-serv.co tcp
US 8.8.8.8:53 a4497.casalemedia.com udp
IT 92.123.48.226:443 c.pm-serv.co tcp
US 8.8.8.8:53 a5081.casalemedia.com udp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 240.31.155.54.in-addr.arpa udp
US 8.8.8.8:53 72.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 34.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 245.221.212.52.in-addr.arpa udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 119.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 155.1.102.66.in-addr.arpa udp
US 8.8.8.8:53 78.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 219.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 223.255.34.176.in-addr.arpa udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
CA 185.170.63.89:443 a4497.casalemedia.com tcp
CA 185.170.62.103:443 a5081.casalemedia.com tcp
US 23.45.68.28:443 contextual.media.net tcp
CH 173.222.108.113:443 lg3-a.akamaihd.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
NL 46.228.164.13:443 d.turn.com tcp
IT 92.123.48.226:443 c.pm-serv.co udp
US 8.8.8.8:53 l.pm-serv.co udp
US 8.8.8.8:53 s0.2mdn.net udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 23.45.68.28:443 contextual.media.net udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
GB 172.217.16.230:443 s0.2mdn.net tcp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 c21lg-d.media.net udp
US 8.8.8.8:53 medianet-match.dotomi.com udp
GB 142.250.187.194:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 104.18.36.155:443 ssum-sec.casalemedia.com udp
NL 35.214.136.108:443 x.bidswitch.net tcp
GB 172.217.16.230:443 s0.2mdn.net udp
NL 35.214.136.108:443 x.bidswitch.net udp
GB 142.250.187.194:443 cm.g.doubleclick.net udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 ice.360yield.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
NL 89.207.16.201:443 medianet-match.dotomi.com tcp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
NL 89.207.16.201:443 medianet-match.dotomi.com tcp
US 8.8.8.8:53 27.112.32.23.in-addr.arpa udp
NL 89.207.16.201:443 medianet-match.dotomi.com tcp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.48.123.92.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 121.51.243.77.in-addr.arpa udp
IE 52.17.111.23:443 ice.360yield.com tcp
US 8.8.8.8:53 89.63.170.185.in-addr.arpa udp
US 8.8.8.8:53 103.62.170.185.in-addr.arpa udp
US 8.8.8.8:53 113.108.222.173.in-addr.arpa udp
US 8.8.8.8:53 28.68.45.23.in-addr.arpa udp
US 8.8.8.8:53 230.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 8.8.8.8:53 cm.adgrx.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 n.pm-serv.co udp
DE 37.252.172.123:443 secure.adnxs.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
US 34.160.55.127:443 n.pm-serv.co tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 t.adx.opera.com udp
IE 52.215.155.11:443 cm.adgrx.com tcp
US 151.101.194.49:443 sync-tm.everesttech.net tcp
IE 34.251.118.136:443 pr-bh.ybp.yahoo.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 98.82.157.137:443 s.amazon-adsystem.com tcp
US 52.204.245.185:443 sync.srv.stackadapt.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 idx.liadm.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 ookla-d.openx.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 23.45.68.246:443 ads.pubmatic.com tcp
US 23.45.69.73:443 eus.rubiconproject.com tcp
US 35.244.159.8:443 ookla-d.openx.net tcp
US 3.93.160.245:443 idx.liadm.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 201.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
NL 178.250.1.11:443 gum.criteo.com tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 8.8.8.8:53 cs.media.net udp
US 8.8.8.8:53 ads.betweendigital.com udp
US 8.8.8.8:53 sonata-notifications.taptapnetworks.com udp
NL 188.42.189.197:443 ads.betweendigital.com tcp
US 8.8.8.8:53 ad.sxp.smartclip.net udp
US 8.8.8.8:53 ad.yieldlab.net udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 35.186.194.101:443 ad.sxp.smartclip.net tcp
US 35.186.194.101:443 ad.sxp.smartclip.net tcp
US 23.45.68.116:443 ad.yieldlab.net tcp
US 23.45.68.116:443 ad.yieldlab.net tcp
DE 18.195.150.101:443 sonata-notifications.taptapnetworks.com tcp
US 8.8.8.8:53 38.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 23.111.17.52.in-addr.arpa udp
US 8.8.8.8:53 49.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 127.55.160.34.in-addr.arpa udp
US 8.8.8.8:53 62.64.227.64.in-addr.arpa udp
US 8.8.8.8:53 11.155.215.52.in-addr.arpa udp
US 8.8.8.8:53 136.118.251.34.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 73.69.45.23.in-addr.arpa udp
US 8.8.8.8:53 246.68.45.23.in-addr.arpa udp
US 8.8.8.8:53 137.157.82.98.in-addr.arpa udp
US 8.8.8.8:53 185.245.204.52.in-addr.arpa udp
US 8.8.8.8:53 245.160.93.3.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 197.189.42.188.in-addr.arpa udp
US 8.8.8.8:53 101.194.186.35.in-addr.arpa udp
IE 54.170.33.189:443 sync.crwdcntrl.net tcp
US 8.8.8.8:53 dsum.casalemedia.com udp
US 35.186.194.101:443 ad.sxp.smartclip.net udp
US 8.8.8.8:53 9qcc6xcq1ojqppcywi10stog1emgs1731150380.nuid.imrworldwide.com udp
US 3.165.232.121:443 9qcc6xcq1ojqppcywi10stog1emgs1731150380.nuid.imrworldwide.com tcp
US 8.8.8.8:53 r.casalemedia.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 101.150.195.18.in-addr.arpa udp
US 8.8.8.8:53 116.68.45.23.in-addr.arpa udp
US 8.8.8.8:53 189.33.170.54.in-addr.arpa udp
US 8.8.8.8:53 121.232.165.3.in-addr.arpa udp
DK 37.157.2.230:443 c1.adform.net tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 simage2.pubmatic.com udp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
IE 52.95.118.179:443 aax-eu.amazon-adsystem.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 8.8.8.8:53 pool.admedo.com udp
BE 35.206.140.87:443 pool.admedo.com tcp
BE 35.206.140.87:443 pool.admedo.com udp
US 8.8.8.8:53 dsp-cookie.adfarm1.adition.com udp
US 8.8.8.8:53 pixel.onaudience.com udp
DK 77.243.51.121:443 uipglob.semasio.net tcp
FR 54.38.113.3:443 pixel.onaudience.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 172.67.40.173:443 mwzeom.zeotap.com tcp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
NL 34.91.62.186:443 um.simpli.fi tcp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 pubmatic-match.dotomi.com udp
NL 185.184.8.90:443 creativecdn.com tcp
NL 63.215.202.137:443 pubmatic-match.dotomi.com tcp
US 8.8.8.8:53 ps.eyeota.net udp
US 8.8.8.8:53 related.insightfulguide.net udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 179.118.95.52.in-addr.arpa udp
US 8.8.8.8:53 87.140.206.35.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 8.8.8.8:53 3.113.38.54.in-addr.arpa udp
US 8.8.8.8:53 12.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 186.62.91.34.in-addr.arpa udp
US 8.8.8.8:53 217.210.82.80.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 137.202.215.63.in-addr.arpa udp
DE 52.57.150.20:443 ps.eyeota.net tcp
US 34.117.32.153:443 related.insightfulguide.net tcp
US 8.8.8.8:53 image4.pubmatic.com udp
NL 198.47.127.20:443 image4.pubmatic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
US 8.8.8.8:53 jogger.zdbb.net udp
US 8.8.8.8:53 tags.bkrtx.com udp
US 52.87.93.211:443 jogger.zdbb.net tcp
CH 104.77.21.153:443 tags.bkrtx.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 20.150.57.52.in-addr.arpa udp
US 8.8.8.8:53 153.32.117.34.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 153.21.77.104.in-addr.arpa udp
US 8.8.8.8:53 211.93.87.52.in-addr.arpa udp
US 8.8.8.8:53 simage4.pubmatic.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 142.250.178.14:443 clients2.google.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 67.209.201.84.in-addr.arpa udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
US 8.8.8.8:53 dsp.360yield.com udp
US 8.8.8.8:53 dsp-ap.eskimi.com udp
IE 52.31.215.85:443 dsp.360yield.com tcp
US 8.8.8.8:53 ad.mrtnsvr.com udp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
IE 34.246.139.66:443 match.prod.bidr.io tcp
US 8.8.8.8:53 csync.loopme.me udp
NL 35.214.208.189:443 csync.loopme.me tcp
GB 142.250.187.194:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 85.215.31.52.in-addr.arpa udp
US 8.8.8.8:53 6.163.102.34.in-addr.arpa udp
US 8.8.8.8:53 ipac.ctnsnet.com udp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
FR 149.202.238.105:443 rtb-csync.smartadserver.com tcp
SE 13.53.196.230:443 d5p.de17a.com tcp
US 8.8.8.8:53 core.iprom.net udp
SI 195.5.165.20:443 core.iprom.net tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 bh.contextweb.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 8.8.8.8:53 green.erne.co udp
FR 141.94.161.158:443 green.erne.co tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 pixel-eu.onaudience.com udp
FR 54.38.113.7:443 pixel-eu.onaudience.com tcp
US 8.8.8.8:53 a.tribalfusion.com udp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
US 8.8.8.8:53 ad.turn.com udp
NL 46.228.164.11:443 ad.turn.com tcp
US 8.8.8.8:53 matching.truffle.bid udp
US 8.8.8.8:53 bidberry.net udp
DE 23.88.86.2:443 matching.truffle.bid tcp
DE 57.129.39.243:443 bidberry.net tcp
US 8.8.8.8:53 48.63.42.188.in-addr.arpa udp
US 8.8.8.8:53 189.208.214.35.in-addr.arpa udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 105.238.202.149.in-addr.arpa udp
US 8.8.8.8:53 230.196.53.13.in-addr.arpa udp
US 8.8.8.8:53 20.165.5.195.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 158.161.94.141.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 7.113.38.54.in-addr.arpa udp
US 8.8.8.8:53 63.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 11.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 sync.targeting.unrulymedia.com udp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 s.tribalfusion.com udp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
DE 23.88.86.2:443 matching.truffle.bid tcp
US 8.8.8.8:53 243.39.129.57.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
NL 178.250.1.56:443 bidder.criteo.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
US 172.64.151.101:443 r.casalemedia.com udp
NL 185.89.211.84:443 ib.adnxs.com tcp
US 35.186.253.211:443 rtb.openx.net udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 54.171.49.82:443 c2shb.pubgw.yahoo.com tcp
US 8.8.8.8:53 ssp-sync.criteo.com udp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
DE 37.252.172.123:443 secure.adnxs.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
GB 142.250.200.34:443 ade.googlesyndication.com udp
US 8.8.8.8:53 57.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
IT 92.123.48.226:443 l.pm-serv.co udp
US 23.45.68.28:443 contextual.media.net udp
GB 142.250.180.4:443 www.google.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 142.250.200.34:443 ade.googlesyndication.com udp
GB 142.250.200.34:443 ade.googlesyndication.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 cc.adingo.jp udp
US 35.186.253.211:443 rtb.openx.net tcp
US 8.8.8.8:53 pn.ybp.yahoo.com udp
IE 54.77.178.239:443 pn.ybp.yahoo.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
GB 142.250.200.34:443 ade.googlesyndication.com tcp
JP 35.76.248.63:443 cc.adingo.jp tcp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 133.191.110.104.in-addr.arpa udp
US 8.8.8.8:53 239.178.77.54.in-addr.arpa udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 cdn.js7k.com udp
US 8.8.8.8:53 s.yimg.com udp
US 8.8.8.8:53 servedby.flashtalking.com udp
GB 87.248.114.11:443 s.yimg.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
US 23.45.68.228:443 servedby.flashtalking.com tcp
US 54.152.32.181:443 pixel.adsafeprotected.com tcp
US 8.8.8.8:53 ajs-assets.ftstatic.com udp
IE 3.162.140.107:443 ajs-assets.ftstatic.com tcp
US 8.8.8.8:53 agen-assets.ftstatic.com udp
US 8.8.8.8:53 static.adsafeprotected.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
IE 13.224.68.5:443 agen-assets.ftstatic.com tcp
GB 18.172.89.36:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 54.235.131.251:443 dt.adsafeprotected.com tcp
US 54.235.131.251:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 cdn.flashtalking.com udp
US 8.8.8.8:53 premierinn.demdex.net udp
IE 3.162.140.108:443 cdn.flashtalking.com tcp
IE 3.162.140.108:443 cdn.flashtalking.com tcp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 63.248.76.35.in-addr.arpa udp
US 8.8.8.8:53 228.68.45.23.in-addr.arpa udp
US 8.8.8.8:53 5.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 107.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 36.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 251.131.235.54.in-addr.arpa udp
US 8.8.8.8:53 181.32.152.54.in-addr.arpa udp
US 8.8.8.8:53 108.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 ad-events.flashtalking.com udp
US 8.8.8.8:53 stat.flashtalking.com udp
GB 18.170.252.3:443 stat.flashtalking.com tcp
GB 18.169.60.99:443 stat.flashtalking.com tcp
US 8.8.8.8:53 acdn.adnxs.com udp
CH 80.67.82.107:443 acdn.adnxs.com tcp
US 8.8.8.8:53 3.252.170.18.in-addr.arpa udp
US 8.8.8.8:53 99.60.169.18.in-addr.arpa udp
NL 185.89.211.84:443 ib.adnxs.com tcp
US 8.8.8.8:53 107.82.67.80.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 196.120.55.162.in-addr.arpa udp
DE 162.55.120.196:443 matching.truffle.bid tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 cxcs.microsoft.net udp
US 95.100.195.182:443 www.bing.com tcp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 195.195.62.23.in-addr.arpa udp
US 8.8.8.8:53 182.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 95.16.208.104.in-addr.arpa udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
IE 52.212.221.245:443 secure-us.imrworldwide.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 nrb.ybp.yahoo.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
BE 66.102.1.155:443 stats.g.doubleclick.net udp
IE 54.228.54.61:443 nrb.ybp.yahoo.com tcp
US 8.8.8.8:53 61.54.228.54.in-addr.arpa udp
GB 142.250.179.228:443 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
GB 142.250.200.42:443 ogads-pa.googleapis.com udp
GB 142.250.200.42:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
US 8.8.8.8:53 chrome.google.com udp
GB 216.58.201.110:443 chrome.google.com tcp
US 151.101.194.219:443 b.cdnst.net tcp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.42:443 ogads-pa.googleapis.com tcp
GB 142.250.200.42:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 2.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 155.225.20.2.in-addr.arpa udp
US 8.8.8.8:53 197.87.175.4.in-addr.arpa udp
US 20.97.190.213:443 fe2cr.update.microsoft.com tcp
US 8.8.8.8:53 download.windowsupdate.com udp
US 199.232.210.172:80 download.windowsupdate.com tcp
US 8.8.8.8:53 213.190.97.20.in-addr.arpa udp
N/A 239.255.255.250:3702 udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa udp
N/A 239.255.255.250:3702 udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 speedtest.net udp
US 151.101.2.219:443 speedtest.net tcp
US 8.8.8.8:53 ogs.google.com udp
GB 216.58.201.110:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 172.217.169.3:443 www.google.co.uk tcp
GB 172.217.16.238:443 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 toastyy.de udp
US 76.76.21.21:443 toastyy.de tcp
US 76.76.21.21:443 toastyy.de tcp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 21.21.76.76.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
SG 74.125.130.94:443 id.google.com tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
SG 74.125.130.94:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 94.130.125.74.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.amazon.com udp
US 8.8.8.8:53 m.media-amazon.com udp
US 8.8.8.8:53 images-na.ssl-images-amazon.com udp
US 8.8.8.8:53 na.mesk.skill.music.a2z.com udp
IE 13.224.68.77:443 na.mesk.skill.music.a2z.com tcp
IE 13.224.68.77:443 na.mesk.skill.music.a2z.com tcp
US 8.8.8.8:53 completion.amazon.com udp
US 151.101.129.16:443 m.media-amazon.com tcp
US 8.8.8.8:53 d5fx445wy2wpk.cloudfront.net udp
US 3.165.223.210:443 images-na.ssl-images-amazon.com tcp
US 3.165.223.210:443 images-na.ssl-images-amazon.com tcp
IE 99.86.122.82:443 d5fx445wy2wpk.cloudfront.net tcp
IE 99.86.122.82:443 d5fx445wy2wpk.cloudfront.net tcp
IE 99.86.122.82:443 d5fx445wy2wpk.cloudfront.net tcp
IE 99.86.122.82:443 d5fx445wy2wpk.cloudfront.net tcp
US 151.101.129.16:443 m.media-amazon.com udp
US 151.101.129.16:443 m.media-amazon.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 fls-na.amazon.com udp
US 54.87.191.225:443 fls-na.amazon.com tcp
US 8.8.8.8:53 16.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 77.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 210.223.165.3.in-addr.arpa udp
US 8.8.8.8:53 82.122.86.99.in-addr.arpa udp
US 3.165.223.210:443 images-na.ssl-images-amazon.com udp
US 8.8.8.8:53 client.rum.us-east-1.amazonaws.com udp
US 8.8.8.8:53 cdn.branch.io udp
IE 3.162.140.34:443 client.rum.us-east-1.amazonaws.com tcp
US 3.165.232.54:443 cdn.branch.io tcp
US 8.8.8.8:53 cognito-identity.us-east-1.amazonaws.com udp
US 3.165.230.187:443 www.amazon.com tcp
US 3.165.230.187:443 www.amazon.com tcp
US 54.156.25.28:443 cognito-identity.us-east-1.amazonaws.com tcp
US 44.215.128.78:443 completion.amazon.com tcp
US 8.8.8.8:53 app.link udp
IE 13.224.68.74:443 app.link tcp
US 8.8.8.8:53 unagi-na.amazon.com udp
US 8.8.8.8:53 api2.branch.io udp
US 44.215.129.38:443 unagi-na.amazon.com tcp
IE 3.162.140.92:443 api2.branch.io tcp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 225.191.87.54.in-addr.arpa udp
US 8.8.8.8:53 34.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 54.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 187.230.165.3.in-addr.arpa udp
US 8.8.8.8:53 74.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 28.25.156.54.in-addr.arpa udp
US 8.8.8.8:53 78.128.215.44.in-addr.arpa udp
US 8.8.8.8:53 92.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 session.app-performance.music.amazon.dev udp
US 54.80.71.94:443 session.app-performance.music.amazon.dev tcp
US 8.8.8.8:53 trace.app-performance.music.amazon.dev udp
US 3.165.230.187:443 www.amazon.com udp
US 34.204.27.196:443 trace.app-performance.music.amazon.dev tcp
US 8.8.8.8:53 sts.us-east-1.amazonaws.com udp
US 8.8.8.8:53 unagi.amazon.com udp
US 44.215.132.93:443 unagi.amazon.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 67.220.242.104:443 sts.us-east-1.amazonaws.com tcp
IE 3.162.142.187:443 c.amazon-adsystem.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 44.215.132.93:443 unagi.amazon.com tcp
US 8.8.8.8:53 94.71.80.54.in-addr.arpa udp
US 8.8.8.8:53 38.129.215.44.in-addr.arpa udp
US 8.8.8.8:53 196.27.204.34.in-addr.arpa udp
US 8.8.8.8:53 93.132.215.44.in-addr.arpa udp
US 8.8.8.8:53 104.242.220.67.in-addr.arpa udp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 music.amazon.com udp
IE 3.162.144.232:443 music.amazon.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 match.360yield.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 pbs.yahoo.com udp
US 8.8.8.8:53 usersync.samplicio.us udp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 www.imdb.com udp
US 8.8.8.8:53 geo.ads.audio.thisisdax.com udp
US 8.8.8.8:53 amazon.partners.tremorhub.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
IE 108.128.65.103:443 match.360yield.com tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
GB 87.248.114.12:443 pbs.yahoo.com tcp
US 8.8.8.8:53 ads.samba.tv udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 172.64.146.152:443 capi.connatix.com tcp
DE 3.67.108.241:443 usersync.samplicio.us tcp
NL 35.214.251.236:443 geo.ads.audio.thisisdax.com tcp
IE 3.162.142.56:443 www.imdb.com tcp
FR 5.196.111.73:443 rtb-csync.smartadserver.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 54.209.127.15:443 ads.samba.tv tcp
US 44.215.132.93:443 unagi.amazon.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 odr.mookie1.com udp
IE 34.248.128.122:443 dpm.demdex.net tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 bs.serving-sys.com udp
US 8.8.8.8:53 cookie-matching.mediarithmics.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 231.157.82.98.in-addr.arpa udp
US 8.8.8.8:53 232.144.162.3.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 152.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 103.65.128.108.in-addr.arpa udp
US 8.8.8.8:53 241.108.67.3.in-addr.arpa udp
US 8.8.8.8:53 236.251.214.35.in-addr.arpa udp
US 8.8.8.8:53 73.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 56.142.162.3.in-addr.arpa udp
US 8.8.8.8:53 122.128.248.34.in-addr.arpa udp
SG 74.125.130.94:443 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 accounts.server.lan udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 is1-ssl.mzstatic.com udp
IT 2.20.224.30:443 is1-ssl.mzstatic.com tcp
US 8.8.8.8:53 30.224.20.2.in-addr.arpa udp
US 3.165.223.210:443 images-na.ssl-images-amazon.com udp
US 8.8.8.8:53 aa.agkn.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 tags.bluekai.com udp
US 8.8.8.8:53 amazon.partners.tremorhub.com udp
US 8.8.8.8:53 cms.analytics.yahoo.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 beacon.krxd.net udp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 34.160.236.64:443 odr.mookie1.com tcp
GB 87.248.114.12:443 cms.analytics.yahoo.com tcp
DE 52.29.6.179:443 aa.agkn.com tcp
US 23.192.21.147:443 tags.bluekai.com tcp
US 104.22.51.98:443 spl.zeotap.com tcp
DK 37.157.5.87:443 c1.adform.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
DE 3.67.156.62:443 bs.serving-sys.com tcp
FR 54.36.150.182:443 cookie-matching.mediarithmics.com tcp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
GB 172.217.169.34:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 usermatch.krxd.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 lm.serving-sys.com udp
US 3.165.232.46:443 sb.scorecardresearch.com tcp
US 35.244.159.8:443 us-u.openx.net tcp
DE 3.65.151.29:443 lm.serving-sys.com tcp
GB 172.217.169.34:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
DK 77.243.51.121:443 uipglob.semasio.net tcp
US 8.8.8.8:53 www.facebook.com udp
IE 54.78.254.47:443 loadus.exelator.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 35.241.62.124:443 lciapi.ninthdecimal.com tcp
US 8.8.8.8:53 pi.ispot.tv udp
US 8.8.8.8:53 sync.taboola.com udp
US 151.101.194.132:443 pi.ispot.tv tcp
NL 141.226.228.48:443 sync.taboola.com tcp
US 8.8.8.8:53 64.236.160.34.in-addr.arpa udp
US 8.8.8.8:53 147.21.192.23.in-addr.arpa udp
US 8.8.8.8:53 98.51.22.104.in-addr.arpa udp
US 8.8.8.8:53 179.6.29.52.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 87.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 62.156.67.3.in-addr.arpa udp
US 8.8.8.8:53 182.150.36.54.in-addr.arpa udp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 46.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 29.151.65.3.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 124.62.241.35.in-addr.arpa udp
US 8.8.8.8:53 47.254.78.54.in-addr.arpa udp
US 8.8.8.8:53 132.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 44.215.132.93:443 unagi.amazon.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 update.msiservers.lan udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.200.14:443 google.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 216.58.213.1:443 lh5.googleusercontent.com tcp
GB 216.58.213.1:443 lh5.googleusercontent.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 reformeronline.com udp
US 173.254.56.12:443 reformeronline.com tcp
US 8.8.8.8:53 12.56.254.173.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 twitter.com udp
US 104.244.42.65:443 twitter.com tcp
US 104.244.42.65:443 twitter.com tcp
US 8.8.8.8:53 x.com udp
US 104.244.42.129:443 x.com tcp
US 8.8.8.8:53 65.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 t.co udp
GB 151.101.188.159:443 abs.twimg.com tcp
US 8.8.8.8:53 pbs.twimg.com udp
US 172.66.0.227:443 t.co tcp
US 8.8.8.8:53 api.x.com udp
GB 151.101.188.159:443 pbs.twimg.com tcp
US 8.8.8.8:53 api.twitter.com udp
US 104.244.42.194:443 api.x.com tcp
US 104.244.42.66:443 api.twitter.com tcp
US 8.8.8.8:53 video.twimg.com udp
GB 151.101.188.159:443 pbs.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
US 8.8.8.8:53 abs-0.twimg.com udp
GB 146.75.72.158:443 video.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 8.8.8.8:53 129.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 159.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 227.0.66.172.in-addr.arpa udp
US 8.8.8.8:53 194.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 66.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 158.72.75.146.in-addr.arpa udp
US 8.8.8.8:53 131.43.244.104.in-addr.arpa udp
US 104.244.42.194:443 api.x.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 appleid.cdn-apple.com udp
NL 173.194.69.84:443 accounts.google.com tcp
CH 104.77.37.101:443 appleid.cdn-apple.com tcp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com tcp
US 104.244.42.65:443 x.com tcp
US 8.8.8.8:53 101.37.77.104.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 watchpeopledie-tv.webpkgcache.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.179.225:443 watchpeopledie-tv.webpkgcache.com tcp
GB 142.250.179.225:443 watchpeopledie-tv.webpkgcache.com udp
US 8.8.8.8:53 225.179.250.142.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 watchpeopledie.tv udp
US 8.8.8.8:53 accounts.server.lan udp
US 104.26.12.148:443 watchpeopledie.tv tcp
GB 142.250.179.225:443 watchpeopledie-tv.webpkgcache.com udp
US 104.26.12.148:443 watchpeopledie.tv tcp
US 104.26.12.148:443 watchpeopledie.tv tcp
US 104.26.12.148:443 watchpeopledie.tv tcp
US 104.26.12.148:443 watchpeopledie.tv tcp
US 104.26.12.148:443 watchpeopledie.tv tcp
US 8.8.8.8:53 i.watchpeopledie.tv udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv tcp
US 104.26.12.148:443 i.watchpeopledie.tv udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 104.26.12.148:443 i.watchpeopledie.tv udp
US 8.8.8.8:53 148.12.26.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 92.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 35.169.36.23.in-addr.arpa udp
US 8.8.8.8:53 accounts.server.lan udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
GB 142.250.178.14:443 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 webcamtests.com udp
US 104.21.70.137:443 webcamtests.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 104.21.70.137:443 webcamtests.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com udp
GB 172.217.16.238:443 encrypted-tbn1.gstatic.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
US 8.8.8.8:53 static.webcamtests.com udp
US 172.67.223.209:443 static.webcamtests.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 137.70.21.104.in-addr.arpa udp
US 8.8.8.8:53 209.223.67.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 132.194.113.52.in-addr.arpa udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
GB 172.217.169.66:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 172.217.169.33:443 ep2.adtrafficquality.google tcp
GB 172.217.169.33:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 33.169.217.172.in-addr.arpa udp
US 104.21.70.137:443 static.webcamtests.com tcp
GB 172.217.169.33:443 ep2.adtrafficquality.google tcp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 216.58.204.81:443 csp.withgoogle.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
GB 142.250.200.33:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ad.turn.com udp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 pm.w55c.net udp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
DK 37.157.5.87:443 c1.adform.net tcp
GB 172.217.169.34:443 cm.g.doubleclick.net tcp
DK 37.157.5.87:443 c1.adform.net tcp
GB 172.217.169.34:443 cm.g.doubleclick.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
DK 37.157.5.87:443 c1.adform.net tcp
GB 172.217.169.34:443 cm.g.doubleclick.net tcp
NL 35.204.74.118:443 um.simpli.fi tcp
NL 35.204.74.118:443 um.simpli.fi tcp
IE 34.251.26.95:443 pr-bh.ybp.yahoo.com tcp
IE 34.251.26.95:443 pr-bh.ybp.yahoo.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
IE 34.249.168.140:443 pm.w55c.net tcp
IE 34.249.168.140:443 pm.w55c.net tcp
US 8.8.8.8:53 81.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 172.217.169.34:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 r.turn.com udp
GB 172.217.169.33:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 118.74.204.35.in-addr.arpa udp
US 8.8.8.8:53 95.26.251.34.in-addr.arpa udp
US 8.8.8.8:53 140.168.249.34.in-addr.arpa udp
GB 172.217.169.66:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
US 95.100.195.181:443 www.bing.com tcp
US 8.8.8.8:53 181.195.100.95.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.14:443 www.youtube.com udp
US 8.8.8.8:53 22.180.250.142.in-addr.arpa udp
GB 172.217.169.14:443 www.youtube.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.201.102:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 102.201.58.216.in-addr.arpa udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 172.217.169.14:443 www.youtube.com udp
US 8.8.8.8:53 rr4---sn-aigl6nz7.googlevideo.com udp
GB 74.125.168.105:443 rr4---sn-aigl6nz7.googlevideo.com tcp
GB 74.125.168.105:443 rr4---sn-aigl6nz7.googlevideo.com tcp
US 8.8.8.8:53 rr2---sn-aigl6nzk.googlevideo.com udp
GB 74.125.175.103:443 rr2---sn-aigl6nzk.googlevideo.com udp
GB 142.250.180.22:443 i.ytimg.com udp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 105.168.125.74.in-addr.arpa udp
US 8.8.8.8:53 103.175.125.74.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com tcp
US 8.8.8.8:53 rr1---sn-ntqe6n76.googlevideo.com udp
GB 172.217.16.238:443 www.youtube.com udp
AU 173.194.28.6:443 rr1---sn-ntqe6n76.googlevideo.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 6.28.194.173.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.179.238:443 youtube.com tcp
US 8.8.8.8:53 i9.ytimg.com udp
GB 142.250.179.238:443 i9.ytimg.com tcp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 consent.youtube.com udp
GB 142.250.187.225:443 yt3.ggpht.com udp
US 8.8.8.8:53 update.msiservers.lan udp
GB 74.125.168.105:443 rr4---sn-aigl6nz7.googlevideo.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 rr1---sn-q4flrnld.googlevideo.com udp
US 173.194.24.70:443 rr1---sn-q4flrnld.googlevideo.com udp
GB 216.58.201.102:443 static.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 70.24.194.173.in-addr.arpa udp
GB 142.250.179.238:443 i9.ytimg.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 172.217.16.238:443 www.youtube.com udp
US 8.8.8.8:53 twitch.tv udp
US 151.101.194.167:443 twitch.tv tcp
US 151.101.194.167:443 twitch.tv tcp
US 8.8.8.8:53 www.twitch.tv udp
US 151.101.2.214:443 www.twitch.tv tcp
US 8.8.8.8:53 167.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 static-cdn.jtvnw.net udp
US 8.8.8.8:53 api.twitch.tv udp
US 8.8.8.8:53 gql.twitch.tv udp
US 8.8.8.8:53 assets.twitch.tv udp
IE 13.224.68.47:443 assets.twitch.tv tcp
IE 13.224.68.47:443 assets.twitch.tv tcp
IE 13.224.68.47:443 assets.twitch.tv tcp
IE 13.224.68.47:443 assets.twitch.tv tcp
IE 13.224.68.47:443 assets.twitch.tv tcp
US 3.165.222.14:443 static-cdn.jtvnw.net tcp
US 3.165.232.49:443 api.twitch.tv tcp
US 8.8.8.8:53 pubsub-edge.twitch.tv udp
US 8.8.8.8:53 irc-ws.chat.twitch.tv udp
US 151.101.194.214:443 gql.twitch.tv tcp
US 8.8.8.8:53 passport.twitch.tv udp
US 8.8.8.8:53 k.twitchcdn.net udp
US 151.101.2.167:443 k.twitchcdn.net tcp
IE 13.224.68.47:443 assets.twitch.tv udp
US 18.236.19.98:443 irc-ws.chat.twitch.tv tcp
US 8.8.8.8:53 vod-secure.twitch.tv udp
US 3.165.232.114:443 vod-secure.twitch.tv tcp
US 8.8.8.8:53 d2v02itv0y9u9t.cloudfront.net udp
IE 3.162.143.196:443 d2v02itv0y9u9t.cloudfront.net tcp
US 151.101.194.214:443 gql.twitch.tv udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
IE 13.224.68.92:443 passport.twitch.tv tcp
US 151.101.194.214:443 gql.twitch.tv udp
US 8.8.8.8:53 214.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 214.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 47.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 14.222.165.3.in-addr.arpa udp
US 8.8.8.8:53 49.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 167.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 114.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 98.19.236.18.in-addr.arpa udp
US 8.8.8.8:53 196.143.162.3.in-addr.arpa udp
IE 13.224.68.47:443 assets.twitch.tv udp
US 52.42.21.40:443 pubsub-edge.twitch.tv tcp
US 8.8.8.8:53 hermes.twitch.tv udp
US 8.8.8.8:53 usher.ttvnw.net udp
US 3.165.232.31:443 usher.ttvnw.net tcp
IE 3.162.140.120:443 hermes.twitch.tv tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 video-weaver.prg03.hls.ttvnw.net udp
AT 52.223.198.20:443 video-weaver.prg03.hls.ttvnw.net tcp
US 8.8.8.8:53 92.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 31.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 120.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 40.21.42.52.in-addr.arpa udp
US 8.8.8.8:53 20.198.223.52.in-addr.arpa udp
US 8.8.8.8:53 video-edge-87c6ca.prg03.abs.hls.ttvnw.net udp
CZ 52.223.202.46:443 video-edge-87c6ca.prg03.abs.hls.ttvnw.net tcp
US 54.68.213.221:443 video-edge-81b671.pdx01.abs.hls.ttvnw.net tcp
US 8.8.8.8:53 46.202.223.52.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 global.poe.live-video.net udp
US 23.160.0.0:443 global.poe.live-video.net tcp
US 8.8.8.8:53 sq-tungsten-ts-eu.amazon-adsystem.com udp
IE 3.253.167.114:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 221.213.68.54.in-addr.arpa udp
US 8.8.8.8:53 0.0.160.23.in-addr.arpa udp
US 8.8.8.8:53 114.167.253.3.in-addr.arpa udp
US 8.8.8.8:53 d3aqoihi2n8ty8.cloudfront.net udp
US 3.165.224.38:443 d3aqoihi2n8ty8.cloudfront.net tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
IE 67.220.226.234:443 aax-eu.amazon-adsystem.com tcp
US 3.165.232.46:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 38.224.165.3.in-addr.arpa udp
US 8.8.8.8:53 234.226.220.67.in-addr.arpa udp
US 8.8.8.8:53 m.media-amazon.com udp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com tcp
US 3.165.223.210:443 m.media-amazon.com udp
US 8.8.8.8:53 panels.twitch.tv udp
GB 3.162.20.62:443 panels.twitch.tv tcp
GB 3.162.20.62:443 panels.twitch.tv tcp
GB 3.162.20.62:443 panels.twitch.tv tcp
GB 3.162.20.62:443 panels.twitch.tv tcp
GB 3.162.20.62:443 panels.twitch.tv tcp
GB 3.162.20.62:443 panels.twitch.tv tcp
US 8.8.8.8:53 62.20.162.3.in-addr.arpa udp
US 54.68.213.221:443 video-edge-81b671.pdx01.abs.hls.ttvnw.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 142.250.180.22:443 i.ytimg.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.46:443 www.youtube.com udp
GB 172.217.169.14:443 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 playvalorant.com udp
US 8.8.8.8:53 cmp.osano.com udp
GB 172.217.16.238:443 www.youtube.com udp
US 15.197.167.90:443 playvalorant.com tcp
US 15.197.167.90:443 playvalorant.com tcp
US 3.165.232.91:443 cmp.osano.com tcp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 3.165.232.91:443 cmp.osano.com udp
US 8.8.8.8:53 cmsassets.rgpub.io udp
US 3.165.232.91:443 cmp.osano.com udp
US 3.165.232.91:443 cmp.osano.com tcp
US 8.8.8.8:53 lolstatic-a.akamaihd.net udp
CH 80.67.82.107:443 cmsassets.rgpub.io tcp
CH 80.67.82.107:443 cmsassets.rgpub.io tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
US 8.8.8.8:53 cdn.rgpub.io udp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
CH 80.67.82.80:443 cdn.rgpub.io tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
CH 80.67.82.107:443 cmsassets.rgpub.io udp
US 8.8.8.8:53 90.167.197.15.in-addr.arpa udp
US 8.8.8.8:53 91.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 115.108.222.173.in-addr.arpa udp
US 8.8.8.8:53 80.82.67.80.in-addr.arpa udp
CH 80.67.82.80:443 cdn.rgpub.io tcp
US 8.8.8.8:53 xsso.playvalorant.com udp
CH 80.67.82.80:443 cdn.rgpub.io tcp
US 8.8.8.8:53 valorant.secure.dyn.riotcdn.net udp
CH 80.67.82.80:443 cdn.rgpub.io tcp
US 172.64.149.96:443 xsso.playvalorant.com tcp
CH 80.67.82.73:443 valorant.secure.dyn.riotcdn.net tcp
CH 173.222.108.115:443 lolstatic-a.akamaihd.net tcp
US 8.8.8.8:53 auth.riotgames.com udp
US 104.16.119.50:443 auth.riotgames.com tcp
US 8.8.8.8:53 96.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 50.119.16.104.in-addr.arpa udp
US 8.8.8.8:53 consent.api.osano.com udp
US 3.165.232.128:443 consent.api.osano.com tcp
US 8.8.8.8:53 128.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 accounts.server.lan udp
US 15.197.167.90:443 playvalorant.com tcp
US 3.165.232.91:443 cmp.osano.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 google.com tcp
CH 80.67.82.107:443 cmsassets.rgpub.io udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 valorant.secure.dyn.riotcdn.net udp
US 104.17.174.5:443 valorant.secure.dyn.riotcdn.net tcp
US 104.17.174.5:443 valorant.secure.dyn.riotcdn.net tcp
US 8.8.8.8:53 5.174.17.104.in-addr.arpa udp
US 8.8.8.8:53 data.riotgames.com udp
US 104.16.55.40:443 data.riotgames.com tcp
US 8.8.8.8:53 clientconfig.rpg.riotgames.com udp
US 104.18.157.37:443 clientconfig.rpg.riotgames.com tcp
US 104.16.55.40:443 data.riotgames.com tcp
US 8.8.8.8:53 40.55.16.104.in-addr.arpa udp
N/A 127.0.0.1:55845 tcp
N/A 127.0.0.1:55843 tcp
N/A 127.0.0.1:55847 tcp
N/A 127.0.0.1:55851 tcp
US 8.8.8.8:53 37.157.18.104.in-addr.arpa udp
US 104.16.55.40:443 data.riotgames.com tcp
US 104.18.157.37:443 clientconfig.rpg.riotgames.com tcp
N/A 127.0.0.1:55927 tcp
N/A 127.0.0.1:55929 tcp
N/A 127.0.0.1:55932 tcp
N/A 127.0.0.1:55935 tcp
GB 142.250.180.4:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.179.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 store.epicgames.com udp
US 104.18.3.64:443 store.epicgames.com tcp
US 104.18.3.64:443 store.epicgames.com tcp
US 8.8.8.8:53 64.3.18.104.in-addr.arpa udp
US 104.18.3.64:443 store.epicgames.com udp
US 8.8.8.8:53 components.unrealengine.com udp
US 8.8.8.8:53 epic-social-social-modules-prod.ol.epicgames.com udp
US 8.8.8.8:53 cdn2.unrealengine.com udp
US 8.8.8.8:53 static-assets-prod.epicgames.com udp
US 8.8.8.8:53 cdn1.unrealengine.com udp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
GB 13.224.81.126:443 components.unrealengine.com tcp
GB 13.224.81.126:443 components.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
CH 23.32.113.92:443 cdn1.unrealengine.com tcp
IE 13.224.68.68:443 epic-social-social-modules-prod.ol.epicgames.com tcp
US 8.8.8.8:53 tracking.epicgames.com udp
US 3.234.87.7:443 tracking.epicgames.com tcp
US 8.8.8.8:53 126.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 68.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 92.113.32.23.in-addr.arpa udp
US 8.8.8.8:53 7.87.234.3.in-addr.arpa udp
US 8.8.8.8:53 store-site-backend-static-ipv4.ak.epicgames.com udp
US 8.8.8.8:53 cms-assets.unrealengine.com udp
IE 13.224.68.41:443 cms-assets.unrealengine.com tcp
GB 23.214.157.159:443 store-site-backend-static-ipv4.ak.epicgames.com tcp
GB 23.214.157.159:443 store-site-backend-static-ipv4.ak.epicgames.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 41.68.224.13.in-addr.arpa udp
US 8.8.8.8:53 cdn1.epicgames.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 104.18.3.64:443 store.epicgames.com udp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 epicgames-privacy.my.onetrust.com udp
US 104.18.32.137:443 epicgames-privacy.my.onetrust.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 store.steampowered.com udp
US 8.8.8.8:53 store.fastly.steamstatic.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 151.101.67.52:443 store.fastly.steamstatic.com tcp
US 8.8.8.8:53 shared.fastly.steamstatic.com udp
US 8.8.8.8:53 cdn.fastly.steamstatic.com udp
US 151.101.67.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.3.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.131.52:443 cdn.fastly.steamstatic.com tcp
US 8.8.8.8:53 52.67.101.151.in-addr.arpa udp
US 23.46.189.123:443 store.steampowered.com tcp
US 23.46.189.123:443 store.steampowered.com tcp
US 23.46.189.123:443 store.steampowered.com tcp
US 23.46.189.123:443 store.steampowered.com tcp
US 23.46.189.123:443 store.steampowered.com tcp
US 8.8.8.8:53 52.3.101.151.in-addr.arpa udp
US 8.8.8.8:53 52.131.101.151.in-addr.arpa udp
US 8.8.8.8:53 123.189.46.23.in-addr.arpa udp
US 151.101.3.52:443 cdn.fastly.steamstatic.com tcp
US 151.101.3.52:443 cdn.fastly.steamstatic.com tcp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 help.steampowered.com udp
NL 23.207.106.113:443 help.steampowered.com tcp
NL 23.207.106.113:443 help.steampowered.com tcp
US 8.8.8.8:53 113.106.207.23.in-addr.arpa udp
US 8.8.8.8:53 cdn.steamstatic.com udp
US 151.101.67.52:443 cdn.steamstatic.com tcp
GB 104.91.71.90:80 r10.o.lencr.org tcp
US 8.8.8.8:53 125.21.192.23.in-addr.arpa udp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 90.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 test.steampowered.com udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-udp.steamserver.net udp
GB 104.77.160.206:80 test.steampowered.com tcp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 206.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 api.steampowered.com udp
GB 104.103.247.162:443 api.steampowered.com tcp
US 8.8.8.8:53 162.247.103.104.in-addr.arpa udp
US 8.8.8.8:53 ext1-bom2.steamserver.net udp
IN 155.133.224.22:27030 ext1-bom2.steamserver.net tcp
US 8.8.8.8:53 ext2-maa2.steamserver.net udp
IN 155.133.225.21:27030 ext2-maa2.steamserver.net tcp
IN 155.133.225.21:27020 ext2-maa2.steamserver.net tcp
IN 155.133.224.22:27033 ext1-bom2.steamserver.net tcp
N/A 127.0.0.1:52816 tcp
N/A 127.0.0.1:52800 tcp
IN 155.133.224.22:443 ext1-bom2.steamserver.net tcp
US 8.8.8.8:53 ext1-maa2.steamserver.net udp
US 8.8.8.8:53 cmp1-sgp1.steamserver.net udp
IN 155.133.225.20:443 ext1-maa2.steamserver.net tcp
US 8.8.8.8:53 21.225.133.155.in-addr.arpa udp
SG 103.10.124.4:27020 cmp1-sgp1.steamserver.net tcp
SG 103.10.124.5:27018 cmp2-sgp1.steamserver.net tcp
US 8.8.8.8:53 e5.o.lencr.org udp
GB 104.91.71.89:80 e5.o.lencr.org tcp
US 8.8.8.8:53 e6.o.lencr.org udp
GB 104.91.71.89:80 e6.o.lencr.org tcp
US 8.8.8.8:53 cmp1-hkg1.steamserver.net udp
SG 103.10.124.4:443 cmp1-sgp1.steamserver.net tcp
HK 103.28.54.100:27018 cmp1-hkg1.steamserver.net tcp
US 8.8.8.8:53 cmp2-lhr1.steamserver.net udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 cmp1-fra1.steamserver.net udp
GB 162.254.196.80:27019 cmp2-lhr1.steamserver.net tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
DE 155.133.250.4:27019 cmp1-fra1.steamserver.net tcp
US 8.8.8.8:53 20.225.133.155.in-addr.arpa udp
US 8.8.8.8:53 4.124.10.103.in-addr.arpa udp
US 8.8.8.8:53 89.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 80.196.254.162.in-addr.arpa udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 100.54.28.103.in-addr.arpa udp
US 8.8.8.8:53 4.250.133.155.in-addr.arpa udp
HK 103.28.54.100:27019 cmp1-hkg1.steamserver.net tcp
US 8.8.8.8:53 cmp2-hkg1.steamserver.net udp
HK 103.28.54.101:27021 cmp2-hkg1.steamserver.net tcp
SG 103.10.124.4:27019 cmp1-sgp1.steamserver.net tcp
SG 103.10.124.5:27020 cmp2-sgp1.steamserver.net tcp
SG 103.10.124.5:443 cmp2-sgp1.steamserver.net tcp
US 8.8.8.8:53 101.54.28.103.in-addr.arpa udp
HK 103.28.54.101:443 cmp2-hkg1.steamserver.net tcp
US 8.8.8.8:53 ext1-tyo3.steamserver.net udp
JP 45.121.184.20:27036 ext1-tyo3.steamserver.net tcp
JP 45.121.184.20:27031 ext1-tyo3.steamserver.net tcp
US 8.8.8.8:53 ext2-tyo3.steamserver.net udp
JP 45.121.184.21:443 ext2-tyo3.steamserver.net tcp
US 8.8.8.8:53 cmp1-lax1.steamserver.net udp
US 162.254.195.69:443 cmp1-lax1.steamserver.net tcp
US 8.8.8.8:53 cmp2-iad1.steamserver.net udp
US 162.254.192.99:27018 cmp2-iad1.steamserver.net tcp
US 8.8.8.8:53 cmp2-lax1.steamserver.net udp
US 162.254.195.75:443 cmp2-lax1.steamserver.net tcp
US 8.8.8.8:53 20.184.121.45.in-addr.arpa udp
US 8.8.8.8:53 21.184.121.45.in-addr.arpa udp
US 8.8.8.8:53 p2p-iad1.discovery.steamserver.net udp
US 8.8.8.8:53 75.195.254.162.in-addr.arpa udp
US 8.8.8.8:53 99.192.254.162.in-addr.arpa udp
US 8.8.8.8:53 69.195.254.162.in-addr.arpa udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 cmp1-atl3.steamserver.net udp
US 162.254.199.165:443 cmp1-atl3.steamserver.net tcp
US 162.254.199.165:27018 cmp1-atl3.steamserver.net tcp
US 8.8.8.8:53 cmp2-atl3.steamserver.net udp
US 162.254.199.184:27018 cmp2-atl3.steamserver.net tcp
US 162.254.195.69:27018 cmp1-lax1.steamserver.net tcp
US 162.254.195.75:27018 cmp2-lax1.steamserver.net tcp
US 162.254.192.99:27020 cmp2-iad1.steamserver.net tcp
US 162.254.192.99:443 cmp2-iad1.steamserver.net tcp
US 162.254.192.99:27018 cmp2-iad1.steamserver.net tcp
US 8.8.8.8:53 cmp2-sea1.steamserver.net udp
US 205.196.6.133:27018 cmp2-sea1.steamserver.net tcp
DE 155.133.250.4:27023 cmp1-fra1.steamserver.net tcp
US 8.8.8.8:53 165.199.254.162.in-addr.arpa udp
US 8.8.8.8:53 184.199.254.162.in-addr.arpa udp
US 8.8.8.8:53 133.6.196.205.in-addr.arpa udp
US 8.8.8.8:53 p2p-fra2.discovery.steamserver.net udp
US 8.8.8.8:53 crash.steampowered.com udp
US 208.64.203.173:443 crash.steampowered.com tcp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 104.91.71.91:80 r10.o.lencr.org tcp
US 8.8.8.8:53 91.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 173.203.64.208.in-addr.arpa udp
US 8.8.8.8:53 api.steampowered.com udp
GB 162.254.196.80:27019 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.80:27018 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.80:443 cmp2-lhr1.steamserver.net tcp
US 8.8.8.8:53 ext1-par1.steamserver.net udp
FR 185.25.182.20:27031 ext1-par1.steamserver.net tcp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 20.182.25.185.in-addr.arpa udp
HK 103.28.54.101:27020 cmp2-hkg1.steamserver.net tcp
US 8.8.8.8:53 cmp3-hkg1.steamserver.net udp
HK 103.28.54.102:27018 cmp3-hkg1.steamserver.net tcp
US 8.8.8.8:53 ext4-tyo3.steamserver.net udp
JP 45.121.184.23:27023 ext4-tyo3.steamserver.net tcp
JP 45.121.184.23:27028 ext4-tyo3.steamserver.net tcp
US 8.8.8.8:53 cmp1-ord1.steamserver.net udp
US 8.8.8.8:53 102.54.28.103.in-addr.arpa udp
US 8.8.8.8:53 23.184.121.45.in-addr.arpa udp
US 162.254.193.103:27018 cmp1-ord1.steamserver.net tcp
US 8.8.8.8:53 cmp2-dfw1.steamserver.net udp
US 155.133.253.52:27018 cmp2-dfw1.steamserver.net tcp
US 8.8.8.8:53 p2p-dfw1.discovery.steamserver.net udp
US 8.8.8.8:53 103.193.254.162.in-addr.arpa udp
US 8.8.8.8:53 52.253.133.155.in-addr.arpa udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 208.64.203.173:443 crash.steampowered.com tcp
SG 103.10.124.5:27019 cmp2-sgp1.steamserver.net tcp
HK 103.28.54.102:27021 cmp3-hkg1.steamserver.net tcp
US 8.8.8.8:53 ext6-hkg1.steamserver.net udp
HK 103.28.54.172:27024 ext6-hkg1.steamserver.net tcp
HK 103.28.54.102:443 cmp3-hkg1.steamserver.net tcp
US 8.8.8.8:53 ext3-tyo3.steamserver.net udp
JP 45.121.184.22:27025 ext3-tyo3.steamserver.net tcp
JP 45.121.184.20:27028 ext1-tyo3.steamserver.net tcp
JP 45.121.184.21:443 ext2-tyo3.steamserver.net tcp
US 8.8.8.8:53 ext1-syd1.steamserver.net udp
AU 103.10.125.148:443 ext1-syd1.steamserver.net tcp
US 8.8.8.8:53 172.54.28.103.in-addr.arpa udp
US 8.8.8.8:53 22.184.121.45.in-addr.arpa udp
US 8.8.8.8:53 148.125.10.103.in-addr.arpa udp
US 8.8.8.8:53 p2p-lax1.discovery.steamserver.net udp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
US 8.8.8.8:53 ext1-gru1.steamserver.net udp
BR 155.133.227.34:27025 ext1-gru1.steamserver.net tcp
BR 155.133.227.34:27030 ext1-gru1.steamserver.net tcp
US 8.8.8.8:53 ext1-eze1.steamserver.net udp
AR 155.133.255.100:27023 ext1-eze1.steamserver.net tcp
US 8.8.8.8:53 ext2-eze1.steamserver.net udp
AR 155.133.255.164:27019 ext2-eze1.steamserver.net tcp
AR 155.133.255.100:443 ext1-eze1.steamserver.net tcp
CL 155.133.249.180:27021 ext1-scl1.steamserver.net tcp
US 8.8.8.8:53 ext2-scl1.steamserver.net udp
CL 155.133.249.164:27038 ext2-scl1.steamserver.net tcp
CL 155.133.249.164:443 ext2-scl1.steamserver.net tcp
US 8.8.8.8:53 ext2-lim1.steamserver.net udp
US 8.8.8.8:53 155.143.214.23.in-addr.arpa udp
US 8.8.8.8:53 100.255.133.155.in-addr.arpa udp
US 8.8.8.8:53 164.255.133.155.in-addr.arpa udp
PE 155.133.244.50:27019 ext2-lim1.steamserver.net tcp
US 8.8.8.8:53 ext1-lim1.steamserver.net udp
PE 155.133.244.34:27023 ext1-lim1.steamserver.net tcp
US 8.8.8.8:53 180.249.133.155.in-addr.arpa udp
US 8.8.8.8:53 164.249.133.155.in-addr.arpa udp
US 8.8.8.8:53 50.244.133.155.in-addr.arpa udp
US 8.8.8.8:53 34.244.133.155.in-addr.arpa udp
US 8.8.8.8:53 ext1-dxb1.steamserver.net udp
AE 185.25.183.36:27030 ext1-dxb1.steamserver.net tcp
AE 185.25.183.36:27033 ext1-dxb1.steamserver.net tcp
US 8.8.8.8:53 ext2-dxb1.steamserver.net udp
AE 185.25.183.52:443 ext2-dxb1.steamserver.net tcp
US 8.8.8.8:53 ext2-bom2.steamserver.net udp
IN 155.133.224.23:27025 ext2-bom2.steamserver.net tcp
IN 155.133.224.23:27031 ext2-bom2.steamserver.net tcp
IN 155.133.224.23:443 ext2-bom2.steamserver.net tcp
IN 155.133.225.21:27020 ext2-maa2.steamserver.net tcp
IN 155.133.225.21:27028 ext2-maa2.steamserver.net tcp
IN 155.133.225.20:443 ext1-maa2.steamserver.net tcp
US 8.8.8.8:53 cmp1-lhr1.steamserver.net udp
GB 162.254.196.79:27018 cmp1-lhr1.steamserver.net tcp
HK 103.28.54.101:27018 cmp2-hkg1.steamserver.net tcp
HK 103.28.54.101:27019 cmp2-hkg1.steamserver.net tcp
US 8.8.8.8:53 23.224.133.155.in-addr.arpa udp
US 8.8.8.8:53 36.183.25.185.in-addr.arpa udp
US 8.8.8.8:53 79.196.254.162.in-addr.arpa udp
AE 185.25.183.52:27029 ext2-dxb1.steamserver.net tcp
AE 185.25.183.36:27021 ext1-dxb1.steamserver.net tcp
AE 185.25.183.36:443 ext1-dxb1.steamserver.net tcp
IN 155.133.224.22:27029 ext1-bom2.steamserver.net tcp
IN 155.133.224.23:27037 ext2-bom2.steamserver.net tcp
IN 155.133.225.20:27032 ext1-maa2.steamserver.net tcp
IN 155.133.225.20:27023 ext1-maa2.steamserver.net tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.200.14:443 play.google.com tcp
GB 74.125.105.39:443 udp
GB 162.254.196.80:27020 cmp2-lhr1.steamserver.net tcp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 39.105.125.74.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
GB 216.58.201.99:443 tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
GB 216.58.201.99:443 udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 216.58.212.234:443 ogads-pa.googleapis.com udp
GB 216.58.212.234:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 toastyy.de udp
US 76.76.21.21:443 toastyy.de tcp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 client-update.steamstatic.com udp
US 151.101.131.52:443 client-update.steamstatic.com tcp
GB 104.91.71.90:80 r10.o.lencr.org tcp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
HK 103.28.54.172:27035 ext6-hkg1.steamserver.net tcp
HK 103.28.54.100:27021 cmp1-hkg1.steamserver.net tcp
SG 103.10.124.5:27019 cmp2-sgp1.steamserver.net tcp
SG 103.10.124.4:27019 cmp1-sgp1.steamserver.net tcp
SG 103.10.124.5:443 cmp2-sgp1.steamserver.net tcp
HK 103.28.54.101:443 cmp2-hkg1.steamserver.net tcp
JP 45.121.184.21:27037 ext2-tyo3.steamserver.net tcp
JP 45.121.184.23:27037 ext4-tyo3.steamserver.net tcp
US 162.254.195.75:443 cmp2-lax1.steamserver.net tcp
US 162.254.195.69:27018 cmp1-lax1.steamserver.net tcp
US 8.8.8.8:53 cmp1-iad1.steamserver.net udp
US 162.254.192.98:27018 cmp1-iad1.steamserver.net tcp
US 162.254.193.103:27018 cmp1-ord1.steamserver.net tcp
US 8.8.8.8:53 e5.o.lencr.org udp
GB 104.91.71.89:80 e5.o.lencr.org tcp
US 8.8.8.8:53 98.192.254.162.in-addr.arpa udp
AR 155.133.255.100:27020 ext1-eze1.steamserver.net tcp
AR 155.133.255.164:27022 ext2-eze1.steamserver.net tcp
AR 155.133.255.164:443 ext2-eze1.steamserver.net tcp
CL 155.133.249.180:27036 ext1-scl1.steamserver.net tcp
CL 155.133.249.180:27037 ext1-scl1.steamserver.net tcp
BR 155.133.227.34:27032 ext1-gru1.steamserver.net tcp
BR 155.133.227.34:27030 ext1-gru1.steamserver.net tcp
CL 155.133.249.164:443 ext2-scl1.steamserver.net tcp
PE 155.133.244.50:27036 ext2-lim1.steamserver.net tcp
PE 155.133.244.50:27022 ext2-lim1.steamserver.net tcp
US 162.254.193.103:443 cmp1-ord1.steamserver.net tcp
US 8.8.8.8:53 ext2-waw1.steamserver.net udp
PL 155.133.230.50:27021 ext2-waw1.steamserver.net tcp
PL 155.133.230.50:27022 ext2-waw1.steamserver.net tcp
US 8.8.8.8:53 ext1-waw1.steamserver.net udp
PL 155.133.230.34:443 ext1-waw1.steamserver.net tcp
US 8.8.8.8:53 cmp2-fra2.steamserver.net udp
US 155.133.229.20:27024 cmp2-fra2.steamserver.net tcp
US 8.8.8.8:53 cmp2-fra1.steamserver.net udp
DE 155.133.250.20:27024 cmp2-fra1.steamserver.net tcp
US 8.8.8.8:53 cmp1-fra2.steamserver.net udp
US 155.133.229.4:27020 cmp1-fra2.steamserver.net tcp
US 155.133.229.4:27018 cmp1-fra2.steamserver.net tcp
US 8.8.8.8:53 cmp2-sto2.steamserver.net udp
SE 155.133.252.69:443 cmp2-sto2.steamserver.net tcp
US 8.8.8.8:53 e6.o.lencr.org udp
GB 104.91.71.89:80 e6.o.lencr.org tcp
US 8.8.8.8:53 34.230.133.155.in-addr.arpa udp
US 8.8.8.8:53 50.230.133.155.in-addr.arpa udp
US 8.8.8.8:53 20.229.133.155.in-addr.arpa udp
US 8.8.8.8:53 20.250.133.155.in-addr.arpa udp
US 8.8.8.8:53 4.229.133.155.in-addr.arpa udp
US 8.8.8.8:53 69.252.133.155.in-addr.arpa udp
US 8.8.8.8:53 p2p-fra2.discovery.steamserver.net udp
US 8.8.8.8:53 accounts.server.lan udp
US 151.101.194.167:443 k.twitchcdn.net tcp
US 8.8.8.8:53 update.msiservers.lan udp
US 151.101.2.219:443 speedtest.net tcp
US 8.8.8.8:53 api.steampowered.com udp
GB 23.214.143.155:443 api.steampowered.com tcp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
GB 162.254.196.80:27018 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.79:27018 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.80:443 cmp2-lhr1.steamserver.net tcp
US 155.133.229.20:27019 cmp2-fra2.steamserver.net tcp
US 155.133.229.20:27023 cmp2-fra2.steamserver.net tcp
DE 155.133.250.20:27020 cmp2-fra1.steamserver.net tcp
US 155.133.229.4:27024 cmp1-fra2.steamserver.net tcp
US 155.133.229.4:443 cmp1-fra2.steamserver.net tcp
US 8.8.8.8:53 cmp1-ams1.steamserver.net udp
NL 155.133.248.42:27018 cmp1-ams1.steamserver.net tcp
US 8.8.8.8:53 ext1-sto1.steamserver.net udp
SE 162.254.198.44:27020 ext1-sto1.steamserver.net tcp
US 8.8.8.8:53 ext2-par1.steamserver.net udp
FR 185.25.182.52:27033 ext2-par1.steamserver.net tcp
US 8.8.8.8:53 cmp1-sto2.steamserver.net udp
SE 155.133.252.68:443 cmp1-sto2.steamserver.net tcp
US 8.8.8.8:53 42.248.133.155.in-addr.arpa udp
US 8.8.8.8:53 44.198.254.162.in-addr.arpa udp
US 8.8.8.8:53 52.182.25.185.in-addr.arpa udp
US 8.8.8.8:53 68.252.133.155.in-addr.arpa udp
US 8.8.8.8:53 p2p-par1.discovery.steamserver.net udp
US 8.8.8.8:53 chrome.google.com udp
GB 216.58.201.110:443 chrome.google.com tcp

Files

\??\pipe\crashpad_1600_ZGVYHKJREESJUMZB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 619c2c1bfd9be65120803a84819c8f1d
SHA1 4040ec9e00b62c7e2d4c47044737a0c5b12df2c6
SHA256 3069af13d35090a91f40cdd6f120ce9eb69856ce10bf6cc01b1854bcbcfd270d
SHA512 66554f9921902e09e9dc7d1f09000048bb83b30f83d983d2ad4869a8f857217aca4a46390d470f9aba6a5f8280c20a861e61f3914d86c4350421ecf3afd65d87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b94521c7cf38dc03d6afe7effba233e
SHA1 cc30f433ef00fa3de6db0025790458130641a4b7
SHA256 4ad3b132ffbfd67560b4764d448e99eab2daf3ad641f26842e8610fbc13f037f
SHA512 3dcfeef19edc2e4c450a0c72aa2edbab19516c5606627619b7d91c4bccee99aee93631a69991c88f8e9d5be9ebb9b4ccd639f84928593e4b6ee1a31871d4ba10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3fdbeb525531ef436c2706b067837af7
SHA1 eed8c0ddfb4c3744e68a824343b81a2522a4e809
SHA256 8d8a4401444e7001a721ca5de1b0ceb1bf8c73c67cbf7250fddf6b90d3e7e072
SHA512 4448336a5996046765f2f1549025d2d25d932cfc24193d68184ba3d1f5e4bada3dc72e83dd9e4efccf670345d9591f586aaf69c5b9fff2375dd709bbe54d5143

C:\Users\Admin\AppData\Local\Temp\scoped_dir1600_602995824\8985737e-3fa0-4cfa-a544-74e55e59c1b8.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir1600_602995824\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 cadee18eadd04ab3165de89f58302a64
SHA1 fd9f4b05803795759720466b18cd4450afe198fd
SHA256 e5264f952e8db61317f802fe0463691c45cf3872df8f85812853369befc8a774
SHA512 f27890f888c1e53c5b6e596a67579abbab49fdc09e81d07b8df73ec12ee4fbd4afedaed0694e43e84d68aa1357e2e58246f5f52d5cccd7f5b0dd034a8193a373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df1ae5c8909862b34373da7e37d5c72b
SHA1 d5774b6498252aa164ea357f0b5990d0bba529cc
SHA256 71f52be854d56c85dab42e5dadf0b2e25179708b0bcbed33f71ecf47f454b39e
SHA512 ccb705f0eb8224e321293dd639855f5b81fccff27e26af7ccdb6b5f8f1f565369d18f44b44c09e1c092e8016f41a81ca0584f51521c29f4ed66746de75bbaedc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27d4b8d7bbb97021abaa0fe4be3763b5
SHA1 0d5dffea8d0442c68da3a6ba0605ff4329f347b9
SHA256 38b94bf8ac49766a7ac92e87adf88627949b2af6ea98b004892d797a369e75c2
SHA512 5e09500736bb4de991d29a83d6c37da96fb1e6ab48234bbac2e1df6366ee4f72b48824090759b4638332bc6a26a4e9440d9c73ff19c584a9b00ecc22c94069aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 654b072419ad282ebfa5e5e154082ac0
SHA1 d9f9a022f7133cefa7d41ba305e4a5549ba47196
SHA256 eae98b18f299299978365fabcca88325e6acf5cf7cbe1418afcd89ea708a201e
SHA512 f374212fdb60409c7f623b70ad3a238aff523bc8dff889708321e32856717f21d0b317487b9af2396ffbdec14ed4d3febca8a86c2fbe4619a0a9c2c77d7c9602

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 e3d5090a7ed93e09790ff83780acf6a5
SHA1 8ae60ba85a907c18ed19145f6498b0fc5124138e
SHA256 39fdcbd87e15efdcad2005e4a2095501921fb616c74b31156b4179cffb42f83e
SHA512 91ef65fe612dfaf548344f1d64fc0f8a688c1d3c3961afeb27b06c8a2a6c039cfdc403f6e608bfff45bc95d432c27f98f2d96965ac1df74e76222476a60c8494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 a361c5931798b2d1a9f575398930d1c0
SHA1 9e5b47026de027f0e53329ba5feff7de13fcd41e
SHA256 f9fc03f33376d7a261602aae3fdf7c0bedad2fca45740224cf162a039c0cfa7a
SHA512 abf0c5ab59022251a95b8c9ca38717591510b27ab1e156d42f9dd919dc5b915a29fc96dd7ef13766b44e14990856179820dc82df113223404dab9dfce39e1c95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 9be600473100e7e2bdaba5c844fcc60c
SHA1 42530c7ae038dc344d7bc136be455262e5e7f0df
SHA256 c936997c77f8afe4acbdfce4fbe0c580be63e378b2789291bc6a0e4f93e75e0c
SHA512 d94a8b3c4b1acac99e7e8c00e2aeea554999975635d710df23b5513d65f9758f8ca2987e7afe59520161cf3e176670211eda170d64250fa079617f3946eeb423

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1dc5d9653533866698aae3ee847fb408
SHA1 2c7915fda6773ebab79ef2170c410fb4ef476462
SHA256 bc10a1003a6ea8f45a27d0b04557acd020129301ed04d7fa7a101b48bc3c6235
SHA512 2455734b20c16d69ef5a40a2047f9bc4f8f8282ad0f06fc70f0bc6fe667e60cc3f295799cc253bcd974eb8d43f5f25311079d579ccd4900e0276a13f4e7e7fca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2253b3e2937e16617caefb402de7d157
SHA1 be54f275f1f16796926b8514e5759b8f031fb14c
SHA256 1f808da39cc4c87a6ab0abfaa8ac7ff3d7a8eda70853f8f56f78baa235a251cf
SHA512 643f9cbc4d3ba729aaff9deed4d7f4f6bdd26aaca8ae843d537b7c06084ca6f771fb731686fc4de93ece9983f09e9018366ce58ecfec99cc8d4813d987619c2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ad5a62d87e92ee5a9192d4410456cd3
SHA1 87ce894a034beb3cdebdbe70614d58a311248006
SHA256 340e24c6bb05ac432d0f2baf2cc25eeecbedd4ccdfe3f9a2e733ae935818b5b8
SHA512 bd0613772200dbdcb980160af77e34343a91884b57b4d545605508abd33859164eae06436be0122ab24763d60ad1cc0cf6aa692f5bf6582e90ce718bc705b124

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dcf9ca5a4c0f672493bc73102b04630b
SHA1 5db5743a0baece582ff8dbce9432e3dbb0e22153
SHA256 e24da6124b5376137c0b4c327e6e475408a1c7724d9a8830ad564b2dff5ae36e
SHA512 3e6dd6744f60a3c361b93b0c38bcbffcab9dc691acb516f60138fa23ed9076a995d02c073b6338352af5246b6c9ed110cc84aa8085319be2fac6dac319e94d69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba6ef346187b40694d493da98d5da979
SHA1 643c15bec043f8673943885199bb06cd1652ee37
SHA256 d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73
SHA512 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fa67b21c-d444-4df8-a262-25b243cd3e45.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4929bee338c92e94d9e3e83a1b3f96ad
SHA1 671890f5406c8f03eb7405ee574e22d9cb8f731e
SHA256 5cf4fced7e3e5d76536833f58bb8b5cb3bbb01483762453bde8f800dede9b657
SHA512 7c0429a16b523ba15e604b041615cd0db4cbb7ac8c542ea2f58afa452a57f8ae1afc758f78fab1954060374ba159dd8f19375dd5dba1c17d6017c06b6e0f1f74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e8301d0b47dfc8308e5e6dde791bf011
SHA1 801353c7d9e9e3c260d4e26ae43de833976eb0b1
SHA256 fae5f29bc1f0bf7ffe3a99d9dea5477ad65cb378255818053dcf0cf29f2fb9d3
SHA512 ea93f9813fbed6d2f8048a058c93576bc9668d4adaa340d2ab54cf90f756eeddf2a88f364b5771358ddafcff8b25edebdf35087ec022a912157d3fdb42f1d43a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80ba8a833d7ba86ddd89addebe95cd23
SHA1 370b939046136e2a64ae70cd65256378a49c9345
SHA256 80c9f0a591c3919a88ba2472b88f447cf3516f165addd8e0390279f956689df0
SHA512 29eafdda0703de3e55da52d1766c2a53b5cb863b35fd769f366c7533f84d83281145c1ebee024b6269fcd0183ef61825ff8489b2cbb465f6cb4f721c63ebfed5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0cf1cb484e26b2c22424540bd893a953
SHA1 63791a72fcf7c325b9c48c8ad472e0371aeba776
SHA256 0522f9a00ebd6415cc8057d162c0e077924c1f2c7d2d15270f52a8ef9c07ce20
SHA512 3fcaf10ed15e50820e2893b5e5e4b0899a126b65225f81958faa83a59c07d03da1431751698e37dd4950ee7835230016f27ddae5e07ef77d8b240da0a2b8f5a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 139383f416045bace5748c495095a0a4
SHA1 8a8fed1697061d0a262ce81c1eea45172de89cc2
SHA256 3125cf5e0275850ba46af2357246e2829d04053d38a0a6fb606ce4756b422a62
SHA512 57f0d8d252e10c503e0f2ee89141b6bcdbeff5ec089d32e48607cd9e66b949258683232f3fa24be353df1eb1cfb9b83b781cbfc9af36b459efd635de0519e799

memory/6404-939-0x000001D32F800000-0x000001D32F900000-memory.dmp

memory/6404-937-0x000001D32F800000-0x000001D32F900000-memory.dmp

memory/6404-1149-0x000001D343070000-0x000001D343090000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f2f44e2d0cc9e7a01c2291948a3064c2
SHA1 e094654e1ed27c4629f4632e7cf43438cc7db5ed
SHA256 db627a55e7edbca0dd804e8294c3e4cf6bbe616cded0f60d31d204b8791d41cc
SHA512 0d752b03dccf4fae8bf0bb8592575ee86dba7ffbcfcaf3de891f65dda8290ec972bd03442528911d72a15ad4e07e9f72ed31f4d149adc0b935dafc187b70f526

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 edfd687ef2ded133775bfaaf6589ca39
SHA1 a6cc37f6f3ebe2bf72a3bacbe507973c9e04249a
SHA256 a8494b846c7d6ec457dc1857cb3b5c6edcf09054999459bfba5a2bc5e31d286c
SHA512 cc23c1e3a73a094e44e692b047908b8c034d46a107a7b24f0e8e49e0015bc3e29d7817a59593052bc3b818357810cac39bd9e9ff8144cce4279d3635746b2b64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a87af091e7c58c44b10232a9a8a860f
SHA1 840b93df3697c24eb2ad1b262351de776b6b0dda
SHA256 62e90a76043f14a48d3981a60e8e3c0d5d010621e866e6a3d0f0f65931366f41
SHA512 7a0a845f9c5dd66cf709ed50d0ade00290ebdcc902058ac11661c618ce1dc8d3d338acc6b7547231d35663cf009736816cabbfc9d929acb08fb001b7fd337c74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b8880802fc2bb880a7a869faa01315b0
SHA1 51d1a3fa2c272f094515675d82150bfce08ee8d3
SHA256 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812
SHA512 e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bfcaecf14c49c97731f7108d80580262
SHA1 0c73d317181c1d8e2ed3ec552b25748ca1558f66
SHA256 b5323e5c02b773fd6bbd6cc765c1dcb48c2e4ad87cbeea0e7df0a46323410971
SHA512 30352d70479e418e3348c98a31c2a9930270af59057b97076e3516cae0b4111e0252dfd8cee91eb82ae70a2f9549ff2a00bb483bdffc0ddf081369d7a15b561d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 972b515ca96d2c138ca5ad5717060d0a
SHA1 b3fe8aae7addc497ec7ecb8615e30b730c596e9c
SHA256 28a340e7146c0f47de553cbe3a2e0853ae02209ea0a409f06352c94cee496e15
SHA512 ec71cee68c0f9963c8f71297f1c22d9e0f64b35c92f9510386bb48d528caf331ab9eaddcfa243a251853f3c731c309f0b236f5859c708c6e09c1b43461ef35db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 910a7b574c370e0f726b848d8ac36660
SHA1 e4fa037525b40691b48a7b7e5f9bf1c7ee3e00f4
SHA256 6f114261580cf14a9deb6fd528590fb493bd70643d37c84d1bc722f03dc69c35
SHA512 85937c3d94bc8a6d5d2b18304c4ae1c6fb0673a7059198b2fba186567297d087bbaa873190de33fb0cef2bdb8bf675f58bc5cc8a7a898d62e71f9d532d204726

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48b473af8538adcbd3ef6cf2999bf592
SHA1 fc057b37727232b217cda0178958da285a25f2eb
SHA256 e374b754609dc141ad74c3e552c39535e186da25c310a120b19f033a3cb99e96
SHA512 c8e455e7c591c1967dc787f460096cfa87fbc593e68c3896bb2e0cd8b72bce60fd2b9a4a6a08bd580e9b857d8ca6c6510d599795b3d31b563e1c399fb1445b2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 85fb1a5bf4a924ebfe62fb6edd182826
SHA1 b37b595e940fafba25a1cc6c9a445fb490dbffd4
SHA256 73d6025197f43485f3bfb5adefbe5b6640ee24042cf14b3d58c615b531006d77
SHA512 1547efa29fbc386a45f272d392738ce4e8f26df287f8d4908f26a5b550968797bca5de9c06350963ad53dc798afc3283c4f05843362ae6c8380655685c0c551a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4df4574bfbb7e0b0bc56c2c9b12b6c47
SHA1 81efcbd3e3da8221444a21f45305af6fa4b71907
SHA256 e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377
SHA512 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

memory/7808-1535-0x0000000000400000-0x0000000000481000-memory.dmp

memory/7904-1550-0x0000000000400000-0x0000000000481000-memory.dmp

memory/7904-1552-0x0000000074270000-0x000000007427E000-memory.dmp

memory/7904-1551-0x00000000748C0000-0x00000000748CB000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\System.dll

MD5 4f25d99bf1375fe5e61b037b2616695d
SHA1 958fad0e54df0736ddab28ff6cb93e6ed580c862
SHA256 803931797d95777248dee4f2a563aed51fe931d2dd28faec507c69ed0f26f647
SHA512 96a8446f322cd62377a93d2088c0ce06087da27ef95a391e02c505fb4eb1d00419143d67d89494c2ef6f57ae2fd7f049c86e00858d1b193ec6dde4d0fe0e3130

C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\nsDialogs.dll

MD5 2029c44871670eec937d1a8c1e9faa21
SHA1 e8d53b9e8bc475cc274d80d3836b526d8dd2747a
SHA256 a4ae6d33f940a80e8fe34537c5cc1f8b8679c979607969320cfb750c15809ac2
SHA512 6f151c9818ac2f3aef6d4cabd8122c7e22ccf0b84fa5d4bcc951f8c3d00e8c270127eac1e9d93c5f4594ac90de8aff87dc6e96562f532a3d19c0da63a28654b7

C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\LangDLL.dll

MD5 20850d4d5416fbfd6a02e8a120f360fc
SHA1 ac34f3a34aaa4a21efd6a32bc93102639170e219
SHA256 860b409b065b747aab2a9937f02d08b6fd7309993b50d8e4b53983c8c2b56b61
SHA512 c8048b9ae0ced72a384c5ab781083a76b96ae08d5c8a5c7797f75a7e54e9cd9192349f185ee88c9cf0514fc8d59e37e01d88b9c8106321c0581659ebe1d1c276

memory/7904-1562-0x0000000000400000-0x0000000000481000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7ccce01f3f585726148196844f6db575
SHA1 84eaafa25d41c4e20ebd20864bde57739ddbdc21
SHA256 3ad9324b23e025dcb66f6f4c5797608c59deabcc76f844f00b3df43384c313df
SHA512 bb8263f2a938f7045480746c8f3307ee8707093cadb64ad406c0a922b8da7529315da9726a99ecfe6fcdc2207f3fe0f089200c4b00745cf9be76ebc5db8bee39

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3645ff356ecfa82a5f5df12b4716baf1
SHA1 18246fbd6a4ed11931c3355d04bb2800d0db4213
SHA256 bc9ac6a1276e62cf00560133173cf07fca0f9a07c91a57200ef84ceb4895bead
SHA512 a7f792bb6b413affcb513c88dd93ca70f9463d3ae4093357dff0bdf44b658d6a1472b98dfeee47dc3c61f7d73e6ab9d60d9b6253bd814f2a163cb6d58260b0fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 1fd2bcf7be677e004a5421b78e261340
SHA1 4e5abd04329ee1ffaebe9c04b67deef17f89ff84
SHA256 f539c848f584add20b43d5daefd614526b67adbf22b0c89eaa7802a8a653cd31
SHA512 929499946e38281bd808b37b362c4a86f3b6382eb1ecd5fc094410d3688906d14a114ca930a2cf38b6241ab734bc5959e6fe541270d47ca9538e82a68c99cc77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d926b87a931305a2625642f52209cf75
SHA1 05cc5834ed1ba9603f3a6b05d4ed2379716e1d83
SHA256 332dbaf1eac8ef598e2062d307605b3a4a5f21d1d6f4787cac2635c3b88bb134
SHA512 beb22c108a33c6a45647b3f3fd8e686cbbcd99b8ac72c5331ebba9b74f01fda8bee0e1176c5150cefb40f319fd06c0737442b810e223bb8f46d9e82691e7707b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6de5dd2c2c766cd19a2147aa7fc4c36
SHA1 4be28ac84a0170528bae674988363756278b2c13
SHA256 4979eb407201e2029255b5aed3e5e9b5ff4992ab6cfa115f757c479a035168d6
SHA512 e3141d6ae66ee055a1ebe16000f1be0d1837a264218674b2e729c82f17721edad82d87d0339e30a37c8cb81669777783f43e918a44272148073fd9be18bec881

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64962e69eeffbede9bec72a72bb4b15e
SHA1 4ccb43991ced06ff17a6a0131c235a4de994c821
SHA256 65ba2b62a632449eb8a307073c1c6f2a0ea167de63ca773ac1c4e63485b563ba
SHA512 d5aa96a8e534e11319d894c0699dfeb72f9c9050e131efc60e3a0822eb862a0a5bd2784902e6bfc8b05c3294b330b31e00a28b4653be6dc65ec4ca7582790275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 02a83b30665be601a50562d96d1e74e5
SHA1 00a2c45af5a2867ac4f1f51048ce2049b5296e97
SHA256 c0d656ad0133ff63a4729589b32292ab03fbafee849392e9160c940a34f10e59
SHA512 4444d54239b587146aa3c1ea216490270b09b72ffcbca68f551ed68980b43a564e40b2bb270a275cfa7b1d889e643f33b8f7e838517495eb1d48ec03fa18f6ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9bd8f8675c321fedbd176c8b3e014151
SHA1 116db44da465ee64b9e9f7df5c629c20e48b854a
SHA256 719867daf511d8060b2b3f0f70cc2d148c37767e837395ab195d56a46e085e3d
SHA512 20a005a4e89777c1ced51cf582f035ce412ed4f730b84bd663800bf933dd3ea87a9bf4a2698b5a28ae38c5eaf413af698247e78b317396d56eff61bb0cff4c0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 ebd35f5589cadcac437f36912cbd5770
SHA1 45912ef2c8784ae09876814d1d136bc0077b28cd
SHA256 ed26b73846089245d0dc44bb754be3cb08c6f5671554e9091b84e1bcfaa642ee
SHA512 3523348c8732b76611a850f09ed44cb15bb2a9930da478bbf6d4b15cde2dffba37ae47cc3cd01e4cb9415428abacf67ee4207a4725d4ba4f6d433648b0a0c46e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 21e28b19a80b9ed5ed2d4c3210b81d3e
SHA1 69729a39de2f357912f535bf77198167cc283423
SHA256 7d773bdee1dc61dc849bf3af81efa29647cb104802c33b3251bd9f05274a8466
SHA512 a6d34c823f15a3a1a0f6f2532c626ee5e07fc23c643cddfcea6edc4d68ca8555aa931837d8202e39898238a10a6621d690ed364aef99a8a2a1e6f4173a094f8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 482aafb7652e576e238b4d10d658363e
SHA1 a27c1527bc7a0e56e632aa49b91387725895cbcd
SHA256 7757835765d9911a0c6988f11937fe7cacbf816a0d74ffae90263669d5c47e16
SHA512 25e3b71d7de8ac9fdef0d204c5eff79e4fc4c8ccc82c521707dbfef6c6604a38dc0264298e7babeed6dc77455528bffb06a47e1c53db920dcef4e428cd990ade

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a45ef035e34e888ddc00a21191bd01ea
SHA1 01adb9a1274aca1ff7917e970af2d467388189f9
SHA256 ef6f9b8149e83484335aeb8b1cec807f1b72fe42f03675469b0c3c17fd3080da
SHA512 dc4b0a0d5593d5e9f114b8f29e43f56a48930c89d28f854cf7afcfaad8262639bd5ccb0adfa7ffaca106db69db2a36932c8c6bc05e2d4c8ed4fd23eec638ca5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9dc35af414fea0ad81ba7ee6a7aec3c2
SHA1 0e1474f0d0a3b8f7315f149864ad7edc5c44c6df
SHA256 b26180ed9e63a933fb06f0e83eca5dc68d6515e63c7e8161e1e04496fe1c7a91
SHA512 9edd5d396d251767c76df78953feaf4dabd207ad04e39c81a9465bc0c8ba3630dab8a9d541087fd09430019421dfa005d5af2a839f0504f8a8fa17a93927c33b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 47bd94f2924c77e2cd0d6281e224d315
SHA1 6693b3108fc384c93ada4974eec6aca4933f39aa
SHA256 892f79a98ff32dfcd23521643afc675639c4214faeced171d295a1a96930b345
SHA512 76a882fe15b06a055e2baebd0f5be197707097de197b9a0e7a36b467f7170858086e1523868ffb3dabee75930386c19b320930cb31b795fb641cffe46cad5cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1cd0e61245474b09510d26d2aa3959c0
SHA1 07ab62a18d182239bbb3adcc0d463af0441386d9
SHA256 b4a043a88ea9fb630d99ee83d8ee63961d3ec53450529ccc734f876bf8aae2a2
SHA512 5e871ee4c1ad1e7f7404a5f4ea771655af7d000720b2ac2be0b73d86d253d7b3e69dcc9caa0f71e4ff56a2493e5a3d0b606f4dde904cbae564eefc4ac14875f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\382c3e1d-a8ae-44b3-b1a5-61ad212f032a.tmp

MD5 7095956bd248525ec4d5da4ed52bae1c
SHA1 5f0346be408d9c21342174112e507324675888c1
SHA256 24581e17d47c398af6ec6db3d80bafe2416cf7b1f4fb47288ec03dde5ee64690
SHA512 ddcf59e5d6bcfb425e8526f49158d7d73a93cba73c0870dfce9fe8dd8cbb977c551b2aa4208b1fff25c4982e32a5b15e1dddb865ba15d6755dd1a31331e3b0ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 362108b2bcdaa12b9887f3fe4d02680d
SHA1 eb0dde39aa476285110f24dd180560f605ea2636
SHA256 48223a73066ab30fdc6625b3e44fc4d4613fad21864736b9ff08d9ad62a94ca7
SHA512 5021a3c24d43d0e9aed221334b49d5590f5a373050fd1841e4032abe0260f524f4b2012ce7b2ea5c9d2b8e5f39e74ae1a917f07399e55b0becf7f3f0592e7195

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66277756cd9163850370873c2ce13365
SHA1 360c410567b1e9cb6a38f6187705f585d94b2802
SHA256 9c567f3e5c6c58b90ac50ef492b024993b467ce0549dfb53fc3712d1400630a5
SHA512 8cf8a79a4c05a4d35dc67fb05d46bc65169a0f9259f0d5f7426f85003c7ae64e4545bec91868e68db8dc3b8536dbf367923586c7778a00a557724ce35ad6c356

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a20b38ee724fa2fc3e2514462ce20140
SHA1 76973bc361c530ed4300849a89af3a49b41832d2
SHA256 d37c38ace5cdb67e8b8be60f989546c27df1e38eb43ff80357fdc50d950398fb
SHA512 0eb40905decdccb32b1cd925d72c145dc7c6666353092ee3cc84ef2ef1ddfddb058b35ab67d682af2f0cd3f36853acea1ef921c28b74aac6f624c766a631a200

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35389b81e001e9420bf139ffcaf250e0
SHA1 565c1adce989ee8e7ad19f3a02d91c91d9169d57
SHA256 d39cf373fbc0e301524f7692ed82526ae60bc6d23525c5627b47f3198a734eac
SHA512 57e7832d6ec5fcdb759e8157f49ca8e3b819fa76fe35541acd793f4c8d2ceddf976fb07afa552f4b93341f99305aa6452274303a57f5504c0193efdc36a361c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a9706b7e95422ab2387abf7e9a44c4a0
SHA1 c6a688e40487085e9222cd46227bd0d7df8913fa
SHA256 1f6467571c06480916eecc525d80c326a36220bc7151bb368a6b961419efd5ef
SHA512 e6b6113f84fdc407ee1f55c6ecefa2132214f5f7d52ae4478c1961d4571408557d030b0f2fa48e0e1741d9f46797e7ae24f107986ae11fa992b556cabdb69f17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067

MD5 975845fc8176e258c6e128be6e6edaa9
SHA1 35eff76f16dbe2ed0ba944472f4baddd243e7745
SHA256 4a650c102b8164f5058f9863d499a7afe1a5c808b3feefb1a37c4a1a8d380dc1
SHA512 a324452fef1442882970461fd04cf58b216e8f396bf722d94c101c63b0d8d02507863626a1e4dd234ddee3bf0f5c931d5241c702c9e625095aa38bce438c6a77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 8c8f15c687fa93a291068154ef57268c
SHA1 b2415a78e1a86e7b316d9de1ccc952e83d064331
SHA256 4ba1aeb9bf1e748a09eefab5f829936bb58f1be4d743ccfc7468b1e7100659b6
SHA512 1afdb3e409524ffe02f0df594f354af3b41bd502d1d0711a816a3a047895af5247040566d65380c5de9f2c6cd2ed11f71d954434dd929b6cd9e65563f9a1f957

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9fec39ee0390a65ed4f745e4c29c0621
SHA1 229b8409cfd501809971fa24a884c692a5e95187
SHA256 f94d1272c02eeeb714d38310b594dad57ca1e020c8d42a561cb2f9550a1ee5e8
SHA512 73bc207a1b38ef5384ef99afc3a46a7b6377181c42fd6c6dd08b74feff9820671555a5f40713c3e144264248201f2000a73a5a2af38617c299f79b4e46ab8b9b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 bbbbbc5bcb68c2767330905771de13f2
SHA1 e3dd5f8d637a623ce95ed9bba155af8fb30cf23b
SHA256 497339d7386f42c1cf9ed78c57425a68cdc2595f3833f3af6a05de1334ddcc92
SHA512 9657dcb97277d2cf37eef7d7684be4f37abb538f25a7eef96b651e59b56f8acf4c2ecd48afe65bea983cef39ae2e1f295219fbf6569cce05a03c38d5fa120e64

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1a386ca337bd9cf18008a840e2d72be6
SHA1 d3d15965dea22e746fb12baa29cbeec23dccf282
SHA256 959d14e4919d3a7317f1955bbc35079a3e8d8d117533e68a47067416c3c5a37d
SHA512 034f417d8b3c787105bc4090140e91563c7d34f5f5be048723e73d53b8b10d5d59bca8eb033f73cf86f428f03358e4756fe075df7d8c96cee6a52acf6a8c8be0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69af2f84a73ae654190d4731f1ba38f4
SHA1 f24598927c0252398b8ae1baf78e5823ba758edd
SHA256 a460346ca5141e6b9bc66712c204b3d5a87c13e308d7ffff619ffdc20e6230b7
SHA512 d47a423f5537c5323db231680f085c105a92f3a809ddd67083978b7b0dc573bf970cca7d61a80312420eb1d0ba3e96050c36dc45cd0a766944c65b9c1592e491

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 11f3512798d9e5c9857f9c8dd76d6d0f
SHA1 b8ab7499b6239115a1d9f3da862f3dd7d65f1eae
SHA256 34888cba2aba14c87700105cf058e212afb5230b9e288da9c72eb572042d7ffd
SHA512 d58371da50a77dadbb327e727fc61670ea45fe0d98b9c2a078dda6b819f1b4df965a164b37ec1beb31f9cc3c0f310ad338b8f600b62af8ad135913a041f84dc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67506e7f55b6509034b1405584a89c3f
SHA1 977c61372d72cb5237439650eea0341d64cd688a
SHA256 c7d1e5d17263428173563e5fa158fe64b4cd0a372562f79fca73b646e7b007de
SHA512 04626435b039cf9d5a2e992b7fe606aacdcd556f09ad251a8766949142efe5d40fde3269084331bae00f5864ec327686277e60cb368821319863f84f36930eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 019dcfd06d955e587966638ecc217d7f
SHA1 d869771977b009441ae339d5bb921b977199532e
SHA256 3bef20dde38d5a6ec0b1ae1bfef6f36fb32f43d76d55ab7f1de9979673ad8fbc
SHA512 93a8606bc7295604a16873315608941305dff7cd276b76221f03619f91afcfd231e477d067e58c13724d2e28f14a2a376278d6b77e1767fae405274e6969c8b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aabe41d85aa0d02ed99dc6c56e0f5f2e
SHA1 46df81e892c8e12379ebecf4c913968a16f32458
SHA256 9ed046a0eb8f84c6a2fdcbec0e638524cf721ae253c4303d968d7111f7eec2aa
SHA512 67269f503b2aa95a2d0570c63a41153f6e380065261ba30ae62559cf5f2da5f9029738506bb56754337678264cfaedb646513ab4a048036a8536927eae0a58c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2290b3c8df1ff804c690f47ae4c8cb1
SHA1 53ccbc089c278e4780835c7fc1bb91b3cba7e0ee
SHA256 cb2c93c6a5767350d584ecdcee7efc0cc734e5c913f35428898ec8a4ba541404
SHA512 15877f7a16d23f29b0de2e94b1e083bfad0b3f00bb3b1c9ef2c88dd648ae2a20bd91cc878240e61a16f3f613baa4204f37faa9d25f3ff3842f7588a101ba4a0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f98dcfd27bd15d2023d3169befc826b6
SHA1 eedd2b98f1385f9e80b489aae77dcdd5893cc651
SHA256 5085dc2d7ebf4e5438d7b10301d1824612bcfed3d451aa938c44ad8807b69966
SHA512 40868fb4c767629fdd143e895f5918da02ba34c501ac2f0e40f585b73da82cf513a2723124aebba9d75968014cca09a96b87b10ebe55b0c905f7f96010144037

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d9282a0228486b5_0

MD5 2876bc7a02f5ea3c556919657c516a2e
SHA1 934519ebf4492a3a7d5ac362c21d3b2b87e0e479
SHA256 14ced767b31dcbb061d701fa152c6eb59002dfb9dc0d22c647d7ad6f2cef31f3
SHA512 dabc7b076781390dfd069a3da8e44a496594ba2b9c3b4de3ae4cab6736f4a00547943a7fd09be1d398c2c71beb0553e25febdfb1060b136a1762559157e2d6e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13c8b04b779ea93b_0

MD5 8d740e569102ffb62e9bf4df7ca1715b
SHA1 61115914f9655c9156b83b7ed72a18e7afa5c7ea
SHA256 32a1b2122fe3f699b33fd6cfe0211e1495230a2e1b3c35237d10a4a10202d6eb
SHA512 bda3fca7e00a21a84424473e8c112d4fa8708cc9bd3f3f243d97525f12746699a7a50bad551d1e9a56d622b304c69baccaea468e3428be536f1f5471a6398502

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_x.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11a45c1c3be714087065ffe61f115f98
SHA1 3049f28a3cb7a73d1fadfa8407b91edae63ca18d
SHA256 3a6edb401ffa681ec3a216d16cce72c854ad92d88dd7f747137f8cc5f8766067
SHA512 52ca7659951a8a6ed917c518f1e875b161cf5d5d9993a9560613de773269c1bcdf6c0b4dc82d89bd151fe96a69b1b916ee8b69aefe608c74823f223eaa8fe983

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eddcfb8dd0c77a6fdff58a387f87d809
SHA1 317e317e130f0d10c57eb8958cc147f43e967a15
SHA256 c58286b1cc265043dcde0889eb0a300169dd1d81b8ca4700ee5d9ed37417f5a7
SHA512 d5d1fdb1a710efd5f6ade50c3e8ef8015bba789668f6f8072bcd9dfb0e07bcdf5427a5ccc4116d8c1adb4ff13b4f806be303de08bf73de83a7a0090ca4dbcd5e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 967ac9d84a80e95f9a328aa128dcef50
SHA1 4545374a19c18e179cc579e58e8ef1d11d5d6873
SHA256 942ceb71b96a3ee01d8d90a6de64425cd5f2a11b422b6005766ebe66dff92f21
SHA512 95805bc1e9c7a3844f6c21fd63cb9ffe59362b0e7ae1b3e1a1992bae197ab8a213d982b8908343a2be5531eb639b9684bef9b621205ccbcbbef6469b1370b2fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0c9a9fd9fe550dd3_0

MD5 0166bbf8f71359523fb959b069f90a07
SHA1 dc338273ed93a033d506ef207f316f73299d359d
SHA256 bddf6de67670ad7be633b0d82ba71e99b04037fe2fe15b42fad7db9ae2130bf4
SHA512 b7b6cb08b36208c9cd2711c929b8951c17bb64487529c3a1aff3ef103808c9f350bb943c2f499156e391689f9a32d9d9c90b9dd4c0011eb1b1eaee877839a275

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\474fb059c7dd9684_0

MD5 51f7c55a192e82c240b330d74aef67b9
SHA1 8ef65ce332fcdc05b71c3c7eea97f0d7f967ac84
SHA256 1d15484032fcb4d2141cca19d8b78d1925dcb8e244ebc804a45659ab829eec44
SHA512 dff54b12aba959dc433bbb2aba7ced1cee43db724ea5580d2ef9bae24ae5ace79155631dada22de08ff08958454b03a79e34304f78174e2491489fa653d185bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d2517111f11e41e_0

MD5 ab1f6f20db9592de53fdd453e28856a8
SHA1 3f43096e3271f8f573c354e78db6ad5858b0c1dd
SHA256 988b00b98d051ab3031773b0e7d2b5640d98772091f5159d2c4ffb1c73329a18
SHA512 5df0b1dd711a3a3ebe50bd66092198548b26d81ad58ef735ffc1833b70566feb61ce4c7671225ff36f96545b419beb2ad35ea9beb107d2e416b603617b2ba87c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de87cb1a7e9c1a53_0

MD5 79f9e1f1061d529078c7f2357a8ed2b8
SHA1 bed57a7739efa6b37d23601371603693cdad825b
SHA256 c9e338497ae8b36e47c177dc6dc7ec46d06b42f8b60666c1fc094dee4d8be4ad
SHA512 237fc2ead4f1a0020f3f3171eecb30a6878d1fd24d7d4232d34f058f8a61b32954e3e630b16610ab17081ed71d2e63ccc312ef12ec473ac60993da79ffe93670

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad069da576ba7e10d43f1da4dcbb7fbb
SHA1 47214592cbe4d5190a2825563b58d6ba8173d6f2
SHA256 45111ff5ad4725cc30a0caf5a618aaf93680070539ed5046be3112c833a9d6ed
SHA512 ed2b139f46c8a5eb84c54ae84ce2b3e66a5543f0ceafa8b860f6dfda8ef8c0affe6e891cbe801fc3725b714ea9ccfe3ca9697a1030ed1576bee629c51992ade7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d6f221a34968678b978365c7849a216e
SHA1 e2dbc56420d3412c1c1295a673915802f0a6ed5d
SHA256 81977ba6365a65bd4ec63630969497847cb62acf26ae54e4801c4af250d51601
SHA512 871ffa6c2a10bff23518f9a1ebd67eb84c75aa25f33f53db141dcce98ef4a99700e971f04b7fb6b96ac2fb1bfb308dfb47a5502512b1ad12aba2c01c2511615d

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76356457617bd7185ccc1145f8914052
SHA1 7c954fb191cae3c2db0b6ec8417bfe4129230484
SHA256 956c77e703cfef22c2c05a1958bb695d022a22143f79a931b84b26985c9fb506
SHA512 07acd834a6562946e974914b2e8b6852eb464b5aebccab9741551793e2e8aabf2dba729b9f622a54c098fdfc87793f5f7aee05ff5f32207822ac090afa7ae93a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 07ca55089c5beda7f32cb2cb6721c49c
SHA1 7fc12addf6fd02b1662d918617626f3155a24f99
SHA256 f5731afd315c98bacd75395cfe52292bed376186738e8916b89b2411e0b3bfc6
SHA512 a7689349c1ff40b4f7e9013229e223a3489bf617c12587bc5527020e7e90f67b59a22b45a7e2fffb63b3d566202a236328caca08a21a209c0e48ac5e41840b86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 609b415212021b169c49aa05c9e1159c
SHA1 93e5f842d5d733be5e9fe2892edbfd29d0dfab34
SHA256 203deacd617825a0d4a90c0580550c42e48ed253bee6b2e9f192cdd0f32e0c07
SHA512 d5f8c35a244ffa3879a1d9141dab81edba73eb91f0351d7fd99df69de566bfec7eb91a31d110642d96daf87a251c08a758b7bdfd0609c45931ebc348602300ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bb3cd8ceaf91f8d50182272faa3f7200
SHA1 932b2a89fcb8a1ed33c675ca3bade1e4119bb780
SHA256 0abab23ab5db2626da9a8f8fc1a6d6212e137eec73908cab78078d79cd44b05a
SHA512 20f9a4a22eceba9b29fc0f03737cbe07a3e507357962ed592314cd9770767404a65dc4cbc5d3df187cd493a9eb665a343014f1c224c9b440e90758f9be4ec741

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\PreSignInSettingsConfig.json

MD5 e516a60bc980095e8d156b1a99ab5eee
SHA1 238e243ffc12d4e012fd020c9822703109b987f6
SHA256 543796a1b343b4ebc0285d89cb8eb70667ac7b513da37495e38003704e9d88d7
SHA512 9b51e99ba20e9da56d1acc24a1cf9f9c9dbdeb742bec034e0ff2bc179a60f4aff249f40344f9ddd43229dcdefa1041940f65afb336d46c175ffeff725c638d58

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0TSRVAPX\update100[1].xml

MD5 53244e542ddf6d280a2b03e28f0646b7
SHA1 d9925f810a95880c92974549deead18d56f19c37
SHA256 36a6bd38a8a6f5a75b73caffae5ae66dfabcaefd83da65b493fa881ea8a64e7d
SHA512 4aa71d92ea2c46df86565d97aac75395371d3e17877ab252a297b84dca2ab251d50aaffc62eab9961f0df48de6f12be04a1f4a2cbde75b9ae7bcce6eb5450c62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d63d2c2373bc537dfeb009c6a3d2e0f7
SHA1 46b02ebb0807001549993e1777b289e03049a2b6
SHA256 6d57b78d45b430854937a43aff2015443f80e068fda6f1e84a2db70192ea8638
SHA512 fcc80acac8aee86b8b175ebe5be412035d5bf188fd74f8770eb1b9a6acb945c2fd5cf3091ea3cfe54629fd9b4d7d7273cd5da75aab730a961530239fca989ab4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a9aee1f50f4ef2f9c2fc0c8afca89d4
SHA1 92e4ee3bd9f22fbe0ca3eb85e38926fbc07b7620
SHA256 e339acdff6244062eb12ab0df9947d68b9acfdfeb7c2e9182e16ed840fdd6f2d
SHA512 c35b3508bb3a386163ea51d405f4aa80d4a921aabf26a452dc0c5acc9b7a2bcb601188b0db59b50c9a7500957e6c790ee783840f811549f62d0810ed08299ab8

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

MD5 fb4aa59c92c9b3263eb07e07b91568b5
SHA1 6071a3e3c4338b90d892a8416b6a92fbfe25bb67
SHA256 e70e80dbbc9baba7ddcee70eda1bb8d0e6612dfb1d93827fe7b594a59f3b48b9
SHA512 60aabbe2fd24c04c33e7892eab64f24f8c335a0dd9822eb01adc5459e850769fc200078c5ccee96c1f2013173bc41f5a2023def3f5fe36e380963db034924ace

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\setup\logs\DeviceHealthSummaryConfiguration.ini

MD5 0845b703fd78a92bde4ce5bf59a47169
SHA1 800bc644e92c555b0e81f3138379dbb7ca658eac
SHA256 5c2bb82a96ecaf6bcb2dc3a037104e81af87ee1354108c443c54cb6d967fe755
SHA512 bd3cac3ba44f7b98126b22f68e20ee81d15fe10758831e717a31c0ebe89f7957f209615ec6949c0e713cc0e4098d673fa321b28f2882486a2f3ac30ad296499e

C:\Users\Admin\AppData\Local\Temp\tmp7529.tmp

MD5 5b16ef80abd2b4ace517c4e98f4ff551
SHA1 438806a0256e075239aa8bbec9ba3d3fb634af55
SHA256 bbc70091b3834af5413b9658b07269badd4cae8d96724bf1f7919f6aab595009
SHA512 69a22b063ab92ca7e941b826400c62be41ae0317143387c8aa8c727b5c9ee3528ddd4014de22a2a2e2cbae801cb041fe477d68d2684353cdf6c83d7ee97c43d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb

MD5 dee46781c0389eada0ac9faa177539b6
SHA1 d7641e3d25ac7ac66c2ea72ac7df77b242c909d3
SHA256 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642
SHA512 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini

MD5 cc04d6015cd4395c9b980b280254156e
SHA1 87b176f1330dc08d4ffabe3f7e77da4121c8e749
SHA256 884d272d16605590e511ae50c88842a8ce203a864f56061a3c554f8f8265866e
SHA512 d3cb7853b69649c673814d5738247b5fbaaae5bb7b84e4c7b3ff5c4f1b1a85fc7261a35f0282d79076a9c862e5e1021d31a318d8b2e5a74b80500cb222642940

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.exe

MD5 c2938eb5ff932c2540a1514cc82c197c
SHA1 2d7da1c3bfa4755ba0efec5317260d239cbb51c3
SHA256 5d8273bf98397e4c5053f8f154e5f838c7e8a798b125fcad33cab16e2515b665
SHA512 5deb54462615e39cf7871418871856094031a383e9ad82d5a5993f1e67b7ade7c2217055b657c0d127189792c3bcf6c1fcfbd3c5606f6134adfafcccfa176441

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-100.png

MD5 72747c27b2f2a08700ece584c576af89
SHA1 5301ca4813cd5ff2f8457635bc3c8944c1fb9f33
SHA256 6f028542f6faeaaf1f564eab2605bedb20a2ee72cdd9930bde1a3539344d721b
SHA512 3e7f84d3483a25a52a036bf7fd87aac74ac5af327bb8e4695e39dada60c4d6607d1c04e7769a808be260db2af6e91b789008d276ccc6b7e13c80eb97e2818aba

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-400.png

MD5 e01cdbbd97eebc41c63a280f65db28e9
SHA1 1c2657880dd1ea10caf86bd08312cd832a967be1
SHA256 5cb8fd670585de8a7fc0ceede164847522d287ef17cd48806831ea18a0ceac1f
SHA512 ffd928e289dc0e36fa406f0416fb07c2eb0f3725a9cdbb27225439d75b8582d68705ec508e3c4af1fc4982d06d70ef868cafbfc73a637724dee7f34828d14850

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-200.png

MD5 09773d7bb374aeec469367708fcfe442
SHA1 2bfb6905321c0c1fd35e1b1161d2a7663e5203d6
SHA256 67d1bb54fcb19c174de1936d08b5dbdb31b98cfdd280bcc5122fb0693675e4f2
SHA512 f500ea4a87a24437b60b0dc3ec69fcc5edbc39c2967743ddb41093b824d0845ffddd2df420a12e17e4594df39f63adad5abb69a29f8456fed03045a6b42388bc

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-100.png

MD5 19876b66df75a2c358c37be528f76991
SHA1 181cab3db89f416f343bae9699bf868920240c8b
SHA256 a024fc5dbe0973fd9267229da4ebfd8fc41d73ca27a2055715aafe0efb4f3425
SHA512 78610a040bbbb026a165a5a50dfbaf4208ebef7407660eea1a20e95c30d0d42ef1d13f647802a2f0638443ae2253c49945ebe018c3499ddbf00cfdb1db42ced1

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-125.png

MD5 d03b7edafe4cb7889418f28af439c9c1
SHA1 16822a2ab6a15dda520f28472f6eeddb27f81178
SHA256 a5294e3c7cd855815f8d916849d87bd2357f5165eb4372f248fdf8b988601665
SHA512 59d99f0b9a7813b28bae3ea1ae5bdbbf0d87d32ff621ff20cbe1b900c52bb480c722dd428578dea5d5351cc36f1fa56b2c1712f2724344f026fe534232812962

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png

MD5 3c29933ab3beda6803c4b704fba48c53
SHA1 056fe7770a2ba171a54bd60b3c29c4fbb6d42f0c
SHA256 3a7ef7c0bda402fdaff19a479d6c18577c436a5f4e188da4c058a42ef09a7633
SHA512 09408a000a6fa8046649c61ccef36afa1046869506f019f739f67f5c1c05d2e313b95a60bd43d9be882688df1610ad7979dd9d1f16a2170959b526ebd89b8ef7

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-100.png

MD5 1f156044d43913efd88cad6aa6474d73
SHA1 1f6bd3e15a4bdb052746cf9840bdc13e7e8eda26
SHA256 4e11167708801727891e8dd9257152b7391fc483d46688d61f44b96360f76816
SHA512 df791d7c1e7a580e589613b5a56ba529005162d3564fffd4c8514e6afaa5eccea9cea9e1ac43bd9d74ee3971b2e94d985b103176db592e3c775d5feec7aac6d1

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-150.png

MD5 ed306d8b1c42995188866a80d6b761de
SHA1 eadc119bec9fad65019909e8229584cd6b7e0a2b
SHA256 7e3f35d5eb05435be8d104a2eacf5bace8301853104a4ea4768601c607ddf301
SHA512 972a42f7677d57fcb8c8cb0720b21a6ffe9303ea58dde276cfe2f26ee68fe4cc8ae6d29f3a21a400253de7c0a212edf29981e9e2bca49750b79dd439461c8335

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDriveStandaloneUpdater.exe

MD5 9cdabfbf75fd35e615c9f85fedafce8a
SHA1 57b7fc9bf59cf09a9c19ad0ce0a159746554d682
SHA256 969fbb03015dd9f33baf45f2750e36b77003a7e18c3954fab890cddc94046673
SHA512 348923f497e615a5cd0ed428eb1e30a792dea310585645b721235d48f3f890398ad51d8955c1e483df0a712ba2c0a18ad99b977be64f5ee6768f955b12a4a236

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.VisualElementsManifest.xml

MD5 5ae2d05d894d1a55d9a1e4f593c68969
SHA1 a983584f58d68552e639601538af960a34fa1da7
SHA256 d21077ad0c29a4c939b8c25f1186e2b542d054bb787b1d3210e9cab48ec3080c
SHA512 152949f5b661980f33608a0804dd8c43d70e056ae0336e409006e764664496fef6e60daa09fecb8d74523d3e7928c0dbd5d8272d8be1cf276852d88370954adc

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Resources.pri

MD5 7473be9c7899f2a2da99d09c596b2d6d
SHA1 0f76063651fe45bbc0b5c0532ad87d7dc7dc53ac
SHA256 e1252527bc066da6838344d49660e4c6ff2d1ddfda036c5ec19b07fdfb90c8c3
SHA512 a4a5c97856e314eedbad38411f250d139a668c2256d917788697c8a009d5408d559772e0836713853704e6a3755601ae7ee433e07a34bd0e7f130a3e28729c45

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-400.png

MD5 096d0e769212718b8de5237b3427aacc
SHA1 4b912a0f2192f44824057832d9bb08c1a2c76e72
SHA256 9a0b901e97abe02036c782eb6a2471e18160b89fd5141a5a9909f0baab67b1ef
SHA512 99eb3d67e1a05ffa440e70b7e053b7d32e84326671b0b9d2fcfcea2633b8566155477b2a226521bf860b471c5926f8e1f8e3a52676cacb41b40e2b97cb3c1173

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-200.png

MD5 d9d00ecb4bb933cdbb0cd1b5d511dcf5
SHA1 4e41b1eda56c4ebe5534eb49e826289ebff99dd9
SHA256 85823f7a5a4ebf8274f790a88b981e92ede57bde0ba804f00b03416ee4feda89
SHA512 8b53dec59bba8b4033e5c6b2ff77f9ba6b929c412000184928978f13b475cd691a854fee7d55026e48eab8ac84cf34fc7cb38e3766bbf743cf07c4d59afb98f4

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-125.png

MD5 09f3f8485e79f57f0a34abd5a67898ca
SHA1 e68ae5685d5442c1b7acc567dc0b1939cad5f41a
SHA256 69e432d1eec44bed4aad35f72a912e1f0036a4b501a50aec401c9fa260a523e3
SHA512 0eafeaf735cedc322719049db6325ccbf5e92de229cace927b78a08317e842261b7adbda03ec192f71ee36e35eb9bf9624589de01beaec2c5597a605fc224130

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png

MD5 22e17842b11cd1cb17b24aa743a74e67
SHA1 f230cb9e5a6cb027e6561fabf11a909aa3ba0207
SHA256 9833b80def72b73fca150af17d4b98c8cd484401f0e2d44320ecd75b5bb57c42
SHA512 8332fc72cd411f9d9fd65950d58bf6440563dc4bd5ce3622775306575802e20c967f0ee6bab2092769a11e2a4ea228dab91a02534beeb8afde8239dd2b90f23a

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png

MD5 552b0304f2e25a1283709ad56c4b1a85
SHA1 92a9d0d795852ec45beae1d08f8327d02de8994e
SHA256 262b9a30bb8db4fc59b5bc348aa3813c75e113066a087135d0946ad916f72535
SHA512 9559895b66ef533486f43274f7346ad3059c15f735c9ce5351adf1403c95c2b787372153d4827b03b6eb530f75efcf9ae89db1e9c69189e86d6383138ab9c839

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png

MD5 2c7a9e323a69409f4b13b1c3244074c4
SHA1 3c77c1b013691fa3bdff5677c3a31b355d3e2205
SHA256 8efeacefb92d64dfb1c4df2568165df6436777f176accfd24f4f7970605d16c2
SHA512 087c12e225c1d791d7ad0bf7d3544b4bed8c4fb0daaa02aee0e379badae8954fe6120d61fdf1a11007cbcdb238b5a02c54f429b6cc692a145aa8fbd220c0cb2d

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png

MD5 f4e9f958ed6436aef6d16ee6868fa657
SHA1 b14bc7aaca388f29570825010ebc17ca577b292f
SHA256 292cac291af7b45f12404f968759afc7145b2189e778b14d681449132b14f06b
SHA512 cd5d78317e82127e9a62366fd33d5420a6f25d0a6e55552335e64dc39932238abd707fe75d4f62472bc28a388d32b70ff08b6aa366c092a7ace3367896a2bd98

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-400.png

MD5 e593676ee86a6183082112df974a4706
SHA1 c4e91440312dea1f89777c2856cb11e45d95fe55
SHA256 deb0ec0ee8f1c4f7ea4de2c28ff85087ee5ff8c7e3036c3b0a66d84bae32b6bb
SHA512 11d7ed45f461f44fa566449bb50bcfce35f73fc775744c2d45ea80aeb364fe40a68a731a2152f10edc059dea16b8bab9c9a47da0c9ffe3d954f57da0ff714681

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-200.png

MD5 13e6baac125114e87f50c21017b9e010
SHA1 561c84f767537d71c901a23a061213cf03b27a58
SHA256 3384357b6110f418b175e2f0910cffe588c847c8e55f2fe3572d82999a62c18e
SHA512 673c3bec7c2cd99c07ebfca0f4ab14cd6341086c8702fe9e8b5028aed0174398d7c8a94583da40c32cd0934d784062ad6db71f49391f64122459f8bb00222e08

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-150.png

MD5 a23c55ae34e1b8d81aa34514ea792540
SHA1 3b539dfb299d00b93525144fd2afd7dd9ba4ccbf
SHA256 3df4590386671e0d6fee7108e457eb805370a189f5fdfeaf2f2c32d5adc76abd
SHA512 1423a2534ae71174f34ee527fe3a0db38480a869cac50b08b60a2140b5587b3944967a95016f0b00e3ca9ced1f1452c613bb76c34d7ebd386290667084bce77d

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-100.png

MD5 57a6876000151c4303f99e9a05ab4265
SHA1 1a63d3dd2b8bdc0061660d4add5a5b9af0ff0794
SHA256 8acbdd41252595b7410ca2ed438d6d8ede10bd17fe3a18705eedc65f46e4c1c4
SHA512 c6a2a9124bc6bcf70d2977aaca7e3060380a4d9428a624cc6e5624c75ebb6d6993c6186651d4e54edf32f3491d413714ef97a4cdc42bae94045cd804f0ad7cba

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-400.png

MD5 adbbeb01272c8d8b14977481108400d6
SHA1 1cc6868eec36764b249de193f0ce44787ba9dd45
SHA256 9250ef25efc2a9765cf1126524256fdfc963c8687edfdc4a2ecde50d748ada85
SHA512 c15951cf2dc076ed508665cd7dac2251c8966c1550b78549b926e98c01899ad825535001bd65eeb2f8680cd6753cd47e95606ecf453919f5827ed12bca062887

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-200.png

MD5 f1c75409c9a1b823e846cc746903e12c
SHA1 f0e1f0cf35369544d88d8a2785570f55f6024779
SHA256 fba9104432cbb8ebbd45c18ef1ba46a45dd374773e5aa37d411bb023ded8efd6
SHA512 ed72eb547e0c03776f32e07191ce7022d08d4bcc66e7abca4772cdd8c22d8e7a423577805a4925c5e804ed6c15395f3df8aac7af62f1129e4982685d7e46bd85

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-150.png

MD5 de5ba8348a73164c66750f70f4b59663
SHA1 1d7a04b74bd36ecac2f5dae6921465fc27812fec
SHA256 a0bbe33b798c3adac36396e877908874cffaadb240244095c68dff840dcbbf73
SHA512 85197e0b13a1ae48f51660525557cceaeed7d893dd081939f62e6e8921bb036c6501d3bb41250649048a286ff6bac6c9c1a426d2f58f3e3b41521db26ef6a17c

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-125.png

MD5 8347d6f79f819fcf91e0c9d3791d6861
SHA1 5591cf408f0adaa3b86a5a30b0112863ec3d6d28
SHA256 e8b30bfcee8041f1a70e61ca46764416fd1df2e6086ba4c280bfa2220c226750
SHA512 9f658bc77131f4ac4f730ed56a44a406e09a3ceec215b7a0b2ed42d019d8b13d89ab117affb547a5107b5a84feb330329dc15e14644f2b52122acb063f2ba550

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-150.png

MD5 771bc7583fe704745a763cd3f46d75d2
SHA1 e38f9d7466eefc6d3d2aaa327f1bd42c5a5c7752
SHA256 36a6aad9a9947ab3f6ac6af900192f5a55870d798bca70c46770ccf2108fd62d
SHA512 959ea603abec708895b7f4ef0639c3f2d270cfdd38d77ac9bab8289918cbd4dbac3c36c11bb52c6f01b0adae597b647bb784bba513d77875979270f4962b7884

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-125.png

MD5 b83ac69831fd735d5f3811cc214c7c43
SHA1 5b549067fdd64dcb425b88fabe1b1ca46a9a8124
SHA256 cbdcf248f8a0fcd583b475562a7cdcb58f8d01236c7d06e4cdbfe28e08b2a185
SHA512 4b2ee6b3987c048ab7cc827879b38fb3c216dab8e794239d189d1ba71122a74fdaa90336e2ea33abd06ba04f37ded967eb98fd742a02463b6eb68ab917155600

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe

MD5 57bd9bd545af2b0f2ce14a33ca57ece9
SHA1 15b4b5afff9abba2de64cbd4f0989f1b2fbc4bf1
SHA256 a3a4b648e4dcf3a4e5f7d13cc3d21b0353e496da75f83246cc8a15fada463bdf
SHA512 d134f9881312ddbd0d61f39fd62af5443a4947d3de010fef3b0f6ebf17829bd4c2f13f6299d2a7aad35c868bb451ef6991c5093c2809e6be791f05f137324b39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7025cfcc18dc02d910360a4bf014c46b
SHA1 4eb5056c54e724a2290a2fab638d3b2f8440beb0
SHA256 d7f6b52d9ffdcd8921aec224197f9aa96bbb928dca5a3659efb15dc8cbd49ed5
SHA512 8d15e9a3779fc8be523c85b4b627b5eeb731ec42dbb63c778537be5765191efc096223988be45fc9494537193134b04985525918cce80ea6ec94e7344fedb771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05f2a5ef98ae11b7f27d14c55ad05ffb
SHA1 2d80be00d8c36f7e9385ce4d5df4de5e1143f1a4
SHA256 1d9c4bb6c610a665a0db8e78947d6c08fbecba158e2e340a078abee1b370f7a2
SHA512 a6dcde5d701339952e1347a5bacae7a214c9d5e4afd947051affd396a382fb0ab54817bd4c2e0c93931507c7e58ba7f38988242bd1aeaabedd4ff5c190a92fc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d316c283fbc277c5758e6fffa6c40b83
SHA1 8eaa253c15cbbaeaf981bb6df1a715f3ce2b2c57
SHA256 02d1690342ea9b63b3e4d4f98dc66ac6ec4650333e60e71a5d0a2e086db412f2
SHA512 90fb6c7fca74a2db0747e21fad7b8e442db75f3a7b11b6dd09212a85ae329fb1aa99a97e75a6499e9824d0721e0a357121fb4ac0ba539edc31bb58012a5c30db

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini

MD5 03f660a610132596c373401da8ab1d41
SHA1 77ddcd028fdad65cb1a63446d507fc0396e3d1c0
SHA256 cc254b312d2d5c95e0b7c6f1ddc077493238e0b6da28589f121ff18b772fa251
SHA512 8b259ce7fdcc5a24124890f2cd65f87cf8b43542c112a92185f6afa2f12f9643db186b9abaa125c5f5f3b8bd48361368b8b5168fc6ba691563bfcdb59174db6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bf61df0cf3f6dcc6b9e251ca93bcdb2b
SHA1 dd3e34016e0511628b7435c4eabb07f42c7b8e3b
SHA256 953124ace917f50b211cc46671d556e0d313f64a005618f9237edd4ae66bba84
SHA512 46f8bba521d5a23ef57f449fa88721391fc7bc0d55e0be728ad5c48ae0924d2f47fb6dbded2b564f4aac88ca2ef008990800c030c5f45df1918db8b301dcef9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be4eddf24c794104c2644d5d2cbbd842
SHA1 32f6265f496254af2942b069e769229c84178442
SHA256 e76b4d4d8746f3640ef2a47c96815a568ac79fba0ef0fc1bc22ec058e5eba1e9
SHA512 66633a40a0c4de2a265682fc8cb0315258681b0c39fad4aff76482f698a7437639f97139ac69c7fdd1a655dd65e0eff4ad77e69a39c2fa734acd67df4dddee67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a11764f08a3fcd28a5d8039dbd68e486
SHA1 bfa697ef2892d296ad888640b04a576ab12e4329
SHA256 5d499184ab9d3fd708d295e98b79b86d2bfa21d2be78c5714e9eaac59874e136
SHA512 223b6d55be9dd68c6f7e4658bc032a2c8e69280b9ec12210c893a449d84fcc4b16f17e62daab53826345d4d62e0ce25db6a7ca62c1eef2d11fe3fc23e1ab190b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\5\CacheStorage\index.txt

MD5 045f4b9f05286e858b91597a00ce5115
SHA1 c1b4b36fabcd626fa081979a8a1f19b9e4ced0d2
SHA256 33b09500cd590f25006943acaff157242b7b09a8aefb7e74cda1b567bfa0554e
SHA512 8d007219565d12162cfccceaebe93e406365b8d209f1f560ce4c880cae1b3902e3b9d51bd68ae5c953462b26f02254530ce1af41e87c9d4379fc38e0e4a56907

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\5\CacheStorage\index.txt~RFe60133e.TMP

MD5 b23ea0cb759eb2240caaa4f95d76ae81
SHA1 4f687f0bdf7f2e5c27e6482d8fa49af2c8bd4dfa
SHA256 bf03a2d93963d59b9ae085ea1ab6354bf6cf1887218cfb5b6f71a051ee4ec68f
SHA512 066648254feb7b1b26c5f6de1c82007d7b57a95158acbdf915a3dd1f15316372df339ae3892ef9c7be7e536816124fe20be32a4801dc388002c878587e100a0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a060f6005719b8120a67b5c83b329d5a
SHA1 bdca76ea8600bbd6e4b99bcbf084c130e1f3506e
SHA256 caf27ce2d5734366d8d9145360a7d7c73ed72ca3e5354967daca023d6f6c5663
SHA512 8979a636ae4abf57ff9da62ecd4faf69b448dc986371697516b46604ca65f7b97fde8d86a6ea991a46bd225bcd0619e0f93eedb2309df2979df44e959092078d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d84ab2ec26cc887ce329910da25aac78
SHA1 c599765a1a0b8051e4103b8548ae97689ab1902a
SHA256 4dc7cf846ae4cfb1ef9833f2e5f7b354d67a173e2434eb09937b4e96c5c82b33
SHA512 2a43224d9d00638b36a810087996e7c404bd97438cac5ed6678428a7333c696f327bb3c906b54e6ae53791394cb42a8667c8027814e4720005fb245c9c256dcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 460832644d5ef2fd9b336088d9e50816
SHA1 4ac9ccbcd0b8d491bd6fe9fafe7310583302fc35
SHA256 edcc6000179c1acddcb10976540b94d6dc4841974e3f61534f49513fd4bd0c16
SHA512 09d7cf548bddc7c5bf6b8bf3f93136752227f88e4271f94dba6cd4d8166c88bf89c736a1169cd06cf831d3123289d30027131e5fe67bb4cdef1ba0ef3e50da78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe60206d.TMP

MD5 e8e09fd69ad9fe5fcb9cc216da03a416
SHA1 da0b7ef2584f1949f41a0976499fe5297d628ea8
SHA256 564c5eeff95e6aa0f61e5989daf60c28f2261f513357bd513b4d2cb829225bd3
SHA512 4ba965f4f6e23b488f93f0ca50a433a8a51f627fc52dc96e5f0a5b7ca04e25f5f8bba936e003f355737c19f34b877a79f0e628c60142ae09c39980775778d3cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3152_1696725764\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 206fd9669027c437a36fbf7d73657db7
SHA1 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5
SHA256 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18
SHA512 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 529a0ad2f85dff6370e98e206ecb6ef9
SHA1 7a4ff97f02962afeca94f1815168f41ba54b0691
SHA256 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6
SHA512 d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a5872a83-0b66-4c3b-92d7-692cb0d96744\index-dir\the-real-index

MD5 ec20f82b7bc778d007c0d8a1be442e0f
SHA1 3a46e8eb9c709e983edcc94a14cf026ef96db588
SHA256 7176c6839ff4133e2db6a6013cee9bb64a0fc3e5bfd5a72d3ed143f854b0c544
SHA512 7f9b0ae3302a28f7526aeceb4e7533902d3b804db10420c2faeac09364df1dc65d08f4cc7d0b83e9c9b35cf99e262ae6d1dd1d0a269d075ebc1fb012b00dc47f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a5872a83-0b66-4c3b-92d7-692cb0d96744\index-dir\the-real-index~RFe602dfa.TMP

MD5 0fd040e070847c99b60a21ffa3708c5f
SHA1 696926d8474df9493a54d434c5ba10a702eaa15a
SHA256 4a63b788e110d1e1925bceba2ea27aa977da012762eadb9727a856a52722b91e
SHA512 570cdf5f38d7b1f519028791b5b0302ec23927c23f755188c097ffb0535f567a90e680f5dce3a4cf4d525725c352ed2696ae14519be3416fd96a20375257b53a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102

MD5 d51156aefe1bb617bea2b80267421bf6
SHA1 21f5fb668da9d0a0b6b71f2c4f4c2b6ceada50d2
SHA256 add2bee75d3c9389bfe4ccafa5f08a9f1d3ab2f644c7ea02255070479d09bc72
SHA512 fdcf53ba59bc5e72954c6f13183e248354fbf6be8a51ee4bb7f4c9d01ca39c27c1eeed184572900caa4f48d279acd2b1c3ae0878285a46832f0724093898d8df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 efdb59c81849aeb613575146ee20c4f4
SHA1 7a2d45a98d0bb85b7d27b8c6806ae9f773258858
SHA256 98c0519a5daa6216041523b4200b22746fb8f03419765f5d8524f8a8afc2fecd
SHA512 76541fa984872468db7995e79cff223c3e167a2740390817087cb713f21fe14bf5a7bba3389f3ea4733f8252b46d2565faa05ea89ee82de58e954429f976e08e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cb014a1ac79d143e3b6837b32ec72f81
SHA1 2019f6c95065c214df8e5b84991fe118c86d8297
SHA256 2d11147a2778361b8e6e536c3297ee3a01f9b86bbe1540e31e403aa04f435f06
SHA512 efa0080f875f51f845ceaa1ca6b55146fd90483850aed3d2d6b8bd3bab33c4ce6bc1d561826867e6219ffd8ee8312e212aae01dcfc39bfb00ba80207c76b18d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2978fc0cc1ad21d5eac0f8f27197b095
SHA1 a6cdd200f969eef500c12932e84d304937c7dbb4
SHA256 4c4607c6f323b17930cc2e29b145bac887689b52b34238584ccdd69928328656
SHA512 d4ab6d0eb7a7d5f2d5ac0fcaccfb2bbd507d179455a377b5ce3962e51fcafe2ff4be84084f4d0ba50bdaf413681163d529d0eadb64cb3f77ef5f88dacb3d76c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 219a0f7f235ebabf015394dbb4e4c7e1
SHA1 487dcdb5fbf077bb0c72354371173b8dc47144e4
SHA256 2ecc9c29444816c9b197056e2b364d105f708bc848826f73ff97a13dac67f94d
SHA512 1d1aa0c25374640870778b00c8e92b9c55221e7ff4e5cda595369c0ad2ae3bc96208f9af8289127447b69e5763e5d91aa161e621ddb86202ac4c802dbebdf91d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c93f3b813daf0db08d91fb93e7c922d5
SHA1 3f2a73f00acd4235100868cc96288d1972ac97d2
SHA256 a34849d24f2236fcc6a11ae7172b78c98bcbd4e11617ff7a85103821b852f549
SHA512 522d81af0b6a09d1dd15e53d585dfb1d983a15ab54b78a05e1e6f875b72aaa1b6d197d8f3d7a97d08c3422c81a6f966336a71cc721852eda28e0d3a4265d7359

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100

MD5 8b7e7b8c23b3258a2797eff7ee34f466
SHA1 c14bcce1022711ea331bbe8f36934dd7a668b1e5
SHA256 1101c3511b7b6e02a37264660514fb7cb52983b3c878c83073cc62914a446aff
SHA512 868dba59ad30dee43d80dab8f0c73993157f94f34dcad866235b51e506af92a4344c601c3537dc13e2cf192671cb09eb1496550fc9c7b28593d176c7b6842dbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe

MD5 1183ace68690f4de0c3571f4ed05cc57
SHA1 bd7478a0244ec28985db90d59e72604c687fcf1e
SHA256 87a41d8b8a5ea4808d65574908b2c63e0b925b06a8e2809b69b9c204f235f62c
SHA512 0a82d1ed585d014a25ca4ff3af2e64e83f3a529352a8893b24f4f1150a495de45906430e0ec0bbf0b91ac62e94c80985ad64dea2df45fb8ae2a7621be2dd5d9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000103

MD5 69dbd6ee16d8fa653ad807bd7aaadaaa
SHA1 93996849f6cbcb1de0b9b49036a3e294ed7bf1b5
SHA256 d2f65062d74e0e67e6c84f55446442fa94b57685dbfff614f496538154d835f6
SHA512 aed0786f5ac60d1ac1d2ff6789e1713eca04a5e6f78e2d7da689854bbaa2d5c0e1dad4cfe68b07e65dd1d43ae78d3614006256da8b95a8d6af33233973c38eb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98752a650a9f2aa659cd2801254f072d
SHA1 c070e1f5845efb0e7314b25821897c1ddbbd49b2
SHA256 2f89ce60c4fb2a5f031ec39ba59b72d0b7560d0fb959a1a6dafc838de190dd0f
SHA512 740885cda37185b02cfbfed2ae66f592125861b09cd9c682df3de5289294fde13240207a53e10966c0c5654207ae56f121ffb3e10608698070279f84292bfa27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000101

MD5 401424dec575b5bd40fcdf3d8e156bf9
SHA1 fc7051e7c9c855a7d396e2d6eaddaadc2c2335bd
SHA256 014e7cd2d67b5573a78c65ad805f7ab1ddf085f5b23ee6fe73af8d8f49b4ad89
SHA512 4a59e0b1a6326914570f75af0344f5da1cb64c053a928916b648e318dc232ed0e1cd4ccfcb053dd29405395203b7292c45c8dbc2deccd82e1081b55374e2640f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd

MD5 18a64802714cd620582e3070cfe247b6
SHA1 8b07b5a18b9378816ad4ea50545aae6c28796262
SHA256 c920432f90cdfb91ca4074cf59d22871407e1d2ac429b95c5ca46690ea4314f2
SHA512 f8a66354bf3b6ac887994f48e84d5d35fa38684c0c621f90fc9c846074518ddec7e3f89ca6a924456c1f54f8323ed2d5649893bc2d62061724e281a9a9028ab9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 059c2eaeef57e2e0105a65df134dcbc8
SHA1 bca8f424c1bfbadce97526a7c1bdfbeb8d1f6a65
SHA256 d555b40155087713f5521ee2f94df9d0d4eb8a190ec8dc411f6950554eafef5a
SHA512 39eaf3470aeceded72e870b69ee2b69d5d953f8b0c958473ead472e10a1d1d1b70758344f5fed9a66921a00c831e3c84d37855a6a83776d923cc3fdbad5ba885

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8951754afa7ff02d8aed4f1d110b913
SHA1 c2122c53c525cb302ab28fe41a5b1913fadfcb0b
SHA256 e1b36b30039bd3acc2ec05623a80b095807cc8e83b44c5fe2a3652807a47be4c
SHA512 6ab75e80ecc032994dfdbad15de1cbbba9f5b9aba30b287a492571b7c7ee555c4931d92714dda543ec667b5fbaed923b6558b94bdd71cbf7d004976f885a7647

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 62cb308d796c400cccc5025b21337949
SHA1 ca6c3ad1c84da540e277b921762fdd8a0ea57ad7
SHA256 b30bf1045298230e12e2e2ae6926a5beefd076ee64e876152d1e20b777240878
SHA512 de378a9bd6eda2083f8694106ab3baf9623ef04e2a63eb1f1b11574f6a1ef50c40cf4dcff181120d0b7f7398cffc1338d1a5a15d706df1f61e6fbc535631ca74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4e9c0f59371c148f20132ab42b7feafd
SHA1 a8058ca8385558c30699815833e056bbaade25b2
SHA256 41a7e9de0c94f7501df55cf9b39c4aa22435c6254191d45594cd48de22fb58df
SHA512 11690ad7f679f782cd799acf94f76e2fb94807525a0e0dc11de6fe798c03b0fd81be7e64f147474f79cc835b868b34ca373086448eb9cb83a3905e42915b69cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index-dir\the-real-index~RFe608e69.TMP

MD5 9e549491d4f10746435d906bfbb2b0e7
SHA1 726302740dbee6c5bc5b5f2b5f40d8aeb54977e2
SHA256 d883e95e514f9b9d260f819424d2dce3fdcbf5602e8a365e6fc1633a0206a23d
SHA512 c064d7074456e250f1e295998592ff6bf6d6c27e67f8797853715579e636c29944ce9bfe7e211a45b9b3b9f860cf30314503d7b26bd8905346b0cc712d278e26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index-dir\the-real-index

MD5 d1f8622e574c0c2825ff63a8d255ea48
SHA1 f165bd9b10bb78bc5e6f305c4c9cc286639fc232
SHA256 3971094f1eba441ee2b05353d40a61095747ad1e140016b7dbaa0119c56a1b81
SHA512 66652d202e55ccc4b33882f65763f7f39341db8748e3c55d514485fc29f3cd34ba8e4ffde76b4e4d3ce88db4be039ec569196044736d848b81ddc9fa218c71bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c24e9ed5-93b8-4931-99e2-051d2d4b2760\index-dir\the-real-index~RFe6090ab.TMP

MD5 fc44cdf887d04447724e95553b07bf03
SHA1 70c34a9e75fff00050abd2e3cc80ae637cb66ac3
SHA256 687398c78c2ef153ade3ef6fe98237807fab4898200a8aa47dd9f56aaa76df3d
SHA512 472fe880db5b04ae53799cc05202d93276dceca73e2c7295a844d0a6acd9bf4576aa19ff1db432f57303d415e485e6bcbf72a5cfd9b67b7adb14a6849f4f46f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c24e9ed5-93b8-4931-99e2-051d2d4b2760\index-dir\the-real-index

MD5 91ae4100fb51b6b4a6252857503520ae
SHA1 de89a86470fa43ab5f178c8e810aae41288af719
SHA256 6ba80ce489cad385b5f28ef4665280b9d01eda56393fa3dcddf7e671df615cdd
SHA512 1d3d05c2efd258a31800f06762d10ac94d4b342ff0c0c3869896259c7d06f3a0f7462abd46e417602aeaa6a9cf72d1de62e1957242bc22de7b02d227d97435c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 47f52a0964543941950a79a81d5512bd
SHA1 28b906e30102501037c9246948db3d36042187cc
SHA256 4b5a75a10f4155c4eb5aab9b8705e72de2a83ee7688247f57d8261148eec727d
SHA512 77897390e1b92b7c991f68efaf74dc78f0f8ce9eb190316713c2b5f2bf7c0779e1a6e7ff433af0e74f49efb503a5e2a9146b122f6bf4088c693dbceb8b6dcf4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1a00fce741dcfe2f9c84737cfde35b1
SHA1 bfd1d3dce3769fbe2bd6e27171b198e68d0a5955
SHA256 acfbe43bec859114bd1aaad8984e0193bbc01f54dcb4cb6d62ee0fbe01e4f422
SHA512 ad7b2daeadb9326b1354c5a306ea241251eadc5495a6a957cf9443f193b28d742cddab06a8d6f99d689f1f430c36be9b6fbedc02610db7de78f186863d3babf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6272bfab20eae850f5f6c9c491e86b6d
SHA1 1e21d6468a1dbcfffa9a610d5352c2251e304778
SHA256 c14b46e314545ba14aba880b02d8d0a79bf6d08f06708805dca90a0f65d02527
SHA512 c6b8165cd8d0356a22957a5d1d30838b1cb92015970d604851610f7fbfd96787f8cb4d5a0e7824917d8269a3d372ad2f15ea6c2cd73bbbeab166d51af5e3bb11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 a2c1329af61b89d2626d17fe1a05c176
SHA1 04521a846c2ae03e380f504c9354d70d2d23ca6e
SHA256 0e8ccd0e160dfc600f201146a16823605acb475bc4e7ef8c2db42a211acf3106
SHA512 f27426241a1ea73822984788c42efb97100628aa67eebcbadd6a3f5b7d79b044a08c9c07dc270c2d702cc89ef70c5c112c49fd8ec934a7aaa09ca96e1785b7c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4457edbee35f574606b8e068bff2878b
SHA1 db22791b50a4a9b839db60b3560b7fe5f2cf0e85
SHA256 de82ccbcb2eeceae854925b8891187058b203e29058192dba5f56028288557d9
SHA512 605b31eeedd938579e07840edbb12d31741faec76b81c439b4d39febdeef3074910e59925da2d1c164e511450b89934a31207ce29cdaa064f96a74d219285799

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dbc8662f73a90f5fe062ef14fdc50377
SHA1 3c150578af86819ecb392277899df2eb03a4e852
SHA256 082cef5c285c9fe9a46dc7b88e68cb0ec98de023ec38ce15bc62026e8422cb38
SHA512 623374374e59c94d375c9c9bfa320f461fce994fb7c1b376b139ae1ebd9f3bb05683fbe8cb6b45173242d5a05c724f10b7308a390b758a36601c6d9cbb400b71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 459c222da884bdca200e07b22969f19f
SHA1 cfecd440dfb0d4daf2e8b8b264d5bcc25138fcee
SHA256 4fd3a160e610fc931ef0eaff77bf5e7275a6a3b83b1f6bf94417c3ceefda5634
SHA512 48602c0fcd99ffe11986f3c9fd64014fb17a2144115ee085105190b7a70455a0e5ab2439fc3d9d4cf06b6ea50a1421f43cfb6188caaf8f94ce497ff6a769d24a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3e30ba3b28754f6acd72ec4545d6c619
SHA1 77864282cb88a6a1089a4b2a512a8bd0b31433e6
SHA256 d40d37938b142919c400b2af345c19a677bf3147a48980003d0fc523c72e8482
SHA512 d274adabd3b9b6e90acdfe6b1818d0403933ef78aa815b688ca78979b3a64b8c4c00a1c321663c8f419fda4a34284827dc5e111ce594cffbab680a69b8821941

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d995dd24bece962389a8a80930072710
SHA1 01b4e55a5881d6971cfa0e73ebe8647ce44d1e5d
SHA256 a0ed28a940e1cff9d76a94fd910ce1f37ba09391419fdc6eb60411e09ad7774b
SHA512 f2bd2d2b725e0130da7c0ad6b3abefa0e32cc258d53fe1288fdff88c4ac5da5ecfafd5c51deb774a32a6389f1486b995befcc94f568e67b8639583974d58bf99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9adbeffc66fff421c2a72f32f558ac58
SHA1 a26a41030b40078a9cdedccfdff0fe79a04abd4b
SHA256 bab27aedef761e55ff2ce57ef348c98a065285927476d675442940fd4a2e9917
SHA512 b36f8c3f9781edbaa7eb8c3038d9b4a89b52c703228adebea914455921ecb0857ea2dd8186dc3530389f5853ef82990fd15742649bd337e054e51d2cec689424

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f234b01b9ea2e61742b7d891db1b2d7c
SHA1 0d42406d856bd1242ab69e0ea4c3793a6d9d2307
SHA256 517c75b4c45d80313dd7c5bee3ed0e6aeb408d1a62208d46b9b4035ce1630fc2
SHA512 086f2407e15f4e6861130fe690afbad81db80483e152a37ea7389a58d4344a005ddc447eeebd07013f5a884ec926342aaa8f9535aa6238635391468b2ec53156

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d29309b4f3a44533dd87e83224b6ffe5
SHA1 8ad3a1d4fb4d5e62c7f3d54d735c5c0769baff7a
SHA256 68a21a55051d946ef5d8c37cfd3d3143601bf1dcd6fca1a7ec9e6babc76e0bcc
SHA512 68003775e99ff317d63b224ba9d48ec604f6119c36a850b5aa1563e4ce8198a7562f938845da7433e27c6d4be4d526e018a1a63ef2db4c06c59e83c9d3004771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 70aaa19f7b79239ba1718ae804296fb0
SHA1 69226b5661c8a53aa02ada9510a6ecfe4c70bb48
SHA256 60cc3889a244c77bfd085069ecb547c9764d2bc468d84bf84104e23bee4d6ea9
SHA512 c2a464c82082b21bccf95800a12428d1f0a41119fff8ec27070de421fba02bcb85636931e041c0af0df602624e60a470842df092a54b222c89396d449c2d71b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 65f7a73960648e77ae9d3819b1bd7324
SHA1 c44fe8293eddb120c213bf7a59cafb82f647e0ad
SHA256 a3105d84fd212713a557910c8bd6a403251db4e4527b68bab67208dc77dc91fb
SHA512 8274cb7ad4f883469d8e6eebeeec531ccbb94e3fee9149777a6ad781a9bbacd4966f2c95230f70a41a737c4393d2da0260e35bc2b756fcbf4ba0e737fa4ffbe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5e991bbb647200d729bfd4ea4426f33
SHA1 4057f2697c72760c3e927485d14b2ec5c1f3b321
SHA256 786958a762432de04e5b3f835d33d056f345189d1f8798f94818e6910692b3e2
SHA512 22ccb61109e21cc496b5b21c401552b5f9f72dc32076248a98609e9dd12011051120748727aac2bb5692c0d355f482e29f656dbee92720e85b2c13e33c14e53e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 719ddb9d53bea279b38790614c55de8f
SHA1 f87173d5f943c08a851cc2df7a0cdd0f8ede357c
SHA256 147877be2691fb373125f3dbc7d1705333009698b586ac775c10a12dece22b02
SHA512 2e07efa5ac71bbe53badd776e44dd25f5d811429a380f2e1b078a06043c92eda159ac10808543a18788aca1a1d5ec522d322c7f48a8b32f33ae9cdb734421ce7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 858e08b7e2dd14970bd66d9d146023af
SHA1 cb628108cf0534e5c16728c7fde1a98fb5994c11
SHA256 1738dbf3309c7d37f44358d23931b52481b73b8e4272028f66c80e75d95412f4
SHA512 964f84d2e4420f68af4d923edea3d1dee275f54f55333276fed94cdd5060bf4e226e87c94d4babce7b5f512caf11242c9abcc73e1cba1bf02288d41bfebd3ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b3da6134009b874cf2ba1271326bb4a
SHA1 549d3bab4ce6ab2b27fb3a60896e841192d03fbf
SHA256 79314f83018a48e463237ec197e2be003142fdf940876db7ebd7875268b930f6
SHA512 2044b1b2c5b101baa0be389543d1d736c2463b0233e165a65049b1bc938643f30a27fc0a217f9e886c3e7d43152b5211be79b4402c282b4f425a7c87b6b3e931

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt

MD5 24623da08bdd2dea78211a02fa223bc5
SHA1 f6f1adeeadc9c9d968a02a6bfae8d83fb2e957ed
SHA256 1e85063b368418ef4ef9ad119c3902a99c28ad5fa970d1e90ea6b6b90aabcd76
SHA512 88671fb9df5b3c65479a9eb63faaeda65c4a234e3c2f318295e60e43dbf81d20ab14ed9d2d7b616c31f0dae7ad2f692e25dacfba1a2e68baaeac78f7e3c68484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt~RFe622a56.TMP

MD5 ef016e793163d44a37518d159a2c7b6d
SHA1 b95f12cf2540d14b44ae84b08fc5cf69a3fc73aa
SHA256 e48a1c7e4327728d34759d7ba48290a0958dc369c58d682cc71cba986f61ca5b
SHA512 ce7ca12b9b3fa4a4a715905dd6928d59bdba3ebb614bae660d13de7866271457bec6f677144c3ff8f9ab4e0f2e6bd7dd963e209e49b67867d144ae389eb62d80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 863f70cf65ddcf1d328fd886f06d4d6d
SHA1 cd1164db12b584f72a799a4057fbdca58303a715
SHA256 6d208bf53ad096aaf05803d70c6952e0a422203238056fea0a2dbe5101e5f511
SHA512 ea1bbb12184897884e46358df7635427613595bd9f4c223d2d9e234c8621d261bcc6d9e4bf5eb21893357221902c83b9db2ea0ee8ec69b003f98a3582c66fd11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef77cda9a440a4393d9125c839187633
SHA1 ce5c79d56a02d1f95bbefcfb28e3ba3c8200e168
SHA256 b431c148a6cff82d5ea69ba9e6bfb39e26b602193b681938116bfe2651734613
SHA512 6484d238f3eb75040d51da594d6e3e04213deeb9d43e6d6fa5670ea42e4e8b47d23b28802e240426e376a1ede263efe14378c44865364beb73f789ce9f9de3bf

C:\Users\Admin\Downloads\Unconfirmed 882897.crdownload

MD5 1b54b70beef8eb240db31718e8f7eb5d
SHA1 da5995070737ec655824c92622333c489eb6bce4
SHA256 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb
SHA512 fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2cff12eb739cbf219509e2c0e1d54c4
SHA1 12e8bd4529338d98977df9c8bdf20a3579a10782
SHA256 93eb4c3cf0bb08c5f6447a862d7cdb70bebc844577598bd1b4ac20a7863e7d4f
SHA512 a7e7ac751b459d10214db879d9245ebfdab43c70bbe8bf902fbeb4ef78fb6a27f4452ef664a2c892b5f842a025e2918e4326fb2c0da49ae4b2fb40073cb15559

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5a49127d00a2a075f9029c35ace7cd35
SHA1 26e062598d5123b9f780598b60aadb7e49b10830
SHA256 0ad306370cc1e3220220e0ec94ae9d78e9c958d74a7faca28b8b6f4ac7a65b48
SHA512 7128db703fef44bf39e2907b69a2b368405a950570e43273181c17ec8cb722f3515cefebef9b3b0862ea71a38cd413d0e25fe0f9b751875a1c9fb871b6173e7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\b8df8da8-a667-4016-99bb-cb67faafe757\index-dir\the-real-index

MD5 b9e46d0a886eb1c9cb4d27642daaf1c0
SHA1 372becb221a7ba6b2ca03896470cd9230b86bd3b
SHA256 0abdedc87e54e856fff46caa01f31a3e46f3c1dcea7dda9e636f84f4a9c1ac3d
SHA512 2886c6283c01864423261d608680015e8767510a222fb6587a208da74de645e6ad600416e70cf79025c8d06793d30e8ec71ec1f7627c76cc7e21995c2bc4db43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\b8df8da8-a667-4016-99bb-cb67faafe757\index-dir\the-real-index~RFe627a0c.TMP

MD5 7d586d37c863640a384538ada6d6d514
SHA1 7470e112fad4a78ce69623c3e26e73b43c7fc21e
SHA256 3f17b672e104555bf2f5b9bd6a2be0eb4bec9ec99dc61802b399cbd018c83c4d
SHA512 e3337fed048cc27a6503f905acaac1c0f4e7238106dd8a45b2f2d51255493077987f651bf1afbdff9b68f9b6eeca48603f295e5d083374864629d5ad6f685996

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\2df87814-9a3b-4355-89d3-bb078f1f7fad\index-dir\the-real-index

MD5 9256b3b80225c4a2f0421e06f506a21d
SHA1 0a857829f12c76c5f9ec2f014e42c2874df15e84
SHA256 f0cb247fe018f765d75899845ad34bc625726b28bda67c72da834c84975ffba7
SHA512 59db459de09fc7487e56361233b1dfed2399fe6d8958a3235b525b80c57751b2ce1e586b2ecb57e183598ae9aea6bf87bd01bc2dec445be8946a313ea6928c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\2df87814-9a3b-4355-89d3-bb078f1f7fad\index-dir\the-real-index~RFe628661.TMP

MD5 6be36d9741d61a152cbb6d4011f100ed
SHA1 ad5db7a491a67885cc74887963f30054a6a80659
SHA256 79eee539b47bf9599a83401b19eecdc04cd9f8a6ce99142b9f93b321f74faa31
SHA512 b3e52d59816b632d0112f303aa83c6b848adfeef18846a1c083c4172180beffc75409189501ae7f8d497e26878e84fa0df1cf9beb060810571f64ba1d8d8fada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt

MD5 de6cd86036f7bdf4e0eb00025c2a26d6
SHA1 77e920723d911fc03ea15a39988e9ef54fa48b0c
SHA256 0bc5503c8b6b3b35d5e1660413a82cd1b12ebe088dcbaf6980a6345461332462
SHA512 31f73c2d9e33be64de9d4b441f62d0e45254c1b074b0a2ba1b4558233a97bc355c240d807a2666c0c00ea656353877138ab66f415ef64359f8e5c226e38f6364

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6346a3cb14edfe857b267abfc220a9f
SHA1 7550969cca76513e90351bc6a4a5a03730d6a59d
SHA256 f64b626f8ddce3d294bdeafb451896c27e32f02630087bc1e36475fcfe99ef98
SHA512 bf4b58eb74b9533588f14667a5b5de4eab972e9f5f36b3b9f2cda18ccbf02f47f23d3153d03b2ebdcd7e2d405fe251544b6b16788ed9143b848dfee0477e0c8c

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsDialogs.dll

MD5 4e5bc4458afa770636f2806ee0a1e999
SHA1 76dcc64af867526f776ab9225e7f4fe076487765
SHA256 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0
SHA512 b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8af7786d79c675c00c49c0c51a62fb50
SHA1 282afd3885b9041cd3485276797e18e4c6708cdd
SHA256 5cbec99205e99378589209f9c6866c3b4c61d4bd2c97a1e7af1351e7c13ce017
SHA512 5bd934b149fcf158c628c473f0011734ebd260e40839d01da7b3a2b2b5a1f4b117c3e2d4338b1d4989be24ef79da993effd358f94b3f5bf3f3b2dd2fac865f85

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsProcess.dll

MD5 08072dc900ca0626e8c079b2c5bcfcf3
SHA1 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37
SHA256 bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8
SHA512 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32037e2a3f19b98041f9fbd89960cb47
SHA1 c2a970ae2a553c416c19ec3baa51643fcac37fff
SHA256 7ffd70fe9ebd29b3c76783ef6e14491f6dbacdfe6ee37e045feeb27606140d65
SHA512 0c82e410fc4cf2839815e85494ee8ffde9e3c63fc84f04a6b4c37bcae4ed93bc42b6d2c6498d6e344cc06b2d147cb01b05b3c7d3a81217ac0bfe9553110e480a

C:\Program Files (x86)\Steam\Steam.exe

MD5 33bcb1c8975a4063a134a72803e0ca16
SHA1 ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65
SHA256 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1
SHA512 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsExec.dll

MD5 2095af18c696968208315d4328a2b7fe
SHA1 b1b0e70c03724b2941e92c5098cc1fc0f2b51568
SHA256 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226
SHA512 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\modern-wizard.bmp

MD5 3614a4be6b610f1daf6c801574f161fe
SHA1 6edee98c0084a94caa1fe0124b4c19f42b4e7de6
SHA256 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b
SHA512 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e1704b5524441cacc453e1aa5b5f483
SHA1 5f26751a02c8eac8979ffafaabc3e789be1266fe
SHA256 508b236aea92fce51c1942e70cc2908b668ca9b9bcf9229b1e208cbc4af0945a
SHA512 d40cac9716f9d6c000d2800b2feaa032debb648609c0449dd7a85e6f9589bd2b52917f47a7dcb66d437458d1fe2cc05e88425aa2d70558131076eea4bafa62ce

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\System.dll

MD5 a36fbe922ffac9cd85a845d7a813f391
SHA1 f656a613a723cc1b449034d73551b4fcdf0dcf1a
SHA256 fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0
SHA512 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b

C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\StdUtils.dll

MD5 db11ab4828b429a987e7682e495c1810
SHA1 29c2c2069c4975c90789dc6d3677b4b650196561
SHA256 c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376
SHA512 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0c98e98da255cdb501fa3f1fa2c7ea55
SHA1 25372835493a3cee2d8cc13c160374364c2711f0
SHA256 8d0f81fc83cafcabd56ab4354cef93c8af314ff657bee08b6e79caafe10387f5
SHA512 ee68f32be1e9058c4d19cfccb90a80390b4fdbe410af5b73ec719440623b14f4d7dcaf2e08aceaabc896deb6879c7781ed76d2a644a2ff2939ed83b945a4cef4

C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_

MD5 577b7286c7b05cecde9bea0a0d39740e
SHA1 144d97afe83738177a2dbe43994f14ec11e44b53
SHA256 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824
SHA512 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0

C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_

MD5 00bf35778a90f9dfa68ce0d1a032d9b5
SHA1 de6a3d102de9a186e1585be14b49390dcb9605d6
SHA256 cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2
SHA512 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041

C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_

MD5 836dd6b25a8902af48cd52738b675e4b
SHA1 449347c06a872bedf311046bca8d316bfba3830b
SHA256 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64
SHA512 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80

memory/6696-19080-0x00000000006F0000-0x0000000000BA2000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

memory/1468-19122-0x00007FFF144E0000-0x00007FFF144E1000-memory.dmp

memory/1468-19119-0x00007FFF14140000-0x00007FFF14141000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Program Files (x86)\Steam\config\config.vdf

MD5 a2ec2e91c3ef8c42e22c4887d032b333
SHA1 e2c738a2e9400535b74e2263c7e7d1ecefe575f2
SHA256 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3
SHA512 b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3

C:\Program Files (x86)\Steam\config\config.vdf~RFe63b6b3.TMP

MD5 6e6a2b18264504cc084caa3ad0bfc6ae
SHA1 b177d719bd3c1bc547d5c97937a584b8b7d57196
SHA256 f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53
SHA512 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679

C:\Program Files (x86)\Steam\config\config.vdf.async3752.tmp

MD5 3b524487bd729bc5436392c7ca6ffcf6
SHA1 ff61f7c97e35368a64c80101addacf4278501355
SHA256 27c545453ba3c8069b95836312b760d48c8d8197f5da59e30fb0ff32dfa9661f
SHA512 2daf613b3f4862c9b1102e2367891d93474dd289c0f12eecefcd76b57c647d6ffda8f6e823353e9b4846be053170c40fc159a681aeb3c5c3a82c900137ac9d82

memory/3752-19223-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 8a435c199bc70d7331481cbda63deec2
SHA1 503d24af6f2f7ee2f820a5b7af0f55dec75d2f81
SHA256 7d816724170df4843823bf7cb66816fb71f3c76aa73d5e15b2e664c383a8bb21
SHA512 c75c7025c5a7ac558a5e6ce5797d023cd1f317940f611f1548fd89d9ddeb2dec15b7eb303d58b266a0fb58675c6f539ad4ac818bcd9ea1ebd6760fe6999097d6

memory/3752-19263-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 635e9346e4856752c75026a912898673
SHA1 68e892bb808a2a3631910f898b46348f15a12e22
SHA256 819ef1117131908ee524003d6a415b9a13bc7a985a138aeb494725b914a2757a
SHA512 0294bae53a07dddd22feb16773b50b48edab11b8d79ed3986957ab2f3e50b92bea643799beaa027d7877035d2daeacd90b73b4c2c1adbd367f227252fe612955

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 93499e87d81fda1ffa0c45ee00352109
SHA1 ba8d4da1a5aaa4f0ba6f2c85ca7a9baab947fc4b
SHA256 49c1e767d8a0b266a803cedf559d6175da4e82c45f06dc8115a67beeb452e5c1
SHA512 03c1d78915dc0310dc250a51f0caa0345dbc2805cf591b74cf29867438532fdadf6e60141c0bdcd2790e83bad8e07b3e9d38c214c5a659a645cd85150b15dd7c

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 d96cf1e19b4a4504098c098398ba2994
SHA1 391ae6ffc85a1b29f5d1fd77897a90703d6ae1ee
SHA256 bfde0e336305b77c96f9b17605172efec9b56c4bf7dad319ef4490b8973e589d
SHA512 5cab69fef28d6da246f96a655647092683cd779a6bcbd007f04c1cad978e63d8ca38ed88b542dc69ba90e1fc6519e96033e246cfa37ba41a6e142528684f42f0

C:\Program Files (x86)\Steam\config\config.vdf

MD5 d1faf4e2cdf8064d494b85ec1f2740e2
SHA1 3ca0a369225ba794c50660b7829e26bfac76dd42
SHA256 a7813a16e47d4c5344c601d271297c7d84e00b46242f1bf9a1635cfb0aa197cd
SHA512 a657c9a6e4f4950205304a4a38bd10c5d564fb362cd0554e11332e610697652d039090e35674db4def7c7652aba02373ceb91037f903ef4dff287adcc162ab32

memory/3752-19305-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 2a6e2c115548a1e80711bd971a7eb038
SHA1 8b8e5cbad1266bce57bfecb7df47ca79454e8070
SHA256 61dacc3599ad3cc73cf0201b76f8e25dac214a5dd20e48996b7165f8cc68b948
SHA512 ba8dbbae8dc07e05949a453cb53c25f158e290779be6f2cd89900f971fc911ad1833a2c745ffe9f7b30d338fd12bc76ed88b508af820c8d241d607012c6ed59d

memory/3752-19326-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 bc542c4b487e5c94d117654d2fcb44cb
SHA1 cc2c3cdaebfc9ed766e343988a7e1a9ace27e68c
SHA256 c269c5bb3ba78fecb7ec2600eb325499d34068f20fd528b7bc46148209206613
SHA512 dcbee4332b7f734988670c0ad3524f1341e2acee857a538d53e13cbce09b24d8103a654a235adf3e807d2927c3893afe8ab4fce5eaecbee9a0cb68a4424ca369

memory/3752-19344-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 bc60a19a9c4b5e93242a4045c68b45ca
SHA1 bb19032e401f3321ac6e2d486e2705f04a48a2bf
SHA256 611cdb7a88eba85105ca47a2223d563f922abc819ea5035fdee0b4b722856f47
SHA512 020246ec381b2629a356ba41fd0c9c324ebd93472df2f1e777f98e34040edc72256f155fa467aa9684a0b49187dc8563f93ea82e051b97408ebde02975602ad7

C:\Program Files (x86)\Steam\config\config.vdf

MD5 36de4972c8e98a90767436ca05b3b410
SHA1 6e30082302231da804d0b0ca8d811cb3ecd2330c
SHA256 bbe143ad10e7c1d763f548c425c4aa7d8551c9e5a78876def74fe20a252103f1
SHA512 89430e1b8af538dec42849264d4d7aa628b6ff4c72cbfb4b5ccd230d51ed97950ac7d26306b6ad56f88429c036f7c1cc017b519f6db40c68fa87abc86ca43cad

memory/3752-19369-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 8b10623acd2bca2ca363b72ba063303b
SHA1 d0b15b047e2fc02b3117729ba060670126ceabd4
SHA256 3ebf5ff09682c47895fb41fa985b6a4d881967e2240ebf557885b7fadfc8bf1f
SHA512 3c37ceaf1db618182578498d901f69414d6ab6bccb4433f82b6d5442d66eae71148266fc3ee85d21f7de07b571ee6e5472aaef81b8adc42096288fc60167af55

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json

MD5 602c49f9246967bdcff45b4f43cf2fb0
SHA1 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d
SHA256 a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114
SHA512 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe64b7c7.TMP

MD5 68b20851ccb9834d21fb32615e42bd43
SHA1 88fab935f0b9484994097c08f785e9ecb7d68127
SHA256 a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f
SHA512 dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe64b7f6.TMP

MD5 7d8e65c6d96637c6052f04076c46e107
SHA1 a03f2e5f1deb4266c9747faa557b5566c9717ed7
SHA256 a293b96e12015c9438b7332c8b1209a0f29912a2a162411d57ee54fdc9c7e0d4
SHA512 f0db498d3a2461a67ed0b94cf81ff8b26d2fabd1c943f0ac9597b9dfb1c3f2355657c7fa05eded10934b43ff9f2194ea409a2cd927826d013b2cdc78c0b8d6e9

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity

MD5 bb197a3d3c5e143dfe9a0136834432cb
SHA1 7b353576a77c5ecc7b61dedd4bf79744562b4f46
SHA256 c59a1e70474b5db13b5eeb45b4eac7ca822c5209f5c41e2cb25cd3fa7e01e144
SHA512 230b6fc9dff6262db3ea965f9248dd0215c3140b135f7df03d160f53fd27a0258cc30aa5792d1004fcba6f78a9de24cc752cc417607d4768c6ee52f2eae21a0f

memory/3752-19398-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 0a601c1bc2e83780218c7c76def2b58e
SHA1 8cfab6653c286d1e71ce15ff85dc417e242e35ec
SHA256 67984aa9473013b435a9ab3f13ed46b2b42b4b39337ae9bf82b1341c28d9e5ed
SHA512 d6fb76772425355c908d8683228f3f30b38e29c60ac5e8e8784597623e3e910d234a186810eaca9fc1c21ac31752c31f9477120f3ee9432084f2b156788dd1af

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe64bdd2.TMP

MD5 9387bb311aa3b3b17b56a192ef9166de
SHA1 4e0349b1d314e13b98277b825c0a864643328f64
SHA256 1684a334efb3f7a5f5f916d82dc1d9ad195f830115c8073acfdd6d063ef348e0
SHA512 64f80614e91feb5ff0711b63e7385bf97661a5faebae02827ed32e7d5cdd498868c7cd0d709d8a653457d7918b4733b9501598b2761c5aa6dcb5ee4fcde6a36c

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe64d14b.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 7036bbc536131f857699b3669be5334e
SHA1 c8d73de7f2a7bd98369e646a1b6e8ad027f2a411
SHA256 88db33d35b9662b02c42aaf1926cd5e7956d80e49aeb8c2521357e8a72fb84d1
SHA512 0589e820cbda80b1769ef2ee5aae540dee8047196424e5c921436bcae08ac01da77e94a81b601ecdef165d509aa85d03eb2eedb3879e641507a4d5f3c4ea7625

memory/3752-19417-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\manifest.json

MD5 2ff237adbc218a4934a8b361bcd3428e
SHA1 efad279269d9372dcf9c65b8527792e2e9e6ca7d
SHA256 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827
SHA512 bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542

C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\LICENSE

MD5 f6719687bed7403612eaed0b191eb4a9
SHA1 dd03919750e45507743bd089a659e8efcefa7af1
SHA256 afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59
SHA512 dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56

memory/3752-19455-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 251c37280c2796e03785fabad91d0c65
SHA1 b5e54a3ca31397d5c9657e2c695828e16e9724ec
SHA256 fde9b6952aaa2c52a26f648ec40cceaf42bfb6f74978dbdc05fd1c18381cbba0
SHA512 b751f2a534e066d4524250441aae458535ec86958ce670aceb172aa30c1f8295cd8827120b41300f04cbfa6cdad7d2107275da05049776dba87a0d902bd8759b

memory/3752-19498-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c26d56556e8ebf21851882ff2b1e8072
SHA1 b8b7a1a042cf190831a73315ead64a29f7f2d22b
SHA256 cd7aae333a14036cdb6d2c20d4b3d50563d862cf35cc6c6c5f1231885ccff6fe
SHA512 fc97e1f59fa577dac799c2813672a262950f0bf60443c5aebf6bb36d53f35ef345bf375141f51de62c9c0b4630d98fc1fcdf18d0955a4d8e1c33253de043e8cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec41b2d5e902dbccdd817642504f58ba
SHA1 14b9dbdf42ed3e4402131c3ec82e051a304076a2
SHA256 b25aa70481171cd699f74e9b74cd4658ab93080a24b8f5e3e8f4c2d4ea889799
SHA512 67eee4b89af52fd2d85076db448d27544fa4def1d7dbdff4a1144e452839e1cdd15aeebca8d6b50b4aa02d273728bed6882f1a3fb727d255f52b2651b7eacd47

memory/3752-19514-0x0000000067560000-0x00000000688A1000-memory.dmp

memory/3752-19515-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20cbb06b4f49657775752d6a1ec2a1c6
SHA1 402fd2e5522136b4d2cc92529f217b50f6f70a3f
SHA256 e077caf3825bf760f5f3fddf47705191d11f53e2d52680ab0d07e87fbfdeb40c
SHA512 530276873b4630c7c40341f4950d44d4deb2363a76e5b770b6a044f9c0f9ac852cbc06be623bc8958e6b99ec8b66e0a0ee02e89a790c9335dd07e18a8c01e56c

memory/7336-19527-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19526-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19525-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19537-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19536-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19535-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19534-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19533-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19532-0x000002043F750000-0x000002043F751000-memory.dmp

memory/7336-19531-0x000002043F750000-0x000002043F751000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 e76e2f0eb248522043d80f0050719a93
SHA1 c32755f23880b92b17bf83c01b03261aa8ef3f1d
SHA256 730c8cc7a3d41b41f5e4d677f3e22d46fbd90d2f4b6b7552213c5b5ecdfa16ca
SHA512 aaa6545d9d2b16b36a3e4ab6fd2d44d58b7532aa451614f8311621997a1616ee37f834f2979ade694018d518583ed8f64933d38fa67ef2b982f5fe06217f6b12

memory/3752-19557-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 24e6c97978f33468e00bbd486d8bacea
SHA1 ac04967c68c27ddd424dab4b07e846a031a6c5b1
SHA256 3dba0b33595f88c694b13bfa66dc21a34e31b2082b3e46fe02ec882dae659bef
SHA512 8f99d08ce012fd8ebe9f2a65e2fe1e232220860553b98e106fafa4c34dd6a6d3de4f2672363c385b5ee8720454de01244edd07370873da49c9c7d3dcaeb76388

C:\Program Files (x86)\Steam\config\config.vdf

MD5 77750d408dc290e6f9f1a48917719905
SHA1 1c035bd72754d61a89772c3697cde87bbe963e90
SHA256 d317725528eab603d665801ae7f868f0b290598f4eed0fd1aca4695cc57933ce
SHA512 f73db55fd0c805e91e24f06ace4dbb6be0f245ec6f9019de5b4908e6c43fd9439a7c96020857607ee4e6b90806d15b6e21032540554ae2a4edf9f2ba78839285

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f079334aa67afcd6fb1dd5c97b98d3e
SHA1 5aee66b54eeeac5fd93c529a59c01d875d2cd00a
SHA256 b28dcc75ad13573a17b101edeb5ca39e718f302774b441eed6167525fa0810da
SHA512 841bba902a35b0e299c9900c94b42b49a167bc9fb8a60fabe70099977ce381b6877a18451f3849764bcc1e9a070d639182e4f7509bf70c2a74cd9f86957e42c3

memory/3752-19610-0x0000000067560000-0x00000000688A1000-memory.dmp

memory/3752-19611-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2e9eed4009cfdc4064d53399d0d8a71
SHA1 ab064e8ab5ca77cfe028705eab1b2711072b0bd2
SHA256 2ddce42f6b6a222989d3ad87e65f4ea109765e1022d8976c6260f0a8930c20c3
SHA512 4fffe97ed8e15b82516d71d836d0e8af95333792aaa3b31143756e5eb6dffb5d5678c4f323f425076c02c7e0657ca9b5825a1e21ece250631e89031b1be19227

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 cffcd1af92bbef026f7a9f8eb3e4258d
SHA1 54f3bfd783495babfe2cdb3a0b8cdc8b1ea8242e
SHA256 2056b1542895fa0a53c431c17a12d85a47cbe5fd86edc0627e626c1856fd86e7
SHA512 7ec5815f0a721757c0edafeb89b6688018c4e64377bbb08308fb9c742b6d47b3c9e98dd440d810d41d8b72ecdc7140b95122094b7f4c7ce2ccfdc86d9171d627

memory/3752-19631-0x0000000067560000-0x00000000688A1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27a1dd74dd409763a4c839853791091e
SHA1 61706228e635575963eddfd6ecfe035c81499560
SHA256 c1596aaa006cb1e0721169cbb5ac23c7158f39053ba1266ef14dc62db231eb6d
SHA512 4a934c95ec4333535fd601b2f79118b69ffaaffd5048c31b8273e5a7e44b80a046e521f435a4533c2acc47ff55b1c0108a785c24622fe3450902506951729ad8

C:\Program Files (x86)\Steam\config\config.vdf

MD5 39ef9f7187bf2550f1841357d15e4fe5
SHA1 a31fed669b02033c0cc32f68300aef39780ccba4
SHA256 cece201e9ffd05c7846fb637d4837b3439f2e753ddf066876122106d20c10e56
SHA512 898394261fcca0cf68a42920fcb3db74de86fe3774d4c847ce62a0ee316693257e1699d0463dde760cf51a62a03a838a98d01804a3a957c9680d919fa59980fe

memory/3752-19662-0x0000000067560000-0x00000000688A1000-memory.dmp