Analysis Overview
SHA256
5823597ef4cb5af219548736e91dce71cc90599878807d4db29bec04a5239aea
Threat Level: Likely malicious
The file ads.rar was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Event Triggered Execution: Component Object Model Hijacking
A potential corporate email address has been identified in the URL: =@L
A potential corporate email address has been identified in the URL: prebid-universal-creative@latest
Executes dropped EXE
Modifies system executable filetype association
Loads dropped DLL
Checks installed software on the system
Drops desktop.ini file(s)
Adds Run key to start application
Detected potential entity reuse from brand STEAM.
Checks system information in the registry
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
System Network Configuration Discovery: Internet Connection Discovery
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: AddClipboardFormatListener
Checks processor information in registry
Runs ping.exe
Checks SCSI registry key(s)
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Modifies registry class
Modifies Internet Explorer settings
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies system certificate store
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 11:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 11:05
Reported
2024-11-09 11:05
Platform
win7-20240903-en
Max time kernel
18s
Max time network
16s
Command Line
Signatures
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 11:05
Reported
2024-11-09 11:21
Platform
win10v2004-20241007-en
Max time kernel
975s
Max time network
974s
Command Line
Signatures
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: =@L
A potential corporate email address has been identified in the URL: prebid-universal-creative@latest
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies system executable filetype association
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\Update\\OneDriveSetup.exe\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Standalone Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\StandaloneUpdater\\OneDriveSetup.exe\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\downlevel\api-ms-win-core-shutdown-l1-1-0.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\Microsoft.Bluetooth.UserService.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\NcdProp.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\spp.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\wshelper.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\downlevel\api-ms-win-core-kernel32-legacy-l1-1-1.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\69fe178f-26e7-43a9-aa7d-2b616b672dde_eventlogservice.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\CloudExperienceHostBroker.exe | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\DDORes.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\DevDispItemProvider.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\Dism\CbsProvider.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\ConsoleLogon.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\d3d9.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\dhcpcore.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\Unistore.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\WWanHC.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\downlevel\api-ms-win-core-errorhandling-l1-1-0.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\comdlg32.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\computecore.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\C_1149.NLS | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\d3d10_1core.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\dot3ui.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\gpsvc.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\manage-bde.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\modemui.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\bthprops.cpl | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\config\DEFAUL~1.LOG | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\configmanager2.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\cmdkey.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\dmdskres.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\pnppolicy.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\wininetlui.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\Dism\UnattendProvider.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\dmdskres.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\AuthBrokerUI.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\C_20284.NLS | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\autochk.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\shutdown.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\wsecedit.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\changepk.exe | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\immersivetpmvscmgrsvr.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\sdohlp.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\w32tm.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\webcheck.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\wevtsvc.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\dmusic.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\compmgmt.msc | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\cscui.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\icsvcext.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\securityhealthsso.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\TieringEngineService.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\Dism\de-DE\OfflineSetupProvider.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\dmcommandlineutils.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\DmOmaCpMo.exe | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\hid.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\MMDevAPI.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\powercfg.exe.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\altspace.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\cofiredm.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\dlnashext.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\Dism\es-ES\LogProvider.dll.mui | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\BingMaps.dll | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\cscript.exe | C:\Windows\system32\cmd.exe | N/A |
| File opened for modification | C:\Windows\System32\de-DE\msdrm.dll.mui | C:\Windows\system32\cmd.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\libcef.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_050_menu_0060.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_lstick_up.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\joyconpair_left_sr_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_plus_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_l1_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_l4.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\gamepad_joystick.vdf_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_080_input_0020.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_ring.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rt_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\deck_ui_launch_game.wav_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0312.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_ukrainian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\vgui_german.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_dpad_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\plugins\demux\libreal_plugin.dll | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0060.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\dualshock_4_spanish.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_outlined_button_a.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_gyro_roll_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_dpad_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\be\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\mega_btn_on.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_left_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_rstick_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_button_logo_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0302.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_tchinese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\co\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\loop_5.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_down.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Steam\config\config.vdf.async3752.tmp | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\_metadata\verified_contents.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0418.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0140.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_touch_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\resources.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_l_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_030_inv_0040.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_r3_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_swipe_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\friends\InviteFriendResultSubPanel.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\Receipt_PayPal_Success.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0050.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\support_flag_right.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\locales\am.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\mn\ | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0318.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_010_wpn_0424.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\friendsui_thai-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_button_mute_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\btnOvrOffTopLeft.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_r_ring_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\digitalmediadevice.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_netdriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_computeaccelerator.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\INF\c_smrdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\wsdprint.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_ucm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_receiptprinter.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_swcomponent.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscopyprotection.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\xusb22.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsopenfilebackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsreplication.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_linedisplay.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_apo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsundelete.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_cashdrawer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\ts_generic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\miradisp.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsvirtualization.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\PerceptionSimulationSixDof.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystem.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_sslaccel.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_proximity.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsantivirus.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fshsm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsinfrastructure.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontinuousbackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_camera.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_magneticstripereader.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rawsilo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rdcameradriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsactivitymonitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\INF\c_fssystemrecovery.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscfsmetadataserver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsencryption.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssecurityenhancer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscompression.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsphysicalquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_barcodescanner.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_holographic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\dc1-controller.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\remoteposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontentscreener.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_mcx.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_extension.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_firmware.PNF | C:\Windows\system32\mmc.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steamerrorreporter.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\VideoLAN\VLC\uninstall.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steamerrorreporter.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\wermgr.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\system32\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Windows\system32\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\system32\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31142553" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{5BB90A9F-9E8C-11EF-9361-DEEFF298442C} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ab44cbc7ac5e824ba8748f8001f100a1000000000200000000001066000000010000200000008993c40a374f190a80818e88c9f5dd26d35f4b5195928ca15595e492925cede6000000000e8000000002000020000000f1affc627e0610323bbb6fd3825848343ad6a4378006c75758f9d1efd02b26f9200000007fea76bb25534c86ca19565085a5ad9aad3f4eeb6725609d16eb06af5b770fa140000000246d599000dc33b5e829f327a85c4a2a5958f1590e6f38c67412f9484594b30ef2aff0dab1befb4f657c55a3ff8aa5faad1313a7506e837b58d56f068d1c7576 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\VersionManager | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\MINIE | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff00000000240000000004000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "808204999" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31142553" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ab44cbc7ac5e824ba8748f8001f100a10000000002000000000010660000000100002000000042055f370881aa3c17f21a474d7b68c55f075aa5d3c422a88e814adf7524179d000000000e800000000200002000000061785acb9fd4d2a68278cd9fb0330d8be9f0ba6f01b1642a8839bf73409c49df20000000edbba343a958589f8c72b38b91d9b945aa61168401aae525db4fdb55c66b1dc840000000465d9cb00f8cb679e342bc3ff8ae220e746445087fbb21b20f41d50d3bc8c3292d8c7a9bcc7c672133446ced31c71386e9044ab7129f9b0798c30dacb6b7e645 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\IESettingSync | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "808214885" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50d442319932db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\Software\Microsoft\Internet Explorer\IESettingSync | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40004a319932db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756239886531366" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}\ = "IOneDriveInfoProvider" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\IE.AssocFile.URL\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mpeg1\shell\Open\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\VersionIndependentProgID\ = "SyncEngineFileInfoProvider.SyncEngineFileInfoProvider" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9E0BD17B-2D3C-4656-B94D-03084F3FD9D4}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.FileSyncClient | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.AutoPlayHandler\CurVer | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{AEEBAD4E-3E0A-415B-9B94-19C499CD7B6A}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\mssharepointclient\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\Microsoft.SharePoint.exe\" /protocol:\"%1\"" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32\ = "{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.dav\shell\AddToPlaylistVLC\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.amr\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.dv\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp4v\shell\Open\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{C9F3F6BB-3172-4CD8-9EB7-37C9BE601C87}\1.0\FLAGS\ = "0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{638805C3-4BA3-4AC8-8AAC-71A0BA2BC284}\1.0\ = "FileCoAuthLibrary 1.0 Type Library" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{0f872661-c863-47a4-863f-c065c182858a}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ = "SyncEngineFileInfoProvider Class" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mkv\shell\AddToPlaylistVLC\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}\ = "ISetItemPropertiesCallback" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{679EC955-75AA-4FB2-A7ED-8C0152ECF409}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8D076AD6-9B6F-4150-A0FD-5D7E8C8CB02C} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_CLASSES\WOW6432NODE\INTERFACE\{2B865677-AC3A-43BD-B9E7-BF6FCD3F0596}\TYPELIB | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\TypeLib\{F904F88C-E60D-4327-9FA2-865AD075B400}\1.0\FLAGS | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\SyncEngineFileInfoProvider.SyncEngineFileInfoProvider\ = "SyncEngineFileInfoProvider Class" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_CLASSES\WOW6432NODE\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\TYPELIB | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ac3\shell\PlayWithVLC | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{22A68885-0FD9-42F6-9DED-4FB174DC7344}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\BannerNotificationHandler.BannerNotificationHandler\shell | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.mp2\shell\AddToPlaylistVLC | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.ogv\shell\AddToPlaylistVLC\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.it\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\ProgID | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\CONTROL | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\LocalServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe /cci /client=Personal" | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E} | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\FileSyncClient.AutoPlayHandler.1 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\WOW6432Node\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.oga\shell\AddToPlaylistVLC\command | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}\TypeLib | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\LocalServer32 | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\VLC.wma\shell\AddToPlaylistVLC | C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\wwahost.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\ads.rar"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2200,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2268 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=2316,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4624 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4708,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4728 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4884,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4400,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4492,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4828,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4860,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5312,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5136,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5608,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5624 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5760,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6024,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6468,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6316,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6276,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6536,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=7068,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7160,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7320,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7180,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7464 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7292,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7620 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7728,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7444,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8092 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8364,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=8512,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8476,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8408,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7572 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7840,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7560 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7576,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7380 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8280,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8056 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7312,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7600 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7244,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7228 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7356,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8276 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8368,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8648 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8224,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7980,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8536,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8216,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=5920,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7528,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8788,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8740,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5932,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8756,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9468,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=9600,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9460 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9588,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8104,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=10060,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10044 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8764,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8760 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5744,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5864 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5780,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=5532,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9424,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc449e6f4h1d75h4604h8981hf25fdf94302c
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,6094600124645288465,18393945022660297965,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\wwahost.exe
"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault4f7a073ch8a33h45bahbb9eh133734e5ff8a
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,2413287033685983889,17308251949395608736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=8372,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9788,i,7397007397099399827,3578799035706736520,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault5c60dcdbhfb08h477ch8c39hff5d2d43c0ec
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,6404206717724147750,7588492276787285541,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\VideoLAN\VLC\uninstall.exe
"C:\Program Files\VideoLAN\VLC\uninstall.exe"
C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=C:\Program Files\VideoLAN\VLC\
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32.exe" /s /u "C:\Program Files\VideoLAN\VLC\axvlc.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\VideoLAN\VLC\axvlc.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault35c46d8dh409bh4b99hbd1chd1870c59d4cb
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,8508007354200056173,7097073906458296665,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault983d4dc4hb397h4425hb9cah122be5f893d8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,12888536694380723544,5388426385356284491,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xd4,0x10c,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1852,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1836 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2176,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3260,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3660,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4644,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4656 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4776,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4768 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4364,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4356 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5048 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4388,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4888 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4416,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4400 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5028,i,9414357756704664897,10640772925603290894,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4824 /prefetch:1
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "7288" "936" "844" "940" "0" "0" "944" "948" "0" "0" "0" "0"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2044 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2280 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4588,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3168,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4684 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4724 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4716,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4688 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4776 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5008,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4764 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5136,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3192,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3240 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f8 0x31c
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3424,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5060 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3920,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5676,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5680,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5612,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5624,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6020,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5876,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5376 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5428,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5656 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4548,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6236,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3504,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5776 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5808,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5688,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3464,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5788 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6312,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6420 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5620,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6192,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6428,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6620,i,14118052574048417778,10747035471050000656,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6624 /prefetch:8
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2108,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1824,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2464 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3880,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4736 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4840 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4836,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4784 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5036 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x228,0x274,0x7ff65d494698,0x7ff65d4946a4,0x7ff65d4946b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4412,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3444,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3220,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3432,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3172 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4568 /prefetch:8
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" /update /restart
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe /update /restart /peruser /childprocess /extractFilesWithLessThreadCount /renameReplaceOneDriveExe /renameReplaceODSUExe /removeNonCurrentVersions /enableODSUReportingMode
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4756,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4048,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4560 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3164,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5516,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5616 /prefetch:1
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
/updateInstalled /background
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault28f70f2ch4942h413ehb7fdhfbc46cb02be5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffef0da46f8,0x7ffef0da4708,0x7ffef0da4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,3858096575514832425,10876525347644809894,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4940,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5332,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5980,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5444,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6008,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5328,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5452,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6204,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6012,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3456,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6288 /prefetch:1
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5900,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1148 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4540,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6272,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5556,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6300,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5924,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6276 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6524,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6720 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6348,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6868 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6864,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6816 /prefetch:1
C:\Users\Admin\Downloads\Install VALORANT.exe
"C:\Users\Admin\Downloads\Install VALORANT.exe"
C:\Users\Admin\Downloads\Install VALORANT.exe
"C:\Users\Admin\Downloads\Install VALORANT.exe" --agent --riotclient-app-port=55843 --riotclient-auth-token=FkApFKuzdfRBsQd7nJna7A --app-root=C:/Users/Admin/Downloads "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc
C:\Users\Admin\Downloads\Install VALORANT.exe
"C:\Users\Admin\Downloads\Install VALORANT.exe" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc --disable-auto-launch
C:\Users\Admin\Downloads\Install VALORANT.exe
"C:\Users\Admin\Downloads\Install VALORANT.exe" --agent --riotclient-app-port=55927 --riotclient-auth-token=Ar9awNaf9im0pOkiLIDQpQ --app-root=C:/Users/Admin/Downloads "--data-root=C:/ProgramData/Riot Games/Metadata" "--update-root=C:/ProgramData/Riot Games/Metadata/Install VALORANT/Update" "--log-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT/Logs" "--user-data-root=C:/Users/Admin/AppData/Local/Riot Games/Install VALORANT" --session-id=14b13bd6-2a21-f843-bfcb-76a6436fcbcc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=3468,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=4736,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3844 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=6520,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5448,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5312,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4392,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5580 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5940,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=6456 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5608,i,7586304314174306235,3444256225652884775,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3248 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Desktop\ApproveImport.gif
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5768 CREDAT:17410 /prefetch:2
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=3752" "-buildid=1730853027" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1730853027 --initial-client-data=0x27c,0x280,0x284,0x278,0x288,0x7ffef473af00,0x7ffef473af0c,0x7ffef473af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1604,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1608 --mojo-platform-channel-handle=1596 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2272,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2276 --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2808,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2812 --mojo-platform-channel-handle=2804 /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3160 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Windows\system32\PING.EXE
ping 8.8.8.8
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\steamerrorreporter.exe
C:\Program Files (x86)\Steam\steam
C:\Program Files (x86)\Steam\steamerrorreporter.exe
C:\Program Files (x86)\Steam\steam
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=3924,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3928 --mojo-platform-channel-handle=3920 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffef56bcc40,0x7ffef56bcc4c,0x7ffef56bcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=1956 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1592,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2112 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2096,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=2352 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4512,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4524 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4492,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4208 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4476,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4712 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=4772 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5036,i,13587517037418204417,3040851876568063024,262144 --variations-seed-version=20241108-130108.678000 --mojo-platform-channel-handle=5068 /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3768,i,11872558399733806553,18153968846062958040,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3840 --mojo-platform-channel-handle=2084 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.234:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 142.250.187.234:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | speedtest.net | udp |
| US | 151.101.194.219:443 | speedtest.net | tcp |
| US | 151.101.194.219:443 | speedtest.net | tcp |
| US | 8.8.8.8:53 | www.speedtest.net | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.194.101.151.in-addr.arpa | udp |
| US | 104.17.147.22:443 | www.speedtest.net | tcp |
| US | 8.8.8.8:53 | cdn.ziffstatic.com | udp |
| US | 8.8.8.8:53 | b.cdnst.net | udp |
| DE | 92.122.215.75:443 | cdn.ziffstatic.com | tcp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | diffuser-cdn.app-us1.com | udp |
| US | 3.165.232.83:443 | b-code.liadm.com | tcp |
| DE | 92.122.215.75:443 | cdn.ziffstatic.com | udp |
| IE | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.128.216:443 | diffuser-cdn.app-us1.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | prism.app-us1.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| IE | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 104.17.31.174:443 | prism.app-us1.com | tcp |
| US | 8.8.8.8:53 | cdn.static.zdbb.net | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IT | 92.123.48.219:443 | cdn.static.zdbb.net | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| IE | 13.224.68.126:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 3.94.241.169:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 22.147.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.215.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.128.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.232.165.3.in-addr.arpa | udp |
| US | 3.165.232.16:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 187.142.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 174.31.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.48.123.92.in-addr.arpa | udp |
| US | 44.195.5.240:443 | rp.liadm.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | trackcmp.net | udp |
| US | 172.64.153.42:443 | trackcmp.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| IE | 3.162.148.221:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | live.rezync.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | zdbb.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | gurgle.speedtest.net | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| IE | 52.16.55.91:443 | dpm.demdex.net | tcp |
| US | 18.213.136.7:443 | gurgle.speedtest.net | tcp |
| US | 8.8.8.8:53 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedlon.hyperoptic.com | udp |
| US | 8.8.8.8:53 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | udp |
| US | 3.165.148.118:443 | live.rezync.com | tcp |
| US | 8.8.8.8:53 | speedtest.london.macarne.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest-lon.retn.net.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | st-1.fibrenest.net.prod.hosts.ooklaserver.net | udp |
| US | 64.74.236.31:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | londres.speedtest.angolacables.co.ao.prod.hosts.ooklaserver.net | udp |
| IE | 52.211.253.2:443 | zdbb.net | tcp |
| IE | 34.246.139.66:443 | match.prod.bidr.io | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 185.225.24.21:8080 | speedtest.london.macarne.com.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | speedtestlon.orbital.net.prod.hosts.ooklaserver.net | udp |
| GB | 185.241.227.127:8080 | st-1.fibrenest.net.prod.hosts.ooklaserver.net | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | tcp |
| GB | 185.82.8.1:8080 | speedtest-lon.retn.net.prod.hosts.ooklaserver.net | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 94.101.144.102:8080 | speedtestlon.orbital.net.prod.hosts.ooklaserver.net | tcp |
| GB | 185.148.112.227:8080 | londres.speedtest.angolacables.co.ao.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 64.74.236.31:443 | b1sync.zemanta.com | tcp |
| IE | 52.211.253.2:443 | zdbb.net | tcp |
| IE | 34.246.139.66:443 | match.prod.bidr.io | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.241.94.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.5.195.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.148.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.55.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.112.37.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.101.10.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.46.92.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.24.225.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.227.241.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.82.148.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.144.101.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.12.22.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.136.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.8.82.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.112.148.185.in-addr.arpa | udp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | gurgle.zdbb.net | udp |
| US | 18.213.136.7:443 | gurgle.zdbb.net | tcp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs-simple.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 3.94.241.169:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 52.16.55.91:443 | dpm.demdex.net | tcp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| IE | 54.74.74.210:443 | bcp.crwdcntrl.net | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| DE | 141.95.33.120:443 | id5-sync.com | tcp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 172.67.23.234:443 | p.ad.gt | tcp |
| US | 69.166.1.34:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| IE | 54.155.31.240:443 | ad.360yield.com | tcp |
| FR | 5.196.111.72:443 | sync.smartadserver.com | tcp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | 31.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.93.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.253.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.139.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.49.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.74.74.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.11.164.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 35.164.11.89:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | secure-us.imrworldwide.com | udp |
| IE | 52.212.221.245:443 | secure-us.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 0e90550da78838e58fde34422e2b2a32.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| IE | 176.34.255.223:443 | rtb.gumgum.com | tcp |
| GB | 216.58.213.1:443 | 0e90550da78838e58fde34422e2b2a32.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 8.8.8.8:53 | cdn-gl.imrworldwide.com | udp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| IE | 3.162.140.119:443 | cdn-gl.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | udp |
| BE | 66.102.1.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | bee.imrworldwide.com | udp |
| IE | 52.212.221.245:443 | secure-us.imrworldwide.com | tcp |
| IE | 3.162.140.78:443 | bee.imrworldwide.com | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| IE | 3.162.140.119:443 | cdn-gl.imrworldwide.com | tcp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | hblg.media.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| CH | 23.32.112.27:443 | hblg.media.net | tcp |
| CH | 23.32.112.27:443 | hblg.media.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | warp.media.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | lg3-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| IT | 92.123.48.226:443 | c.pm-serv.co | tcp |
| US | 8.8.8.8:53 | a4497.casalemedia.com | udp |
| IT | 92.123.48.226:443 | c.pm-serv.co | tcp |
| US | 8.8.8.8:53 | a5081.casalemedia.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | 240.31.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.221.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.255.34.176.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| CA | 185.170.63.89:443 | a4497.casalemedia.com | tcp |
| CA | 185.170.62.103:443 | a5081.casalemedia.com | tcp |
| US | 23.45.68.28:443 | contextual.media.net | tcp |
| CH | 173.222.108.113:443 | lg3-a.akamaihd.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| IT | 92.123.48.226:443 | c.pm-serv.co | udp |
| US | 8.8.8.8:53 | l.pm-serv.co | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| US | 23.45.68.28:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| GB | 172.217.16.230:443 | s0.2mdn.net | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| US | 8.8.8.8:53 | medianet-match.dotomi.com | udp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| GB | 172.217.16.230:443 | s0.2mdn.net | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| NL | 89.207.16.201:443 | medianet-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| NL | 89.207.16.201:443 | medianet-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 27.112.32.23.in-addr.arpa | udp |
| NL | 89.207.16.201:443 | medianet-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.48.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| IE | 52.17.111.23:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 89.63.170.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.62.170.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.68.45.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | n.pm-serv.co | udp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 34.160.55.127:443 | n.pm-serv.co | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| IE | 34.251.118.136:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| US | 52.204.245.185:443 | sync.srv.stackadapt.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | idx.liadm.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ookla-d.openx.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 23.45.68.246:443 | ads.pubmatic.com | tcp |
| US | 23.45.69.73:443 | eus.rubiconproject.com | tcp |
| US | 35.244.159.8:443 | ookla-d.openx.net | tcp |
| US | 3.93.160.245:443 | idx.liadm.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| NL | 188.42.189.197:443 | ads.betweendigital.com | tcp |
| US | 8.8.8.8:53 | ad.sxp.smartclip.net | udp |
| US | 8.8.8.8:53 | ad.yieldlab.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 35.186.194.101:443 | ad.sxp.smartclip.net | tcp |
| US | 35.186.194.101:443 | ad.sxp.smartclip.net | tcp |
| US | 23.45.68.116:443 | ad.yieldlab.net | tcp |
| US | 23.45.68.116:443 | ad.yieldlab.net | tcp |
| DE | 18.195.150.101:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.111.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.55.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.64.227.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.155.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.118.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.69.45.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.68.45.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.157.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.245.204.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.160.93.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.189.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.194.186.35.in-addr.arpa | udp |
| IE | 54.170.33.189:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | dsum.casalemedia.com | udp |
| US | 35.186.194.101:443 | ad.sxp.smartclip.net | udp |
| US | 8.8.8.8:53 | 9qcc6xcq1ojqppcywi10stog1emgs1731150380.nuid.imrworldwide.com | udp |
| US | 3.165.232.121:443 | 9qcc6xcq1ojqppcywi10stog1emgs1731150380.nuid.imrworldwide.com | tcp |
| US | 8.8.8.8:53 | r.casalemedia.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | 101.150.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.68.45.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.33.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.232.165.3.in-addr.arpa | udp |
| DK | 37.157.2.230:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| IE | 52.95.118.179:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | pool.admedo.com | udp |
| BE | 35.206.140.87:443 | pool.admedo.com | tcp |
| BE | 35.206.140.87:443 | pool.admedo.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| FR | 54.38.113.3:443 | pixel.onaudience.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 172.67.40.173:443 | mwzeom.zeotap.com | tcp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| NL | 34.91.62.186:443 | um.simpli.fi | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 63.215.202.137:443 | pubmatic-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 8.8.8.8:53 | related.insightfulguide.net | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.118.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.140.206.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.62.91.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.202.215.63.in-addr.arpa | udp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| US | 34.117.32.153:443 | related.insightfulguide.net | tcp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| US | 8.8.8.8:53 | jogger.zdbb.net | udp |
| US | 8.8.8.8:53 | tags.bkrtx.com | udp |
| US | 52.87.93.211:443 | jogger.zdbb.net | tcp |
| CH | 104.77.21.153:443 | tags.bkrtx.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 20.150.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.32.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.21.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.93.87.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 67.209.201.84.in-addr.arpa | udp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| US | 8.8.8.8:53 | dsp.360yield.com | udp |
| US | 8.8.8.8:53 | dsp-ap.eskimi.com | udp |
| IE | 52.31.215.85:443 | dsp.360yield.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| IE | 34.246.139.66:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.208.189:443 | csync.loopme.me | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 85.215.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| SE | 13.53.196.230:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| FR | 141.94.161.158:443 | green.erne.co | tcp |
| IE | 52.215.155.11:443 | cm.adgrx.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 54.38.113.7:443 | pixel-eu.onaudience.com | tcp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 172.64.150.63:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| US | 8.8.8.8:53 | bidberry.net | udp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| DE | 57.129.39.243:443 | bidberry.net | tcp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.208.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.196.53.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.161.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.113.38.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.150.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 243.39.129.57.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | udp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| DE | 3.78.93.150:443 | btlr.sharethrough.com | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 54.171.49.82:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| NL | 178.250.1.57:443 | ssp-sync.criteo.com | tcp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 57.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| IT | 92.123.48.226:443 | l.pm-serv.co | udp |
| US | 23.45.68.28:443 | contextual.media.net | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | udp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | cc.adingo.jp | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | pn.ybp.yahoo.com | udp |
| IE | 54.77.178.239:443 | pn.ybp.yahoo.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| GB | 142.250.200.34:443 | ade.googlesyndication.com | tcp |
| JP | 35.76.248.63:443 | cc.adingo.jp | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.191.110.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.178.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | cdn.js7k.com | udp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| GB | 87.248.114.11:443 | s.yimg.com | tcp |
| US | 23.45.68.228:443 | servedby.flashtalking.com | tcp |
| US | 54.152.32.181:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | ajs-assets.ftstatic.com | udp |
| IE | 3.162.140.107:443 | ajs-assets.ftstatic.com | tcp |
| US | 8.8.8.8:53 | agen-assets.ftstatic.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | udp |
| IE | 13.224.68.5:443 | agen-assets.ftstatic.com | tcp |
| GB | 18.172.89.36:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 54.235.131.251:443 | dt.adsafeprotected.com | tcp |
| US | 54.235.131.251:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| US | 8.8.8.8:53 | premierinn.demdex.net | udp |
| IE | 3.162.140.108:443 | cdn.flashtalking.com | tcp |
| IE | 3.162.140.108:443 | cdn.flashtalking.com | tcp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.248.76.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.68.45.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.131.235.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.152.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-events.flashtalking.com | udp |
| US | 8.8.8.8:53 | stat.flashtalking.com | udp |
| GB | 18.170.252.3:443 | stat.flashtalking.com | tcp |
| GB | 18.169.60.99:443 | stat.flashtalking.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| CH | 80.67.82.107:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 3.252.170.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.60.169.18.in-addr.arpa | udp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 107.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| US | 95.100.195.182:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | secure-us.imrworldwide.com | udp |
| IE | 52.212.221.245:443 | secure-us.imrworldwide.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | nrb.ybp.yahoo.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 66.102.1.155:443 | stats.g.doubleclick.net | udp |
| IE | 54.228.54.61:443 | nrb.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | 61.54.228.54.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| GB | 216.58.201.110:443 | chrome.google.com | tcp |
| US | 151.101.194.219:443 | b.cdnst.net | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 155.225.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 20.97.190.213:443 | fe2cr.update.microsoft.com | tcp |
| US | 8.8.8.8:53 | download.windowsupdate.com | udp |
| US | 199.232.210.172:80 | download.windowsupdate.com | tcp |
| US | 8.8.8.8:53 | 213.190.97.20.in-addr.arpa | udp |
| N/A | 239.255.255.250:3702 | udp | |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| N/A | 239.255.255.250:3702 | udp | |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | speedtest.net | udp |
| US | 151.101.2.219:443 | speedtest.net | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 216.58.201.110:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | toastyy.de | udp |
| US | 76.76.21.21:443 | toastyy.de | tcp |
| US | 76.76.21.21:443 | toastyy.de | tcp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | 21.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| SG | 74.125.130.94:443 | id.google.com | tcp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| SG | 74.125.130.94:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 94.130.125.74.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.amazon.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | images-na.ssl-images-amazon.com | udp |
| US | 8.8.8.8:53 | na.mesk.skill.music.a2z.com | udp |
| IE | 13.224.68.77:443 | na.mesk.skill.music.a2z.com | tcp |
| IE | 13.224.68.77:443 | na.mesk.skill.music.a2z.com | tcp |
| US | 8.8.8.8:53 | completion.amazon.com | udp |
| US | 151.101.129.16:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | d5fx445wy2wpk.cloudfront.net | udp |
| US | 3.165.223.210:443 | images-na.ssl-images-amazon.com | tcp |
| US | 3.165.223.210:443 | images-na.ssl-images-amazon.com | tcp |
| IE | 99.86.122.82:443 | d5fx445wy2wpk.cloudfront.net | tcp |
| IE | 99.86.122.82:443 | d5fx445wy2wpk.cloudfront.net | tcp |
| IE | 99.86.122.82:443 | d5fx445wy2wpk.cloudfront.net | tcp |
| IE | 99.86.122.82:443 | d5fx445wy2wpk.cloudfront.net | tcp |
| US | 151.101.129.16:443 | m.media-amazon.com | udp |
| US | 151.101.129.16:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | fls-na.amazon.com | udp |
| US | 54.87.191.225:443 | fls-na.amazon.com | tcp |
| US | 8.8.8.8:53 | 16.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.223.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.122.86.99.in-addr.arpa | udp |
| US | 3.165.223.210:443 | images-na.ssl-images-amazon.com | udp |
| US | 8.8.8.8:53 | client.rum.us-east-1.amazonaws.com | udp |
| US | 8.8.8.8:53 | cdn.branch.io | udp |
| IE | 3.162.140.34:443 | client.rum.us-east-1.amazonaws.com | tcp |
| US | 3.165.232.54:443 | cdn.branch.io | tcp |
| US | 8.8.8.8:53 | cognito-identity.us-east-1.amazonaws.com | udp |
| US | 3.165.230.187:443 | www.amazon.com | tcp |
| US | 3.165.230.187:443 | www.amazon.com | tcp |
| US | 54.156.25.28:443 | cognito-identity.us-east-1.amazonaws.com | tcp |
| US | 44.215.128.78:443 | completion.amazon.com | tcp |
| US | 8.8.8.8:53 | app.link | udp |
| IE | 13.224.68.74:443 | app.link | tcp |
| US | 8.8.8.8:53 | unagi-na.amazon.com | udp |
| US | 8.8.8.8:53 | api2.branch.io | udp |
| US | 44.215.129.38:443 | unagi-na.amazon.com | tcp |
| IE | 3.162.140.92:443 | api2.branch.io | tcp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.191.87.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.230.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.25.156.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.128.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | session.app-performance.music.amazon.dev | udp |
| US | 54.80.71.94:443 | session.app-performance.music.amazon.dev | tcp |
| US | 8.8.8.8:53 | trace.app-performance.music.amazon.dev | udp |
| US | 3.165.230.187:443 | www.amazon.com | udp |
| US | 34.204.27.196:443 | trace.app-performance.music.amazon.dev | tcp |
| US | 8.8.8.8:53 | sts.us-east-1.amazonaws.com | udp |
| US | 8.8.8.8:53 | unagi.amazon.com | udp |
| US | 44.215.132.93:443 | unagi.amazon.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 67.220.242.104:443 | sts.us-east-1.amazonaws.com | tcp |
| IE | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 44.215.132.93:443 | unagi.amazon.com | tcp |
| US | 8.8.8.8:53 | 94.71.80.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.129.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.27.204.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.132.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.220.67.in-addr.arpa | udp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | music.amazon.com | udp |
| IE | 3.162.144.232:443 | music.amazon.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | match.360yield.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pbs.yahoo.com | udp |
| US | 8.8.8.8:53 | usersync.samplicio.us | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | www.imdb.com | udp |
| US | 8.8.8.8:53 | geo.ads.audio.thisisdax.com | udp |
| US | 8.8.8.8:53 | amazon.partners.tremorhub.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| IE | 108.128.65.103:443 | match.360yield.com | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| GB | 87.248.114.12:443 | pbs.yahoo.com | tcp |
| US | 8.8.8.8:53 | ads.samba.tv | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| DE | 3.67.108.241:443 | usersync.samplicio.us | tcp |
| NL | 35.214.251.236:443 | geo.ads.audio.thisisdax.com | tcp |
| IE | 3.162.142.56:443 | www.imdb.com | tcp |
| FR | 5.196.111.73:443 | rtb-csync.smartadserver.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 54.209.127.15:443 | ads.samba.tv | tcp |
| US | 44.215.132.93:443 | unagi.amazon.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| IE | 34.248.128.122:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | bs.serving-sys.com | udp |
| US | 8.8.8.8:53 | cookie-matching.mediarithmics.com | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | 231.157.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.144.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.65.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.108.67.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.251.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.142.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.128.248.34.in-addr.arpa | udp |
| SG | 74.125.130.94:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | is1-ssl.mzstatic.com | udp |
| IT | 2.20.224.30:443 | is1-ssl.mzstatic.com | tcp |
| US | 8.8.8.8:53 | 30.224.20.2.in-addr.arpa | udp |
| US | 3.165.223.210:443 | images-na.ssl-images-amazon.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | amazon.partners.tremorhub.com | udp |
| US | 8.8.8.8:53 | cms.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| GB | 87.248.114.12:443 | cms.analytics.yahoo.com | tcp |
| DE | 52.29.6.179:443 | aa.agkn.com | tcp |
| US | 23.192.21.147:443 | tags.bluekai.com | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| DK | 37.157.5.87:443 | c1.adform.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.67.156.62:443 | bs.serving-sys.com | tcp |
| FR | 54.36.150.182:443 | cookie-matching.mediarithmics.com | tcp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | usermatch.krxd.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | lm.serving-sys.com | udp |
| US | 3.165.232.46:443 | sb.scorecardresearch.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| DE | 3.65.151.29:443 | lm.serving-sys.com | tcp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| IE | 54.78.254.47:443 | loadus.exelator.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 35.241.62.124:443 | lciapi.ninthdecimal.com | tcp |
| US | 8.8.8.8:53 | pi.ispot.tv | udp |
| US | 8.8.8.8:53 | sync.taboola.com | udp |
| US | 151.101.194.132:443 | pi.ispot.tv | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.51.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.6.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.156.67.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.150.36.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.151.65.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.62.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.254.78.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 44.215.132.93:443 | unagi.amazon.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | update.msiservers.lan | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.200.14:443 | google.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh5.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | reformeronline.com | udp |
| US | 173.254.56.12:443 | reformeronline.com | tcp |
| US | 8.8.8.8:53 | 12.56.254.173.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | x.com | udp |
| US | 104.244.42.129:443 | x.com | tcp |
| US | 8.8.8.8:53 | 65.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| GB | 151.101.188.159:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| GB | 151.101.188.159:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| GB | 151.101.188.159:443 | pbs.twimg.com | tcp |
| GB | 151.101.188.159:443 | pbs.twimg.com | tcp |
| GB | 151.101.188.159:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | abs-0.twimg.com | udp |
| GB | 146.75.72.158:443 | video.twimg.com | tcp |
| US | 104.244.43.131:443 | abs-0.twimg.com | tcp |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.72.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.43.244.104.in-addr.arpa | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| CH | 104.77.37.101:443 | appleid.cdn-apple.com | tcp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 104.244.42.65:443 | x.com | tcp |
| US | 8.8.8.8:53 | 101.37.77.104.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | watchpeopledie-tv.webpkgcache.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.179.225:443 | watchpeopledie-tv.webpkgcache.com | tcp |
| GB | 142.250.179.225:443 | watchpeopledie-tv.webpkgcache.com | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | watchpeopledie.tv | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| GB | 142.250.179.225:443 | watchpeopledie-tv.webpkgcache.com | udp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | watchpeopledie.tv | tcp |
| US | 8.8.8.8:53 | i.watchpeopledie.tv | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 104.26.12.148:443 | i.watchpeopledie.tv | udp |
| US | 8.8.8.8:53 | 148.12.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | webcamtests.com | udp |
| US | 104.21.70.137:443 | webcamtests.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 104.21.70.137:443 | webcamtests.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | static.webcamtests.com | udp |
| US | 172.67.223.209:443 | static.webcamtests.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 137.70.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.223.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | 132.194.113.52.in-addr.arpa | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.66:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.33:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.33:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 104.21.70.137:443 | static.webcamtests.com | tcp |
| GB | 172.217.169.33:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| DK | 37.157.5.87:443 | c1.adform.net | tcp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | tcp |
| DK | 37.157.5.87:443 | c1.adform.net | tcp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 172.64.150.63:443 | a.tribalfusion.com | tcp |
| US | 172.64.150.63:443 | a.tribalfusion.com | tcp |
| DK | 37.157.5.87:443 | c1.adform.net | tcp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| IE | 34.251.26.95:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 34.251.26.95:443 | pr-bh.ybp.yahoo.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| IE | 34.249.168.140:443 | pm.w55c.net | tcp |
| IE | 34.249.168.140:443 | pm.w55c.net | tcp |
| US | 8.8.8.8:53 | 81.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 172.217.169.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | r.turn.com | udp |
| GB | 172.217.169.33:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.26.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.168.249.34.in-addr.arpa | udp |
| GB | 172.217.169.66:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.msiserver.lan | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 95.100.195.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 181.195.100.95.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.201.102:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nz7.googlevideo.com | udp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | tcp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nzk.googlevideo.com | udp |
| GB | 74.125.175.103:443 | rr2---sn-aigl6nzk.googlevideo.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 105.168.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.175.125.74.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-ntqe6n76.googlevideo.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| AU | 173.194.28.6:443 | rr1---sn-ntqe6n76.googlevideo.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | 6.28.194.173.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.179.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | i9.ytimg.com | udp |
| GB | 142.250.179.238:443 | i9.ytimg.com | tcp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | update.msiservers.lan | udp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | rr1---sn-q4flrnld.googlevideo.com | udp |
| US | 173.194.24.70:443 | rr1---sn-q4flrnld.googlevideo.com | udp |
| GB | 216.58.201.102:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 70.24.194.173.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | i9.ytimg.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | twitch.tv | udp |
| US | 151.101.194.167:443 | twitch.tv | tcp |
| US | 151.101.194.167:443 | twitch.tv | tcp |
| US | 8.8.8.8:53 | www.twitch.tv | udp |
| US | 151.101.2.214:443 | www.twitch.tv | tcp |
| US | 8.8.8.8:53 | 167.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static-cdn.jtvnw.net | udp |
| US | 8.8.8.8:53 | api.twitch.tv | udp |
| US | 8.8.8.8:53 | gql.twitch.tv | udp |
| US | 8.8.8.8:53 | assets.twitch.tv | udp |
| IE | 13.224.68.47:443 | assets.twitch.tv | tcp |
| IE | 13.224.68.47:443 | assets.twitch.tv | tcp |
| IE | 13.224.68.47:443 | assets.twitch.tv | tcp |
| IE | 13.224.68.47:443 | assets.twitch.tv | tcp |
| IE | 13.224.68.47:443 | assets.twitch.tv | tcp |
| US | 3.165.222.14:443 | static-cdn.jtvnw.net | tcp |
| US | 3.165.232.49:443 | api.twitch.tv | tcp |
| US | 8.8.8.8:53 | pubsub-edge.twitch.tv | udp |
| US | 8.8.8.8:53 | irc-ws.chat.twitch.tv | udp |
| US | 151.101.194.214:443 | gql.twitch.tv | tcp |
| US | 8.8.8.8:53 | passport.twitch.tv | udp |
| US | 8.8.8.8:53 | k.twitchcdn.net | udp |
| US | 151.101.2.167:443 | k.twitchcdn.net | tcp |
| IE | 13.224.68.47:443 | assets.twitch.tv | udp |
| US | 18.236.19.98:443 | irc-ws.chat.twitch.tv | tcp |
| US | 8.8.8.8:53 | vod-secure.twitch.tv | udp |
| US | 3.165.232.114:443 | vod-secure.twitch.tv | tcp |
| US | 8.8.8.8:53 | d2v02itv0y9u9t.cloudfront.net | udp |
| IE | 3.162.143.196:443 | d2v02itv0y9u9t.cloudfront.net | tcp |
| US | 151.101.194.214:443 | gql.twitch.tv | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| IE | 13.224.68.92:443 | passport.twitch.tv | tcp |
| US | 151.101.194.214:443 | gql.twitch.tv | udp |
| US | 8.8.8.8:53 | 214.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.222.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.19.236.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.143.162.3.in-addr.arpa | udp |
| IE | 13.224.68.47:443 | assets.twitch.tv | udp |
| US | 52.42.21.40:443 | pubsub-edge.twitch.tv | tcp |
| US | 8.8.8.8:53 | hermes.twitch.tv | udp |
| US | 8.8.8.8:53 | usher.ttvnw.net | udp |
| US | 3.165.232.31:443 | usher.ttvnw.net | tcp |
| IE | 3.162.140.120:443 | hermes.twitch.tv | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | video-weaver.prg03.hls.ttvnw.net | udp |
| AT | 52.223.198.20:443 | video-weaver.prg03.hls.ttvnw.net | tcp |
| US | 8.8.8.8:53 | 92.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.21.42.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.198.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | video-edge-87c6ca.prg03.abs.hls.ttvnw.net | udp |
| CZ | 52.223.202.46:443 | video-edge-87c6ca.prg03.abs.hls.ttvnw.net | tcp |
| US | 54.68.213.221:443 | video-edge-81b671.pdx01.abs.hls.ttvnw.net | tcp |
| US | 8.8.8.8:53 | 46.202.223.52.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | global.poe.live-video.net | udp |
| US | 23.160.0.0:443 | global.poe.live-video.net | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| IE | 3.253.167.114:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 221.213.68.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.160.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.167.253.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d3aqoihi2n8ty8.cloudfront.net | udp |
| US | 3.165.224.38:443 | d3aqoihi2n8ty8.cloudfront.net | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| IE | 67.220.226.234:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 3.165.232.46:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | 38.224.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | tcp |
| US | 3.165.223.210:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | panels.twitch.tv | udp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| GB | 3.162.20.62:443 | panels.twitch.tv | tcp |
| US | 8.8.8.8:53 | 62.20.162.3.in-addr.arpa | udp |
| US | 54.68.213.221:443 | video-edge-81b671.pdx01.abs.hls.ttvnw.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 172.217.169.14:443 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | playvalorant.com | udp |
| US | 8.8.8.8:53 | cmp.osano.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 15.197.167.90:443 | playvalorant.com | tcp |
| US | 15.197.167.90:443 | playvalorant.com | tcp |
| US | 3.165.232.91:443 | cmp.osano.com | tcp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 3.165.232.91:443 | cmp.osano.com | udp |
| US | 8.8.8.8:53 | cmsassets.rgpub.io | udp |
| US | 3.165.232.91:443 | cmp.osano.com | udp |
| US | 3.165.232.91:443 | cmp.osano.com | tcp |
| US | 8.8.8.8:53 | lolstatic-a.akamaihd.net | udp |
| CH | 80.67.82.107:443 | cmsassets.rgpub.io | tcp |
| CH | 80.67.82.107:443 | cmsassets.rgpub.io | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | cdn.rgpub.io | udp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| CH | 80.67.82.80:443 | cdn.rgpub.io | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| CH | 80.67.82.107:443 | cmsassets.rgpub.io | udp |
| US | 8.8.8.8:53 | 90.167.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.82.67.80.in-addr.arpa | udp |
| CH | 80.67.82.80:443 | cdn.rgpub.io | tcp |
| US | 8.8.8.8:53 | xsso.playvalorant.com | udp |
| CH | 80.67.82.80:443 | cdn.rgpub.io | tcp |
| US | 8.8.8.8:53 | valorant.secure.dyn.riotcdn.net | udp |
| CH | 80.67.82.80:443 | cdn.rgpub.io | tcp |
| US | 172.64.149.96:443 | xsso.playvalorant.com | tcp |
| CH | 80.67.82.73:443 | valorant.secure.dyn.riotcdn.net | tcp |
| CH | 173.222.108.115:443 | lolstatic-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | auth.riotgames.com | udp |
| US | 104.16.119.50:443 | auth.riotgames.com | tcp |
| US | 8.8.8.8:53 | 96.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.119.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.api.osano.com | udp |
| US | 3.165.232.128:443 | consent.api.osano.com | tcp |
| US | 8.8.8.8:53 | 128.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 15.197.167.90:443 | playvalorant.com | tcp |
| US | 3.165.232.91:443 | cmp.osano.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.14:443 | google.com | tcp |
| CH | 80.67.82.107:443 | cmsassets.rgpub.io | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | valorant.secure.dyn.riotcdn.net | udp |
| US | 104.17.174.5:443 | valorant.secure.dyn.riotcdn.net | tcp |
| US | 104.17.174.5:443 | valorant.secure.dyn.riotcdn.net | tcp |
| US | 8.8.8.8:53 | 5.174.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | data.riotgames.com | udp |
| US | 104.16.55.40:443 | data.riotgames.com | tcp |
| US | 8.8.8.8:53 | clientconfig.rpg.riotgames.com | udp |
| US | 104.18.157.37:443 | clientconfig.rpg.riotgames.com | tcp |
| US | 104.16.55.40:443 | data.riotgames.com | tcp |
| US | 8.8.8.8:53 | 40.55.16.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:55845 | tcp | |
| N/A | 127.0.0.1:55843 | tcp | |
| N/A | 127.0.0.1:55847 | tcp | |
| N/A | 127.0.0.1:55851 | tcp | |
| US | 8.8.8.8:53 | 37.157.18.104.in-addr.arpa | udp |
| US | 104.16.55.40:443 | data.riotgames.com | tcp |
| US | 104.18.157.37:443 | clientconfig.rpg.riotgames.com | tcp |
| N/A | 127.0.0.1:55927 | tcp | |
| N/A | 127.0.0.1:55929 | tcp | |
| N/A | 127.0.0.1:55932 | tcp | |
| N/A | 127.0.0.1:55935 | tcp | |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | store.epicgames.com | udp |
| US | 104.18.3.64:443 | store.epicgames.com | tcp |
| US | 104.18.3.64:443 | store.epicgames.com | tcp |
| US | 8.8.8.8:53 | 64.3.18.104.in-addr.arpa | udp |
| US | 104.18.3.64:443 | store.epicgames.com | udp |
| US | 8.8.8.8:53 | components.unrealengine.com | udp |
| US | 8.8.8.8:53 | epic-social-social-modules-prod.ol.epicgames.com | udp |
| US | 8.8.8.8:53 | cdn2.unrealengine.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.epicgames.com | udp |
| US | 8.8.8.8:53 | cdn1.unrealengine.com | udp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| GB | 13.224.81.126:443 | components.unrealengine.com | tcp |
| GB | 13.224.81.126:443 | components.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| CH | 23.32.113.92:443 | cdn1.unrealengine.com | tcp |
| IE | 13.224.68.68:443 | epic-social-social-modules-prod.ol.epicgames.com | tcp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 3.234.87.7:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | 126.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.113.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.87.234.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store-site-backend-static-ipv4.ak.epicgames.com | udp |
| US | 8.8.8.8:53 | cms-assets.unrealengine.com | udp |
| IE | 13.224.68.41:443 | cms-assets.unrealengine.com | tcp |
| GB | 23.214.157.159:443 | store-site-backend-static-ipv4.ak.epicgames.com | tcp |
| GB | 23.214.157.159:443 | store-site-backend-static-ipv4.ak.epicgames.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 41.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn1.epicgames.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.3.64:443 | store.epicgames.com | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | epicgames-privacy.my.onetrust.com | udp |
| US | 104.18.32.137:443 | epicgames-privacy.my.onetrust.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.67.101.151.in-addr.arpa | udp |
| US | 23.46.189.123:443 | store.steampowered.com | tcp |
| US | 23.46.189.123:443 | store.steampowered.com | tcp |
| US | 23.46.189.123:443 | store.steampowered.com | tcp |
| US | 23.46.189.123:443 | store.steampowered.com | tcp |
| US | 23.46.189.123:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 52.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.189.46.23.in-addr.arpa | udp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| NL | 23.207.106.113:443 | help.steampowered.com | tcp |
| NL | 23.207.106.113:443 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | 113.106.207.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| GB | 104.91.71.90:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 125.21.192.23.in-addr.arpa | udp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 90.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | test.steampowered.com | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| GB | 104.77.160.206:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | 206.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.103.247.162:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 162.247.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ext1-bom2.steamserver.net | udp |
| IN | 155.133.224.22:27030 | ext1-bom2.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-maa2.steamserver.net | udp |
| IN | 155.133.225.21:27030 | ext2-maa2.steamserver.net | tcp |
| IN | 155.133.225.21:27020 | ext2-maa2.steamserver.net | tcp |
| IN | 155.133.224.22:27033 | ext1-bom2.steamserver.net | tcp |
| N/A | 127.0.0.1:52816 | tcp | |
| N/A | 127.0.0.1:52800 | tcp | |
| IN | 155.133.224.22:443 | ext1-bom2.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-maa2.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-sgp1.steamserver.net | udp |
| IN | 155.133.225.20:443 | ext1-maa2.steamserver.net | tcp |
| US | 8.8.8.8:53 | 21.225.133.155.in-addr.arpa | udp |
| SG | 103.10.124.4:27020 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 104.91.71.89:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 104.91.71.89:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | cmp1-hkg1.steamserver.net | udp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| HK | 103.28.54.100:27018 | cmp1-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-lhr1.steamserver.net | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | cmp1-fra1.steamserver.net | udp |
| GB | 162.254.196.80:27019 | cmp2-lhr1.steamserver.net | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| DE | 155.133.250.4:27019 | cmp1-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 20.225.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.124.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-lhr1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 80.196.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.250.133.155.in-addr.arpa | udp |
| HK | 103.28.54.100:27019 | cmp1-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-hkg1.steamserver.net | udp |
| HK | 103.28.54.101:27021 | cmp2-hkg1.steamserver.net | tcp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 101.54.28.103.in-addr.arpa | udp |
| HK | 103.28.54.101:443 | cmp2-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-tyo3.steamserver.net | udp |
| JP | 45.121.184.20:27036 | ext1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.20:27031 | ext1-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-tyo3.steamserver.net | udp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-lax1.steamserver.net | udp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-iad1.steamserver.net | udp |
| US | 162.254.192.99:27018 | cmp2-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-lax1.steamserver.net | udp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 20.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 75.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.192.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-atl3.steamserver.net | udp |
| US | 162.254.199.165:443 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.165:27018 | cmp1-atl3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-atl3.steamserver.net | udp |
| US | 162.254.199.184:27018 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 162.254.195.75:27018 | cmp2-lax1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:443 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:27018 | cmp2-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sea1.steamserver.net | udp |
| US | 205.196.6.133:27018 | cmp2-sea1.steamserver.net | tcp |
| DE | 155.133.250.4:27023 | cmp1-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 165.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.6.196.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | crash.steampowered.com | udp |
| US | 208.64.203.173:443 | crash.steampowered.com | tcp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 104.91.71.91:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 91.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.203.64.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 162.254.196.80:27019 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:27018 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:443 | cmp2-lhr1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-par1.steamserver.net | udp |
| FR | 185.25.182.20:27031 | ext1-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-lhr1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 20.182.25.185.in-addr.arpa | udp |
| HK | 103.28.54.101:27020 | cmp2-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp3-hkg1.steamserver.net | udp |
| HK | 103.28.54.102:27018 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext4-tyo3.steamserver.net | udp |
| JP | 45.121.184.23:27023 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:27028 | ext4-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-ord1.steamserver.net | udp |
| US | 8.8.8.8:53 | 102.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.184.121.45.in-addr.arpa | udp |
| US | 162.254.193.103:27018 | cmp1-ord1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-dfw1.steamserver.net | udp |
| US | 155.133.253.52:27018 | cmp2-dfw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-dfw1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 103.193.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.253.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 208.64.203.173:443 | crash.steampowered.com | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| HK | 103.28.54.102:27021 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext6-hkg1.steamserver.net | udp |
| HK | 103.28.54.172:27024 | ext6-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:443 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext3-tyo3.steamserver.net | udp |
| JP | 45.121.184.22:27025 | ext3-tyo3.steamserver.net | tcp |
| JP | 45.121.184.20:27028 | ext1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-syd1.steamserver.net | udp |
| AU | 103.10.125.148:443 | ext1-syd1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 172.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.125.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-lax1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | ext1-gru1.steamserver.net | udp |
| BR | 155.133.227.34:27025 | ext1-gru1.steamserver.net | tcp |
| BR | 155.133.227.34:27030 | ext1-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-eze1.steamserver.net | udp |
| AR | 155.133.255.100:27023 | ext1-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-eze1.steamserver.net | udp |
| AR | 155.133.255.164:27019 | ext2-eze1.steamserver.net | tcp |
| AR | 155.133.255.100:443 | ext1-eze1.steamserver.net | tcp |
| CL | 155.133.249.180:27021 | ext1-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-scl1.steamserver.net | udp |
| CL | 155.133.249.164:27038 | ext2-scl1.steamserver.net | tcp |
| CL | 155.133.249.164:443 | ext2-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-lim1.steamserver.net | udp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.255.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.255.133.155.in-addr.arpa | udp |
| PE | 155.133.244.50:27019 | ext2-lim1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-lim1.steamserver.net | udp |
| PE | 155.133.244.34:27023 | ext1-lim1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 180.249.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.249.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.244.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.244.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ext1-dxb1.steamserver.net | udp |
| AE | 185.25.183.36:27030 | ext1-dxb1.steamserver.net | tcp |
| AE | 185.25.183.36:27033 | ext1-dxb1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-dxb1.steamserver.net | udp |
| AE | 185.25.183.52:443 | ext2-dxb1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-bom2.steamserver.net | udp |
| IN | 155.133.224.23:27025 | ext2-bom2.steamserver.net | tcp |
| IN | 155.133.224.23:27031 | ext2-bom2.steamserver.net | tcp |
| IN | 155.133.224.23:443 | ext2-bom2.steamserver.net | tcp |
| IN | 155.133.225.21:27020 | ext2-maa2.steamserver.net | tcp |
| IN | 155.133.225.21:27028 | ext2-maa2.steamserver.net | tcp |
| IN | 155.133.225.20:443 | ext1-maa2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-lhr1.steamserver.net | udp |
| GB | 162.254.196.79:27018 | cmp1-lhr1.steamserver.net | tcp |
| HK | 103.28.54.101:27018 | cmp2-hkg1.steamserver.net | tcp |
| HK | 103.28.54.101:27019 | cmp2-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 23.224.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.183.25.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.196.254.162.in-addr.arpa | udp |
| AE | 185.25.183.52:27029 | ext2-dxb1.steamserver.net | tcp |
| AE | 185.25.183.36:27021 | ext1-dxb1.steamserver.net | tcp |
| AE | 185.25.183.36:443 | ext1-dxb1.steamserver.net | tcp |
| IN | 155.133.224.22:27029 | ext1-bom2.steamserver.net | tcp |
| IN | 155.133.224.23:27037 | ext2-bom2.steamserver.net | tcp |
| IN | 155.133.225.20:27032 | ext1-maa2.steamserver.net | tcp |
| IN | 155.133.225.20:27023 | ext1-maa2.steamserver.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 74.125.105.39:443 | udp | |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-lhr1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 39.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.201.99:443 | tcp | |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | udp | |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.212.234:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 8.8.8.8:53 | toastyy.de | udp |
| US | 76.76.21.21:443 | toastyy.de | tcp |
| US | 8.8.8.8:53 | p2p-lhr1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | client-update.steamstatic.com | udp |
| US | 151.101.131.52:443 | client-update.steamstatic.com | tcp |
| GB | 104.91.71.90:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| HK | 103.28.54.172:27035 | ext6-hkg1.steamserver.net | tcp |
| HK | 103.28.54.100:27021 | cmp1-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| HK | 103.28.54.101:443 | cmp2-hkg1.steamserver.net | tcp |
| JP | 45.121.184.21:27037 | ext2-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:27037 | ext4-tyo3.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-iad1.steamserver.net | udp |
| US | 162.254.192.98:27018 | cmp1-iad1.steamserver.net | tcp |
| US | 162.254.193.103:27018 | cmp1-ord1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 104.91.71.89:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 98.192.254.162.in-addr.arpa | udp |
| AR | 155.133.255.100:27020 | ext1-eze1.steamserver.net | tcp |
| AR | 155.133.255.164:27022 | ext2-eze1.steamserver.net | tcp |
| AR | 155.133.255.164:443 | ext2-eze1.steamserver.net | tcp |
| CL | 155.133.249.180:27036 | ext1-scl1.steamserver.net | tcp |
| CL | 155.133.249.180:27037 | ext1-scl1.steamserver.net | tcp |
| BR | 155.133.227.34:27032 | ext1-gru1.steamserver.net | tcp |
| BR | 155.133.227.34:27030 | ext1-gru1.steamserver.net | tcp |
| CL | 155.133.249.164:443 | ext2-scl1.steamserver.net | tcp |
| PE | 155.133.244.50:27036 | ext2-lim1.steamserver.net | tcp |
| PE | 155.133.244.50:27022 | ext2-lim1.steamserver.net | tcp |
| US | 162.254.193.103:443 | cmp1-ord1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-waw1.steamserver.net | udp |
| PL | 155.133.230.50:27021 | ext2-waw1.steamserver.net | tcp |
| PL | 155.133.230.50:27022 | ext2-waw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-waw1.steamserver.net | udp |
| PL | 155.133.230.34:443 | ext1-waw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-fra2.steamserver.net | udp |
| US | 155.133.229.20:27024 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-fra1.steamserver.net | udp |
| DE | 155.133.250.20:27024 | cmp2-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-fra2.steamserver.net | udp |
| US | 155.133.229.4:27020 | cmp1-fra2.steamserver.net | tcp |
| US | 155.133.229.4:27018 | cmp1-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sto2.steamserver.net | udp |
| SE | 155.133.252.69:443 | cmp2-sto2.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 104.91.71.89:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 34.230.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.230.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.229.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.250.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.229.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.252.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | accounts.server.lan | udp |
| US | 151.101.194.167:443 | k.twitchcdn.net | tcp |
| US | 8.8.8.8:53 | update.msiservers.lan | udp |
| US | 151.101.2.219:443 | speedtest.net | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 162.254.196.80:27018 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.79:27018 | cmp1-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:443 | cmp2-lhr1.steamserver.net | tcp |
| US | 155.133.229.20:27019 | cmp2-fra2.steamserver.net | tcp |
| US | 155.133.229.20:27023 | cmp2-fra2.steamserver.net | tcp |
| DE | 155.133.250.20:27020 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.4:27024 | cmp1-fra2.steamserver.net | tcp |
| US | 155.133.229.4:443 | cmp1-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-ams1.steamserver.net | udp |
| NL | 155.133.248.42:27018 | cmp1-ams1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-sto1.steamserver.net | udp |
| SE | 162.254.198.44:27020 | ext1-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-par1.steamserver.net | udp |
| FR | 185.25.182.52:27033 | ext2-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sto2.steamserver.net | udp |
| SE | 155.133.252.68:443 | cmp1-sto2.steamserver.net | tcp |
| US | 8.8.8.8:53 | 42.248.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.182.25.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.252.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-par1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| GB | 216.58.201.110:443 | chrome.google.com | tcp |
Files
\??\pipe\crashpad_1600_ZGVYHKJREESJUMZB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 619c2c1bfd9be65120803a84819c8f1d |
| SHA1 | 4040ec9e00b62c7e2d4c47044737a0c5b12df2c6 |
| SHA256 | 3069af13d35090a91f40cdd6f120ce9eb69856ce10bf6cc01b1854bcbcfd270d |
| SHA512 | 66554f9921902e09e9dc7d1f09000048bb83b30f83d983d2ad4869a8f857217aca4a46390d470f9aba6a5f8280c20a861e61f3914d86c4350421ecf3afd65d87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b94521c7cf38dc03d6afe7effba233e |
| SHA1 | cc30f433ef00fa3de6db0025790458130641a4b7 |
| SHA256 | 4ad3b132ffbfd67560b4764d448e99eab2daf3ad641f26842e8610fbc13f037f |
| SHA512 | 3dcfeef19edc2e4c450a0c72aa2edbab19516c5606627619b7d91c4bccee99aee93631a69991c88f8e9d5be9ebb9b4ccd639f84928593e4b6ee1a31871d4ba10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3fdbeb525531ef436c2706b067837af7 |
| SHA1 | eed8c0ddfb4c3744e68a824343b81a2522a4e809 |
| SHA256 | 8d8a4401444e7001a721ca5de1b0ceb1bf8c73c67cbf7250fddf6b90d3e7e072 |
| SHA512 | 4448336a5996046765f2f1549025d2d25d932cfc24193d68184ba3d1f5e4bada3dc72e83dd9e4efccf670345d9591f586aaf69c5b9fff2375dd709bbe54d5143 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1600_602995824\8985737e-3fa0-4cfa-a544-74e55e59c1b8.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir1600_602995824\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | cadee18eadd04ab3165de89f58302a64 |
| SHA1 | fd9f4b05803795759720466b18cd4450afe198fd |
| SHA256 | e5264f952e8db61317f802fe0463691c45cf3872df8f85812853369befc8a774 |
| SHA512 | f27890f888c1e53c5b6e596a67579abbab49fdc09e81d07b8df73ec12ee4fbd4afedaed0694e43e84d68aa1357e2e58246f5f52d5cccd7f5b0dd034a8193a373 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | df1ae5c8909862b34373da7e37d5c72b |
| SHA1 | d5774b6498252aa164ea357f0b5990d0bba529cc |
| SHA256 | 71f52be854d56c85dab42e5dadf0b2e25179708b0bcbed33f71ecf47f454b39e |
| SHA512 | ccb705f0eb8224e321293dd639855f5b81fccff27e26af7ccdb6b5f8f1f565369d18f44b44c09e1c092e8016f41a81ca0584f51521c29f4ed66746de75bbaedc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27d4b8d7bbb97021abaa0fe4be3763b5 |
| SHA1 | 0d5dffea8d0442c68da3a6ba0605ff4329f347b9 |
| SHA256 | 38b94bf8ac49766a7ac92e87adf88627949b2af6ea98b004892d797a369e75c2 |
| SHA512 | 5e09500736bb4de991d29a83d6c37da96fb1e6ab48234bbac2e1df6366ee4f72b48824090759b4638332bc6a26a4e9440d9c73ff19c584a9b00ecc22c94069aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 654b072419ad282ebfa5e5e154082ac0 |
| SHA1 | d9f9a022f7133cefa7d41ba305e4a5549ba47196 |
| SHA256 | eae98b18f299299978365fabcca88325e6acf5cf7cbe1418afcd89ea708a201e |
| SHA512 | f374212fdb60409c7f623b70ad3a238aff523bc8dff889708321e32856717f21d0b317487b9af2396ffbdec14ed4d3febca8a86c2fbe4619a0a9c2c77d7c9602 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | e3d5090a7ed93e09790ff83780acf6a5 |
| SHA1 | 8ae60ba85a907c18ed19145f6498b0fc5124138e |
| SHA256 | 39fdcbd87e15efdcad2005e4a2095501921fb616c74b31156b4179cffb42f83e |
| SHA512 | 91ef65fe612dfaf548344f1d64fc0f8a688c1d3c3961afeb27b06c8a2a6c039cfdc403f6e608bfff45bc95d432c27f98f2d96965ac1df74e76222476a60c8494 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | a361c5931798b2d1a9f575398930d1c0 |
| SHA1 | 9e5b47026de027f0e53329ba5feff7de13fcd41e |
| SHA256 | f9fc03f33376d7a261602aae3fdf7c0bedad2fca45740224cf162a039c0cfa7a |
| SHA512 | abf0c5ab59022251a95b8c9ca38717591510b27ab1e156d42f9dd919dc5b915a29fc96dd7ef13766b44e14990856179820dc82df113223404dab9dfce39e1c95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 9be600473100e7e2bdaba5c844fcc60c |
| SHA1 | 42530c7ae038dc344d7bc136be455262e5e7f0df |
| SHA256 | c936997c77f8afe4acbdfce4fbe0c580be63e378b2789291bc6a0e4f93e75e0c |
| SHA512 | d94a8b3c4b1acac99e7e8c00e2aeea554999975635d710df23b5513d65f9758f8ca2987e7afe59520161cf3e176670211eda170d64250fa079617f3946eeb423 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1dc5d9653533866698aae3ee847fb408 |
| SHA1 | 2c7915fda6773ebab79ef2170c410fb4ef476462 |
| SHA256 | bc10a1003a6ea8f45a27d0b04557acd020129301ed04d7fa7a101b48bc3c6235 |
| SHA512 | 2455734b20c16d69ef5a40a2047f9bc4f8f8282ad0f06fc70f0bc6fe667e60cc3f295799cc253bcd974eb8d43f5f25311079d579ccd4900e0276a13f4e7e7fca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2253b3e2937e16617caefb402de7d157 |
| SHA1 | be54f275f1f16796926b8514e5759b8f031fb14c |
| SHA256 | 1f808da39cc4c87a6ab0abfaa8ac7ff3d7a8eda70853f8f56f78baa235a251cf |
| SHA512 | 643f9cbc4d3ba729aaff9deed4d7f4f6bdd26aaca8ae843d537b7c06084ca6f771fb731686fc4de93ece9983f09e9018366ce58ecfec99cc8d4813d987619c2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ad5a62d87e92ee5a9192d4410456cd3 |
| SHA1 | 87ce894a034beb3cdebdbe70614d58a311248006 |
| SHA256 | 340e24c6bb05ac432d0f2baf2cc25eeecbedd4ccdfe3f9a2e733ae935818b5b8 |
| SHA512 | bd0613772200dbdcb980160af77e34343a91884b57b4d545605508abd33859164eae06436be0122ab24763d60ad1cc0cf6aa692f5bf6582e90ce718bc705b124 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dcf9ca5a4c0f672493bc73102b04630b |
| SHA1 | 5db5743a0baece582ff8dbce9432e3dbb0e22153 |
| SHA256 | e24da6124b5376137c0b4c327e6e475408a1c7724d9a8830ad564b2dff5ae36e |
| SHA512 | 3e6dd6744f60a3c361b93b0c38bcbffcab9dc691acb516f60138fa23ed9076a995d02c073b6338352af5246b6c9ed110cc84aa8085319be2fac6dac319e94d69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ba6ef346187b40694d493da98d5da979 |
| SHA1 | 643c15bec043f8673943885199bb06cd1652ee37 |
| SHA256 | d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73 |
| SHA512 | 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fa67b21c-d444-4df8-a262-25b243cd3e45.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4929bee338c92e94d9e3e83a1b3f96ad |
| SHA1 | 671890f5406c8f03eb7405ee574e22d9cb8f731e |
| SHA256 | 5cf4fced7e3e5d76536833f58bb8b5cb3bbb01483762453bde8f800dede9b657 |
| SHA512 | 7c0429a16b523ba15e604b041615cd0db4cbb7ac8c542ea2f58afa452a57f8ae1afc758f78fab1954060374ba159dd8f19375dd5dba1c17d6017c06b6e0f1f74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8301d0b47dfc8308e5e6dde791bf011 |
| SHA1 | 801353c7d9e9e3c260d4e26ae43de833976eb0b1 |
| SHA256 | fae5f29bc1f0bf7ffe3a99d9dea5477ad65cb378255818053dcf0cf29f2fb9d3 |
| SHA512 | ea93f9813fbed6d2f8048a058c93576bc9668d4adaa340d2ab54cf90f756eeddf2a88f364b5771358ddafcff8b25edebdf35087ec022a912157d3fdb42f1d43a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80ba8a833d7ba86ddd89addebe95cd23 |
| SHA1 | 370b939046136e2a64ae70cd65256378a49c9345 |
| SHA256 | 80c9f0a591c3919a88ba2472b88f447cf3516f165addd8e0390279f956689df0 |
| SHA512 | 29eafdda0703de3e55da52d1766c2a53b5cb863b35fd769f366c7533f84d83281145c1ebee024b6269fcd0183ef61825ff8489b2cbb465f6cb4f721c63ebfed5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0cf1cb484e26b2c22424540bd893a953 |
| SHA1 | 63791a72fcf7c325b9c48c8ad472e0371aeba776 |
| SHA256 | 0522f9a00ebd6415cc8057d162c0e077924c1f2c7d2d15270f52a8ef9c07ce20 |
| SHA512 | 3fcaf10ed15e50820e2893b5e5e4b0899a126b65225f81958faa83a59c07d03da1431751698e37dd4950ee7835230016f27ddae5e07ef77d8b240da0a2b8f5a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 139383f416045bace5748c495095a0a4 |
| SHA1 | 8a8fed1697061d0a262ce81c1eea45172de89cc2 |
| SHA256 | 3125cf5e0275850ba46af2357246e2829d04053d38a0a6fb606ce4756b422a62 |
| SHA512 | 57f0d8d252e10c503e0f2ee89141b6bcdbeff5ec089d32e48607cd9e66b949258683232f3fa24be353df1eb1cfb9b83b781cbfc9af36b459efd635de0519e799 |
memory/6404-939-0x000001D32F800000-0x000001D32F900000-memory.dmp
memory/6404-937-0x000001D32F800000-0x000001D32F900000-memory.dmp
memory/6404-1149-0x000001D343070000-0x000001D343090000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f2f44e2d0cc9e7a01c2291948a3064c2 |
| SHA1 | e094654e1ed27c4629f4632e7cf43438cc7db5ed |
| SHA256 | db627a55e7edbca0dd804e8294c3e4cf6bbe616cded0f60d31d204b8791d41cc |
| SHA512 | 0d752b03dccf4fae8bf0bb8592575ee86dba7ffbcfcaf3de891f65dda8290ec972bd03442528911d72a15ad4e07e9f72ed31f4d149adc0b935dafc187b70f526 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | edfd687ef2ded133775bfaaf6589ca39 |
| SHA1 | a6cc37f6f3ebe2bf72a3bacbe507973c9e04249a |
| SHA256 | a8494b846c7d6ec457dc1857cb3b5c6edcf09054999459bfba5a2bc5e31d286c |
| SHA512 | cc23c1e3a73a094e44e692b047908b8c034d46a107a7b24f0e8e49e0015bc3e29d7817a59593052bc3b818357810cac39bd9e9ff8144cce4279d3635746b2b64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a87af091e7c58c44b10232a9a8a860f |
| SHA1 | 840b93df3697c24eb2ad1b262351de776b6b0dda |
| SHA256 | 62e90a76043f14a48d3981a60e8e3c0d5d010621e866e6a3d0f0f65931366f41 |
| SHA512 | 7a0a845f9c5dd66cf709ed50d0ade00290ebdcc902058ac11661c618ce1dc8d3d338acc6b7547231d35663cf009736816cabbfc9d929acb08fb001b7fd337c74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b8880802fc2bb880a7a869faa01315b0 |
| SHA1 | 51d1a3fa2c272f094515675d82150bfce08ee8d3 |
| SHA256 | 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812 |
| SHA512 | e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfcaecf14c49c97731f7108d80580262 |
| SHA1 | 0c73d317181c1d8e2ed3ec552b25748ca1558f66 |
| SHA256 | b5323e5c02b773fd6bbd6cc765c1dcb48c2e4ad87cbeea0e7df0a46323410971 |
| SHA512 | 30352d70479e418e3348c98a31c2a9930270af59057b97076e3516cae0b4111e0252dfd8cee91eb82ae70a2f9549ff2a00bb483bdffc0ddf081369d7a15b561d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 972b515ca96d2c138ca5ad5717060d0a |
| SHA1 | b3fe8aae7addc497ec7ecb8615e30b730c596e9c |
| SHA256 | 28a340e7146c0f47de553cbe3a2e0853ae02209ea0a409f06352c94cee496e15 |
| SHA512 | ec71cee68c0f9963c8f71297f1c22d9e0f64b35c92f9510386bb48d528caf331ab9eaddcfa243a251853f3c731c309f0b236f5859c708c6e09c1b43461ef35db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 910a7b574c370e0f726b848d8ac36660 |
| SHA1 | e4fa037525b40691b48a7b7e5f9bf1c7ee3e00f4 |
| SHA256 | 6f114261580cf14a9deb6fd528590fb493bd70643d37c84d1bc722f03dc69c35 |
| SHA512 | 85937c3d94bc8a6d5d2b18304c4ae1c6fb0673a7059198b2fba186567297d087bbaa873190de33fb0cef2bdb8bf675f58bc5cc8a7a898d62e71f9d532d204726 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48b473af8538adcbd3ef6cf2999bf592 |
| SHA1 | fc057b37727232b217cda0178958da285a25f2eb |
| SHA256 | e374b754609dc141ad74c3e552c39535e186da25c310a120b19f033a3cb99e96 |
| SHA512 | c8e455e7c591c1967dc787f460096cfa87fbc593e68c3896bb2e0cd8b72bce60fd2b9a4a6a08bd580e9b857d8ca6c6510d599795b3d31b563e1c399fb1445b2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 85fb1a5bf4a924ebfe62fb6edd182826 |
| SHA1 | b37b595e940fafba25a1cc6c9a445fb490dbffd4 |
| SHA256 | 73d6025197f43485f3bfb5adefbe5b6640ee24042cf14b3d58c615b531006d77 |
| SHA512 | 1547efa29fbc386a45f272d392738ce4e8f26df287f8d4908f26a5b550968797bca5de9c06350963ad53dc798afc3283c4f05843362ae6c8380655685c0c551a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4df4574bfbb7e0b0bc56c2c9b12b6c47 |
| SHA1 | 81efcbd3e3da8221444a21f45305af6fa4b71907 |
| SHA256 | e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377 |
| SHA512 | 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a |
memory/7808-1535-0x0000000000400000-0x0000000000481000-memory.dmp
memory/7904-1550-0x0000000000400000-0x0000000000481000-memory.dmp
memory/7904-1552-0x0000000074270000-0x000000007427E000-memory.dmp
memory/7904-1551-0x00000000748C0000-0x00000000748CB000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\System.dll
| MD5 | 4f25d99bf1375fe5e61b037b2616695d |
| SHA1 | 958fad0e54df0736ddab28ff6cb93e6ed580c862 |
| SHA256 | 803931797d95777248dee4f2a563aed51fe931d2dd28faec507c69ed0f26f647 |
| SHA512 | 96a8446f322cd62377a93d2088c0ce06087da27ef95a391e02c505fb4eb1d00419143d67d89494c2ef6f57ae2fd7f049c86e00858d1b193ec6dde4d0fe0e3130 |
C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\nsDialogs.dll
| MD5 | 2029c44871670eec937d1a8c1e9faa21 |
| SHA1 | e8d53b9e8bc475cc274d80d3836b526d8dd2747a |
| SHA256 | a4ae6d33f940a80e8fe34537c5cc1f8b8679c979607969320cfb750c15809ac2 |
| SHA512 | 6f151c9818ac2f3aef6d4cabd8122c7e22ccf0b84fa5d4bcc951f8c3d00e8c270127eac1e9d93c5f4594ac90de8aff87dc6e96562f532a3d19c0da63a28654b7 |
C:\Users\Admin\AppData\Local\Temp\nsg5DE2.tmp\LangDLL.dll
| MD5 | 20850d4d5416fbfd6a02e8a120f360fc |
| SHA1 | ac34f3a34aaa4a21efd6a32bc93102639170e219 |
| SHA256 | 860b409b065b747aab2a9937f02d08b6fd7309993b50d8e4b53983c8c2b56b61 |
| SHA512 | c8048b9ae0ced72a384c5ab781083a76b96ae08d5c8a5c7797f75a7e54e9cd9192349f185ee88c9cf0514fc8d59e37e01d88b9c8106321c0581659ebe1d1c276 |
memory/7904-1562-0x0000000000400000-0x0000000000481000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7ccce01f3f585726148196844f6db575 |
| SHA1 | 84eaafa25d41c4e20ebd20864bde57739ddbdc21 |
| SHA256 | 3ad9324b23e025dcb66f6f4c5797608c59deabcc76f844f00b3df43384c313df |
| SHA512 | bb8263f2a938f7045480746c8f3307ee8707093cadb64ad406c0a922b8da7529315da9726a99ecfe6fcdc2207f3fe0f089200c4b00745cf9be76ebc5db8bee39 |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3645ff356ecfa82a5f5df12b4716baf1 |
| SHA1 | 18246fbd6a4ed11931c3355d04bb2800d0db4213 |
| SHA256 | bc9ac6a1276e62cf00560133173cf07fca0f9a07c91a57200ef84ceb4895bead |
| SHA512 | a7f792bb6b413affcb513c88dd93ca70f9463d3ae4093357dff0bdf44b658d6a1472b98dfeee47dc3c61f7d73e6ab9d60d9b6253bd814f2a163cb6d58260b0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 1fd2bcf7be677e004a5421b78e261340 |
| SHA1 | 4e5abd04329ee1ffaebe9c04b67deef17f89ff84 |
| SHA256 | f539c848f584add20b43d5daefd614526b67adbf22b0c89eaa7802a8a653cd31 |
| SHA512 | 929499946e38281bd808b37b362c4a86f3b6382eb1ecd5fc094410d3688906d14a114ca930a2cf38b6241ab734bc5959e6fe541270d47ca9538e82a68c99cc77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d926b87a931305a2625642f52209cf75 |
| SHA1 | 05cc5834ed1ba9603f3a6b05d4ed2379716e1d83 |
| SHA256 | 332dbaf1eac8ef598e2062d307605b3a4a5f21d1d6f4787cac2635c3b88bb134 |
| SHA512 | beb22c108a33c6a45647b3f3fd8e686cbbcd99b8ac72c5331ebba9b74f01fda8bee0e1176c5150cefb40f319fd06c0737442b810e223bb8f46d9e82691e7707b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c6de5dd2c2c766cd19a2147aa7fc4c36 |
| SHA1 | 4be28ac84a0170528bae674988363756278b2c13 |
| SHA256 | 4979eb407201e2029255b5aed3e5e9b5ff4992ab6cfa115f757c479a035168d6 |
| SHA512 | e3141d6ae66ee055a1ebe16000f1be0d1837a264218674b2e729c82f17721edad82d87d0339e30a37c8cb81669777783f43e918a44272148073fd9be18bec881 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64962e69eeffbede9bec72a72bb4b15e |
| SHA1 | 4ccb43991ced06ff17a6a0131c235a4de994c821 |
| SHA256 | 65ba2b62a632449eb8a307073c1c6f2a0ea167de63ca773ac1c4e63485b563ba |
| SHA512 | d5aa96a8e534e11319d894c0699dfeb72f9c9050e131efc60e3a0822eb862a0a5bd2784902e6bfc8b05c3294b330b31e00a28b4653be6dc65ec4ca7582790275 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 02a83b30665be601a50562d96d1e74e5 |
| SHA1 | 00a2c45af5a2867ac4f1f51048ce2049b5296e97 |
| SHA256 | c0d656ad0133ff63a4729589b32292ab03fbafee849392e9160c940a34f10e59 |
| SHA512 | 4444d54239b587146aa3c1ea216490270b09b72ffcbca68f551ed68980b43a564e40b2bb270a275cfa7b1d889e643f33b8f7e838517495eb1d48ec03fa18f6ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9bd8f8675c321fedbd176c8b3e014151 |
| SHA1 | 116db44da465ee64b9e9f7df5c629c20e48b854a |
| SHA256 | 719867daf511d8060b2b3f0f70cc2d148c37767e837395ab195d56a46e085e3d |
| SHA512 | 20a005a4e89777c1ced51cf582f035ce412ed4f730b84bd663800bf933dd3ea87a9bf4a2698b5a28ae38c5eaf413af698247e78b317396d56eff61bb0cff4c0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | ebd35f5589cadcac437f36912cbd5770 |
| SHA1 | 45912ef2c8784ae09876814d1d136bc0077b28cd |
| SHA256 | ed26b73846089245d0dc44bb754be3cb08c6f5671554e9091b84e1bcfaa642ee |
| SHA512 | 3523348c8732b76611a850f09ed44cb15bb2a9930da478bbf6d4b15cde2dffba37ae47cc3cd01e4cb9415428abacf67ee4207a4725d4ba4f6d433648b0a0c46e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21e28b19a80b9ed5ed2d4c3210b81d3e |
| SHA1 | 69729a39de2f357912f535bf77198167cc283423 |
| SHA256 | 7d773bdee1dc61dc849bf3af81efa29647cb104802c33b3251bd9f05274a8466 |
| SHA512 | a6d34c823f15a3a1a0f6f2532c626ee5e07fc23c643cddfcea6edc4d68ca8555aa931837d8202e39898238a10a6621d690ed364aef99a8a2a1e6f4173a094f8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 482aafb7652e576e238b4d10d658363e |
| SHA1 | a27c1527bc7a0e56e632aa49b91387725895cbcd |
| SHA256 | 7757835765d9911a0c6988f11937fe7cacbf816a0d74ffae90263669d5c47e16 |
| SHA512 | 25e3b71d7de8ac9fdef0d204c5eff79e4fc4c8ccc82c521707dbfef6c6604a38dc0264298e7babeed6dc77455528bffb06a47e1c53db920dcef4e428cd990ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a45ef035e34e888ddc00a21191bd01ea |
| SHA1 | 01adb9a1274aca1ff7917e970af2d467388189f9 |
| SHA256 | ef6f9b8149e83484335aeb8b1cec807f1b72fe42f03675469b0c3c17fd3080da |
| SHA512 | dc4b0a0d5593d5e9f114b8f29e43f56a48930c89d28f854cf7afcfaad8262639bd5ccb0adfa7ffaca106db69db2a36932c8c6bc05e2d4c8ed4fd23eec638ca5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9dc35af414fea0ad81ba7ee6a7aec3c2 |
| SHA1 | 0e1474f0d0a3b8f7315f149864ad7edc5c44c6df |
| SHA256 | b26180ed9e63a933fb06f0e83eca5dc68d6515e63c7e8161e1e04496fe1c7a91 |
| SHA512 | 9edd5d396d251767c76df78953feaf4dabd207ad04e39c81a9465bc0c8ba3630dab8a9d541087fd09430019421dfa005d5af2a839f0504f8a8fa17a93927c33b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 47bd94f2924c77e2cd0d6281e224d315 |
| SHA1 | 6693b3108fc384c93ada4974eec6aca4933f39aa |
| SHA256 | 892f79a98ff32dfcd23521643afc675639c4214faeced171d295a1a96930b345 |
| SHA512 | 76a882fe15b06a055e2baebd0f5be197707097de197b9a0e7a36b467f7170858086e1523868ffb3dabee75930386c19b320930cb31b795fb641cffe46cad5cf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1cd0e61245474b09510d26d2aa3959c0 |
| SHA1 | 07ab62a18d182239bbb3adcc0d463af0441386d9 |
| SHA256 | b4a043a88ea9fb630d99ee83d8ee63961d3ec53450529ccc734f876bf8aae2a2 |
| SHA512 | 5e871ee4c1ad1e7f7404a5f4ea771655af7d000720b2ac2be0b73d86d253d7b3e69dcc9caa0f71e4ff56a2493e5a3d0b606f4dde904cbae564eefc4ac14875f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\382c3e1d-a8ae-44b3-b1a5-61ad212f032a.tmp
| MD5 | 7095956bd248525ec4d5da4ed52bae1c |
| SHA1 | 5f0346be408d9c21342174112e507324675888c1 |
| SHA256 | 24581e17d47c398af6ec6db3d80bafe2416cf7b1f4fb47288ec03dde5ee64690 |
| SHA512 | ddcf59e5d6bcfb425e8526f49158d7d73a93cba73c0870dfce9fe8dd8cbb977c551b2aa4208b1fff25c4982e32a5b15e1dddb865ba15d6755dd1a31331e3b0ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 362108b2bcdaa12b9887f3fe4d02680d |
| SHA1 | eb0dde39aa476285110f24dd180560f605ea2636 |
| SHA256 | 48223a73066ab30fdc6625b3e44fc4d4613fad21864736b9ff08d9ad62a94ca7 |
| SHA512 | 5021a3c24d43d0e9aed221334b49d5590f5a373050fd1841e4032abe0260f524f4b2012ce7b2ea5c9d2b8e5f39e74ae1a917f07399e55b0becf7f3f0592e7195 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66277756cd9163850370873c2ce13365 |
| SHA1 | 360c410567b1e9cb6a38f6187705f585d94b2802 |
| SHA256 | 9c567f3e5c6c58b90ac50ef492b024993b467ce0549dfb53fc3712d1400630a5 |
| SHA512 | 8cf8a79a4c05a4d35dc67fb05d46bc65169a0f9259f0d5f7426f85003c7ae64e4545bec91868e68db8dc3b8536dbf367923586c7778a00a557724ce35ad6c356 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a20b38ee724fa2fc3e2514462ce20140 |
| SHA1 | 76973bc361c530ed4300849a89af3a49b41832d2 |
| SHA256 | d37c38ace5cdb67e8b8be60f989546c27df1e38eb43ff80357fdc50d950398fb |
| SHA512 | 0eb40905decdccb32b1cd925d72c145dc7c6666353092ee3cc84ef2ef1ddfddb058b35ab67d682af2f0cd3f36853acea1ef921c28b74aac6f624c766a631a200 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35389b81e001e9420bf139ffcaf250e0 |
| SHA1 | 565c1adce989ee8e7ad19f3a02d91c91d9169d57 |
| SHA256 | d39cf373fbc0e301524f7692ed82526ae60bc6d23525c5627b47f3198a734eac |
| SHA512 | 57e7832d6ec5fcdb759e8157f49ca8e3b819fa76fe35541acd793f4c8d2ceddf976fb07afa552f4b93341f99305aa6452274303a57f5504c0193efdc36a361c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a9706b7e95422ab2387abf7e9a44c4a0 |
| SHA1 | c6a688e40487085e9222cd46227bd0d7df8913fa |
| SHA256 | 1f6467571c06480916eecc525d80c326a36220bc7151bb368a6b961419efd5ef |
| SHA512 | e6b6113f84fdc407ee1f55c6ecefa2132214f5f7d52ae4478c1961d4571408557d030b0f2fa48e0e1741d9f46797e7ae24f107986ae11fa992b556cabdb69f17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067
| MD5 | 975845fc8176e258c6e128be6e6edaa9 |
| SHA1 | 35eff76f16dbe2ed0ba944472f4baddd243e7745 |
| SHA256 | 4a650c102b8164f5058f9863d499a7afe1a5c808b3feefb1a37c4a1a8d380dc1 |
| SHA512 | a324452fef1442882970461fd04cf58b216e8f396bf722d94c101c63b0d8d02507863626a1e4dd234ddee3bf0f5c931d5241c702c9e625095aa38bce438c6a77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8c8f15c687fa93a291068154ef57268c |
| SHA1 | b2415a78e1a86e7b316d9de1ccc952e83d064331 |
| SHA256 | 4ba1aeb9bf1e748a09eefab5f829936bb58f1be4d743ccfc7468b1e7100659b6 |
| SHA512 | 1afdb3e409524ffe02f0df594f354af3b41bd502d1d0711a816a3a047895af5247040566d65380c5de9f2c6cd2ed11f71d954434dd929b6cd9e65563f9a1f957 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9fec39ee0390a65ed4f745e4c29c0621 |
| SHA1 | 229b8409cfd501809971fa24a884c692a5e95187 |
| SHA256 | f94d1272c02eeeb714d38310b594dad57ca1e020c8d42a561cb2f9550a1ee5e8 |
| SHA512 | 73bc207a1b38ef5384ef99afc3a46a7b6377181c42fd6c6dd08b74feff9820671555a5f40713c3e144264248201f2000a73a5a2af38617c299f79b4e46ab8b9b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | bbbbbc5bcb68c2767330905771de13f2 |
| SHA1 | e3dd5f8d637a623ce95ed9bba155af8fb30cf23b |
| SHA256 | 497339d7386f42c1cf9ed78c57425a68cdc2595f3833f3af6a05de1334ddcc92 |
| SHA512 | 9657dcb97277d2cf37eef7d7684be4f37abb538f25a7eef96b651e59b56f8acf4c2ecd48afe65bea983cef39ae2e1f295219fbf6569cce05a03c38d5fa120e64 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 1a386ca337bd9cf18008a840e2d72be6 |
| SHA1 | d3d15965dea22e746fb12baa29cbeec23dccf282 |
| SHA256 | 959d14e4919d3a7317f1955bbc35079a3e8d8d117533e68a47067416c3c5a37d |
| SHA512 | 034f417d8b3c787105bc4090140e91563c7d34f5f5be048723e73d53b8b10d5d59bca8eb033f73cf86f428f03358e4756fe075df7d8c96cee6a52acf6a8c8be0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 69af2f84a73ae654190d4731f1ba38f4 |
| SHA1 | f24598927c0252398b8ae1baf78e5823ba758edd |
| SHA256 | a460346ca5141e6b9bc66712c204b3d5a87c13e308d7ffff619ffdc20e6230b7 |
| SHA512 | d47a423f5537c5323db231680f085c105a92f3a809ddd67083978b7b0dc573bf970cca7d61a80312420eb1d0ba3e96050c36dc45cd0a766944c65b9c1592e491 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 11f3512798d9e5c9857f9c8dd76d6d0f |
| SHA1 | b8ab7499b6239115a1d9f3da862f3dd7d65f1eae |
| SHA256 | 34888cba2aba14c87700105cf058e212afb5230b9e288da9c72eb572042d7ffd |
| SHA512 | d58371da50a77dadbb327e727fc61670ea45fe0d98b9c2a078dda6b819f1b4df965a164b37ec1beb31f9cc3c0f310ad338b8f600b62af8ad135913a041f84dc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67506e7f55b6509034b1405584a89c3f |
| SHA1 | 977c61372d72cb5237439650eea0341d64cd688a |
| SHA256 | c7d1e5d17263428173563e5fa158fe64b4cd0a372562f79fca73b646e7b007de |
| SHA512 | 04626435b039cf9d5a2e992b7fe606aacdcd556f09ad251a8766949142efe5d40fde3269084331bae00f5864ec327686277e60cb368821319863f84f36930eeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 019dcfd06d955e587966638ecc217d7f |
| SHA1 | d869771977b009441ae339d5bb921b977199532e |
| SHA256 | 3bef20dde38d5a6ec0b1ae1bfef6f36fb32f43d76d55ab7f1de9979673ad8fbc |
| SHA512 | 93a8606bc7295604a16873315608941305dff7cd276b76221f03619f91afcfd231e477d067e58c13724d2e28f14a2a376278d6b77e1767fae405274e6969c8b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aabe41d85aa0d02ed99dc6c56e0f5f2e |
| SHA1 | 46df81e892c8e12379ebecf4c913968a16f32458 |
| SHA256 | 9ed046a0eb8f84c6a2fdcbec0e638524cf721ae253c4303d968d7111f7eec2aa |
| SHA512 | 67269f503b2aa95a2d0570c63a41153f6e380065261ba30ae62559cf5f2da5f9029738506bb56754337678264cfaedb646513ab4a048036a8536927eae0a58c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2290b3c8df1ff804c690f47ae4c8cb1 |
| SHA1 | 53ccbc089c278e4780835c7fc1bb91b3cba7e0ee |
| SHA256 | cb2c93c6a5767350d584ecdcee7efc0cc734e5c913f35428898ec8a4ba541404 |
| SHA512 | 15877f7a16d23f29b0de2e94b1e083bfad0b3f00bb3b1c9ef2c88dd648ae2a20bd91cc878240e61a16f3f613baa4204f37faa9d25f3ff3842f7588a101ba4a0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f98dcfd27bd15d2023d3169befc826b6 |
| SHA1 | eedd2b98f1385f9e80b489aae77dcdd5893cc651 |
| SHA256 | 5085dc2d7ebf4e5438d7b10301d1824612bcfed3d451aa938c44ad8807b69966 |
| SHA512 | 40868fb4c767629fdd143e895f5918da02ba34c501ac2f0e40f585b73da82cf513a2723124aebba9d75968014cca09a96b87b10ebe55b0c905f7f96010144037 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d9282a0228486b5_0
| MD5 | 2876bc7a02f5ea3c556919657c516a2e |
| SHA1 | 934519ebf4492a3a7d5ac362c21d3b2b87e0e479 |
| SHA256 | 14ced767b31dcbb061d701fa152c6eb59002dfb9dc0d22c647d7ad6f2cef31f3 |
| SHA512 | dabc7b076781390dfd069a3da8e44a496594ba2b9c3b4de3ae4cab6736f4a00547943a7fd09be1d398c2c71beb0553e25febdfb1060b136a1762559157e2d6e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13c8b04b779ea93b_0
| MD5 | 8d740e569102ffb62e9bf4df7ca1715b |
| SHA1 | 61115914f9655c9156b83b7ed72a18e7afa5c7ea |
| SHA256 | 32a1b2122fe3f699b33fd6cfe0211e1495230a2e1b3c35237d10a4a10202d6eb |
| SHA512 | bda3fca7e00a21a84424473e8c112d4fa8708cc9bd3f3f243d97525f12746699a7a50bad551d1e9a56d622b304c69baccaea468e3428be536f1f5471a6398502 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_x.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 11a45c1c3be714087065ffe61f115f98 |
| SHA1 | 3049f28a3cb7a73d1fadfa8407b91edae63ca18d |
| SHA256 | 3a6edb401ffa681ec3a216d16cce72c854ad92d88dd7f747137f8cc5f8766067 |
| SHA512 | 52ca7659951a8a6ed917c518f1e875b161cf5d5d9993a9560613de773269c1bcdf6c0b4dc82d89bd151fe96a69b1b916ee8b69aefe608c74823f223eaa8fe983 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eddcfb8dd0c77a6fdff58a387f87d809 |
| SHA1 | 317e317e130f0d10c57eb8958cc147f43e967a15 |
| SHA256 | c58286b1cc265043dcde0889eb0a300169dd1d81b8ca4700ee5d9ed37417f5a7 |
| SHA512 | d5d1fdb1a710efd5f6ade50c3e8ef8015bba789668f6f8072bcd9dfb0e07bcdf5427a5ccc4116d8c1adb4ff13b4f806be303de08bf73de83a7a0090ca4dbcd5e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 967ac9d84a80e95f9a328aa128dcef50 |
| SHA1 | 4545374a19c18e179cc579e58e8ef1d11d5d6873 |
| SHA256 | 942ceb71b96a3ee01d8d90a6de64425cd5f2a11b422b6005766ebe66dff92f21 |
| SHA512 | 95805bc1e9c7a3844f6c21fd63cb9ffe59362b0e7ae1b3e1a1992bae197ab8a213d982b8908343a2be5531eb639b9684bef9b621205ccbcbbef6469b1370b2fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0c9a9fd9fe550dd3_0
| MD5 | 0166bbf8f71359523fb959b069f90a07 |
| SHA1 | dc338273ed93a033d506ef207f316f73299d359d |
| SHA256 | bddf6de67670ad7be633b0d82ba71e99b04037fe2fe15b42fad7db9ae2130bf4 |
| SHA512 | b7b6cb08b36208c9cd2711c929b8951c17bb64487529c3a1aff3ef103808c9f350bb943c2f499156e391689f9a32d9d9c90b9dd4c0011eb1b1eaee877839a275 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\474fb059c7dd9684_0
| MD5 | 51f7c55a192e82c240b330d74aef67b9 |
| SHA1 | 8ef65ce332fcdc05b71c3c7eea97f0d7f967ac84 |
| SHA256 | 1d15484032fcb4d2141cca19d8b78d1925dcb8e244ebc804a45659ab829eec44 |
| SHA512 | dff54b12aba959dc433bbb2aba7ced1cee43db724ea5580d2ef9bae24ae5ace79155631dada22de08ff08958454b03a79e34304f78174e2491489fa653d185bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d2517111f11e41e_0
| MD5 | ab1f6f20db9592de53fdd453e28856a8 |
| SHA1 | 3f43096e3271f8f573c354e78db6ad5858b0c1dd |
| SHA256 | 988b00b98d051ab3031773b0e7d2b5640d98772091f5159d2c4ffb1c73329a18 |
| SHA512 | 5df0b1dd711a3a3ebe50bd66092198548b26d81ad58ef735ffc1833b70566feb61ce4c7671225ff36f96545b419beb2ad35ea9beb107d2e416b603617b2ba87c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de87cb1a7e9c1a53_0
| MD5 | 79f9e1f1061d529078c7f2357a8ed2b8 |
| SHA1 | bed57a7739efa6b37d23601371603693cdad825b |
| SHA256 | c9e338497ae8b36e47c177dc6dc7ec46d06b42f8b60666c1fc094dee4d8be4ad |
| SHA512 | 237fc2ead4f1a0020f3f3171eecb30a6878d1fd24d7d4232d34f058f8a61b32954e3e630b16610ab17081ed71d2e63ccc312ef12ec473ac60993da79ffe93670 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad069da576ba7e10d43f1da4dcbb7fbb |
| SHA1 | 47214592cbe4d5190a2825563b58d6ba8173d6f2 |
| SHA256 | 45111ff5ad4725cc30a0caf5a618aaf93680070539ed5046be3112c833a9d6ed |
| SHA512 | ed2b139f46c8a5eb84c54ae84ce2b3e66a5543f0ceafa8b860f6dfda8ef8c0affe6e891cbe801fc3725b714ea9ccfe3ca9697a1030ed1576bee629c51992ade7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d6f221a34968678b978365c7849a216e |
| SHA1 | e2dbc56420d3412c1c1295a673915802f0a6ed5d |
| SHA256 | 81977ba6365a65bd4ec63630969497847cb62acf26ae54e4801c4af250d51601 |
| SHA512 | 871ffa6c2a10bff23518f9a1ebd67eb84c75aa25f33f53db141dcce98ef4a99700e971f04b7fb6b96ac2fb1bfb308dfb47a5502512b1ad12aba2c01c2511615d |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76356457617bd7185ccc1145f8914052 |
| SHA1 | 7c954fb191cae3c2db0b6ec8417bfe4129230484 |
| SHA256 | 956c77e703cfef22c2c05a1958bb695d022a22143f79a931b84b26985c9fb506 |
| SHA512 | 07acd834a6562946e974914b2e8b6852eb464b5aebccab9741551793e2e8aabf2dba729b9f622a54c098fdfc87793f5f7aee05ff5f32207822ac090afa7ae93a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 07ca55089c5beda7f32cb2cb6721c49c |
| SHA1 | 7fc12addf6fd02b1662d918617626f3155a24f99 |
| SHA256 | f5731afd315c98bacd75395cfe52292bed376186738e8916b89b2411e0b3bfc6 |
| SHA512 | a7689349c1ff40b4f7e9013229e223a3489bf617c12587bc5527020e7e90f67b59a22b45a7e2fffb63b3d566202a236328caca08a21a209c0e48ac5e41840b86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 609b415212021b169c49aa05c9e1159c |
| SHA1 | 93e5f842d5d733be5e9fe2892edbfd29d0dfab34 |
| SHA256 | 203deacd617825a0d4a90c0580550c42e48ed253bee6b2e9f192cdd0f32e0c07 |
| SHA512 | d5f8c35a244ffa3879a1d9141dab81edba73eb91f0351d7fd99df69de566bfec7eb91a31d110642d96daf87a251c08a758b7bdfd0609c45931ebc348602300ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bb3cd8ceaf91f8d50182272faa3f7200 |
| SHA1 | 932b2a89fcb8a1ed33c675ca3bade1e4119bb780 |
| SHA256 | 0abab23ab5db2626da9a8f8fc1a6d6212e137eec73908cab78078d79cd44b05a |
| SHA512 | 20f9a4a22eceba9b29fc0f03737cbe07a3e507357962ed592314cd9770767404a65dc4cbc5d3df187cd493a9eb665a343014f1c224c9b440e90758f9be4ec741 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\PreSignInSettingsConfig.json
| MD5 | e516a60bc980095e8d156b1a99ab5eee |
| SHA1 | 238e243ffc12d4e012fd020c9822703109b987f6 |
| SHA256 | 543796a1b343b4ebc0285d89cb8eb70667ac7b513da37495e38003704e9d88d7 |
| SHA512 | 9b51e99ba20e9da56d1acc24a1cf9f9c9dbdeb742bec034e0ff2bc179a60f4aff249f40344f9ddd43229dcdefa1041940f65afb336d46c175ffeff725c638d58 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0TSRVAPX\update100[1].xml
| MD5 | 53244e542ddf6d280a2b03e28f0646b7 |
| SHA1 | d9925f810a95880c92974549deead18d56f19c37 |
| SHA256 | 36a6bd38a8a6f5a75b73caffae5ae66dfabcaefd83da65b493fa881ea8a64e7d |
| SHA512 | 4aa71d92ea2c46df86565d97aac75395371d3e17877ab252a297b84dca2ab251d50aaffc62eab9961f0df48de6f12be04a1f4a2cbde75b9ae7bcce6eb5450c62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d63d2c2373bc537dfeb009c6a3d2e0f7 |
| SHA1 | 46b02ebb0807001549993e1777b289e03049a2b6 |
| SHA256 | 6d57b78d45b430854937a43aff2015443f80e068fda6f1e84a2db70192ea8638 |
| SHA512 | fcc80acac8aee86b8b175ebe5be412035d5bf188fd74f8770eb1b9a6acb945c2fd5cf3091ea3cfe54629fd9b4d7d7273cd5da75aab730a961530239fca989ab4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1a9aee1f50f4ef2f9c2fc0c8afca89d4 |
| SHA1 | 92e4ee3bd9f22fbe0ca3eb85e38926fbc07b7620 |
| SHA256 | e339acdff6244062eb12ab0df9947d68b9acfdfeb7c2e9182e16ed840fdd6f2d |
| SHA512 | c35b3508bb3a386163ea51d405f4aa80d4a921aabf26a452dc0c5acc9b7a2bcb601188b0db59b50c9a7500957e6c790ee783840f811549f62d0810ed08299ab8 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
| MD5 | fb4aa59c92c9b3263eb07e07b91568b5 |
| SHA1 | 6071a3e3c4338b90d892a8416b6a92fbfe25bb67 |
| SHA256 | e70e80dbbc9baba7ddcee70eda1bb8d0e6612dfb1d93827fe7b594a59f3b48b9 |
| SHA512 | 60aabbe2fd24c04c33e7892eab64f24f8c335a0dd9822eb01adc5459e850769fc200078c5ccee96c1f2013173bc41f5a2023def3f5fe36e380963db034924ace |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\setup\logs\DeviceHealthSummaryConfiguration.ini
| MD5 | 0845b703fd78a92bde4ce5bf59a47169 |
| SHA1 | 800bc644e92c555b0e81f3138379dbb7ca658eac |
| SHA256 | 5c2bb82a96ecaf6bcb2dc3a037104e81af87ee1354108c443c54cb6d967fe755 |
| SHA512 | bd3cac3ba44f7b98126b22f68e20ee81d15fe10758831e717a31c0ebe89f7957f209615ec6949c0e713cc0e4098d673fa321b28f2882486a2f3ac30ad296499e |
C:\Users\Admin\AppData\Local\Temp\tmp7529.tmp
| MD5 | 5b16ef80abd2b4ace517c4e98f4ff551 |
| SHA1 | 438806a0256e075239aa8bbec9ba3d3fb634af55 |
| SHA256 | bbc70091b3834af5413b9658b07269badd4cae8d96724bf1f7919f6aab595009 |
| SHA512 | 69a22b063ab92ca7e941b826400c62be41ae0317143387c8aa8c727b5c9ee3528ddd4014de22a2a2e2cbae801cb041fe477d68d2684353cdf6c83d7ee97c43d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb
| MD5 | dee46781c0389eada0ac9faa177539b6 |
| SHA1 | d7641e3d25ac7ac66c2ea72ac7df77b242c909d3 |
| SHA256 | 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642 |
| SHA512 | 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini
| MD5 | cc04d6015cd4395c9b980b280254156e |
| SHA1 | 87b176f1330dc08d4ffabe3f7e77da4121c8e749 |
| SHA256 | 884d272d16605590e511ae50c88842a8ce203a864f56061a3c554f8f8265866e |
| SHA512 | d3cb7853b69649c673814d5738247b5fbaaae5bb7b84e4c7b3ff5c4f1b1a85fc7261a35f0282d79076a9c862e5e1021d31a318d8b2e5a74b80500cb222642940 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.exe
| MD5 | c2938eb5ff932c2540a1514cc82c197c |
| SHA1 | 2d7da1c3bfa4755ba0efec5317260d239cbb51c3 |
| SHA256 | 5d8273bf98397e4c5053f8f154e5f838c7e8a798b125fcad33cab16e2515b665 |
| SHA512 | 5deb54462615e39cf7871418871856094031a383e9ad82d5a5993f1e67b7ade7c2217055b657c0d127189792c3bcf6c1fcfbd3c5606f6134adfafcccfa176441 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-100.png
| MD5 | 72747c27b2f2a08700ece584c576af89 |
| SHA1 | 5301ca4813cd5ff2f8457635bc3c8944c1fb9f33 |
| SHA256 | 6f028542f6faeaaf1f564eab2605bedb20a2ee72cdd9930bde1a3539344d721b |
| SHA512 | 3e7f84d3483a25a52a036bf7fd87aac74ac5af327bb8e4695e39dada60c4d6607d1c04e7769a808be260db2af6e91b789008d276ccc6b7e13c80eb97e2818aba |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-400.png
| MD5 | e01cdbbd97eebc41c63a280f65db28e9 |
| SHA1 | 1c2657880dd1ea10caf86bd08312cd832a967be1 |
| SHA256 | 5cb8fd670585de8a7fc0ceede164847522d287ef17cd48806831ea18a0ceac1f |
| SHA512 | ffd928e289dc0e36fa406f0416fb07c2eb0f3725a9cdbb27225439d75b8582d68705ec508e3c4af1fc4982d06d70ef868cafbfc73a637724dee7f34828d14850 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-200.png
| MD5 | 09773d7bb374aeec469367708fcfe442 |
| SHA1 | 2bfb6905321c0c1fd35e1b1161d2a7663e5203d6 |
| SHA256 | 67d1bb54fcb19c174de1936d08b5dbdb31b98cfdd280bcc5122fb0693675e4f2 |
| SHA512 | f500ea4a87a24437b60b0dc3ec69fcc5edbc39c2967743ddb41093b824d0845ffddd2df420a12e17e4594df39f63adad5abb69a29f8456fed03045a6b42388bc |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-100.png
| MD5 | 19876b66df75a2c358c37be528f76991 |
| SHA1 | 181cab3db89f416f343bae9699bf868920240c8b |
| SHA256 | a024fc5dbe0973fd9267229da4ebfd8fc41d73ca27a2055715aafe0efb4f3425 |
| SHA512 | 78610a040bbbb026a165a5a50dfbaf4208ebef7407660eea1a20e95c30d0d42ef1d13f647802a2f0638443ae2253c49945ebe018c3499ddbf00cfdb1db42ced1 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-125.png
| MD5 | d03b7edafe4cb7889418f28af439c9c1 |
| SHA1 | 16822a2ab6a15dda520f28472f6eeddb27f81178 |
| SHA256 | a5294e3c7cd855815f8d916849d87bd2357f5165eb4372f248fdf8b988601665 |
| SHA512 | 59d99f0b9a7813b28bae3ea1ae5bdbbf0d87d32ff621ff20cbe1b900c52bb480c722dd428578dea5d5351cc36f1fa56b2c1712f2724344f026fe534232812962 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png
| MD5 | 3c29933ab3beda6803c4b704fba48c53 |
| SHA1 | 056fe7770a2ba171a54bd60b3c29c4fbb6d42f0c |
| SHA256 | 3a7ef7c0bda402fdaff19a479d6c18577c436a5f4e188da4c058a42ef09a7633 |
| SHA512 | 09408a000a6fa8046649c61ccef36afa1046869506f019f739f67f5c1c05d2e313b95a60bd43d9be882688df1610ad7979dd9d1f16a2170959b526ebd89b8ef7 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-100.png
| MD5 | 1f156044d43913efd88cad6aa6474d73 |
| SHA1 | 1f6bd3e15a4bdb052746cf9840bdc13e7e8eda26 |
| SHA256 | 4e11167708801727891e8dd9257152b7391fc483d46688d61f44b96360f76816 |
| SHA512 | df791d7c1e7a580e589613b5a56ba529005162d3564fffd4c8514e6afaa5eccea9cea9e1ac43bd9d74ee3971b2e94d985b103176db592e3c775d5feec7aac6d1 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-150.png
| MD5 | ed306d8b1c42995188866a80d6b761de |
| SHA1 | eadc119bec9fad65019909e8229584cd6b7e0a2b |
| SHA256 | 7e3f35d5eb05435be8d104a2eacf5bace8301853104a4ea4768601c607ddf301 |
| SHA512 | 972a42f7677d57fcb8c8cb0720b21a6ffe9303ea58dde276cfe2f26ee68fe4cc8ae6d29f3a21a400253de7c0a212edf29981e9e2bca49750b79dd439461c8335 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDriveStandaloneUpdater.exe
| MD5 | 9cdabfbf75fd35e615c9f85fedafce8a |
| SHA1 | 57b7fc9bf59cf09a9c19ad0ce0a159746554d682 |
| SHA256 | 969fbb03015dd9f33baf45f2750e36b77003a7e18c3954fab890cddc94046673 |
| SHA512 | 348923f497e615a5cd0ed428eb1e30a792dea310585645b721235d48f3f890398ad51d8955c1e483df0a712ba2c0a18ad99b977be64f5ee6768f955b12a4a236 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.VisualElementsManifest.xml
| MD5 | 5ae2d05d894d1a55d9a1e4f593c68969 |
| SHA1 | a983584f58d68552e639601538af960a34fa1da7 |
| SHA256 | d21077ad0c29a4c939b8c25f1186e2b542d054bb787b1d3210e9cab48ec3080c |
| SHA512 | 152949f5b661980f33608a0804dd8c43d70e056ae0336e409006e764664496fef6e60daa09fecb8d74523d3e7928c0dbd5d8272d8be1cf276852d88370954adc |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Resources.pri
| MD5 | 7473be9c7899f2a2da99d09c596b2d6d |
| SHA1 | 0f76063651fe45bbc0b5c0532ad87d7dc7dc53ac |
| SHA256 | e1252527bc066da6838344d49660e4c6ff2d1ddfda036c5ec19b07fdfb90c8c3 |
| SHA512 | a4a5c97856e314eedbad38411f250d139a668c2256d917788697c8a009d5408d559772e0836713853704e6a3755601ae7ee433e07a34bd0e7f130a3e28729c45 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-400.png
| MD5 | 096d0e769212718b8de5237b3427aacc |
| SHA1 | 4b912a0f2192f44824057832d9bb08c1a2c76e72 |
| SHA256 | 9a0b901e97abe02036c782eb6a2471e18160b89fd5141a5a9909f0baab67b1ef |
| SHA512 | 99eb3d67e1a05ffa440e70b7e053b7d32e84326671b0b9d2fcfcea2633b8566155477b2a226521bf860b471c5926f8e1f8e3a52676cacb41b40e2b97cb3c1173 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-200.png
| MD5 | d9d00ecb4bb933cdbb0cd1b5d511dcf5 |
| SHA1 | 4e41b1eda56c4ebe5534eb49e826289ebff99dd9 |
| SHA256 | 85823f7a5a4ebf8274f790a88b981e92ede57bde0ba804f00b03416ee4feda89 |
| SHA512 | 8b53dec59bba8b4033e5c6b2ff77f9ba6b929c412000184928978f13b475cd691a854fee7d55026e48eab8ac84cf34fc7cb38e3766bbf743cf07c4d59afb98f4 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-125.png
| MD5 | 09f3f8485e79f57f0a34abd5a67898ca |
| SHA1 | e68ae5685d5442c1b7acc567dc0b1939cad5f41a |
| SHA256 | 69e432d1eec44bed4aad35f72a912e1f0036a4b501a50aec401c9fa260a523e3 |
| SHA512 | 0eafeaf735cedc322719049db6325ccbf5e92de229cace927b78a08317e842261b7adbda03ec192f71ee36e35eb9bf9624589de01beaec2c5597a605fc224130 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png
| MD5 | 22e17842b11cd1cb17b24aa743a74e67 |
| SHA1 | f230cb9e5a6cb027e6561fabf11a909aa3ba0207 |
| SHA256 | 9833b80def72b73fca150af17d4b98c8cd484401f0e2d44320ecd75b5bb57c42 |
| SHA512 | 8332fc72cd411f9d9fd65950d58bf6440563dc4bd5ce3622775306575802e20c967f0ee6bab2092769a11e2a4ea228dab91a02534beeb8afde8239dd2b90f23a |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png
| MD5 | 552b0304f2e25a1283709ad56c4b1a85 |
| SHA1 | 92a9d0d795852ec45beae1d08f8327d02de8994e |
| SHA256 | 262b9a30bb8db4fc59b5bc348aa3813c75e113066a087135d0946ad916f72535 |
| SHA512 | 9559895b66ef533486f43274f7346ad3059c15f735c9ce5351adf1403c95c2b787372153d4827b03b6eb530f75efcf9ae89db1e9c69189e86d6383138ab9c839 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png
| MD5 | 2c7a9e323a69409f4b13b1c3244074c4 |
| SHA1 | 3c77c1b013691fa3bdff5677c3a31b355d3e2205 |
| SHA256 | 8efeacefb92d64dfb1c4df2568165df6436777f176accfd24f4f7970605d16c2 |
| SHA512 | 087c12e225c1d791d7ad0bf7d3544b4bed8c4fb0daaa02aee0e379badae8954fe6120d61fdf1a11007cbcdb238b5a02c54f429b6cc692a145aa8fbd220c0cb2d |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png
| MD5 | f4e9f958ed6436aef6d16ee6868fa657 |
| SHA1 | b14bc7aaca388f29570825010ebc17ca577b292f |
| SHA256 | 292cac291af7b45f12404f968759afc7145b2189e778b14d681449132b14f06b |
| SHA512 | cd5d78317e82127e9a62366fd33d5420a6f25d0a6e55552335e64dc39932238abd707fe75d4f62472bc28a388d32b70ff08b6aa366c092a7ace3367896a2bd98 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-400.png
| MD5 | e593676ee86a6183082112df974a4706 |
| SHA1 | c4e91440312dea1f89777c2856cb11e45d95fe55 |
| SHA256 | deb0ec0ee8f1c4f7ea4de2c28ff85087ee5ff8c7e3036c3b0a66d84bae32b6bb |
| SHA512 | 11d7ed45f461f44fa566449bb50bcfce35f73fc775744c2d45ea80aeb364fe40a68a731a2152f10edc059dea16b8bab9c9a47da0c9ffe3d954f57da0ff714681 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-200.png
| MD5 | 13e6baac125114e87f50c21017b9e010 |
| SHA1 | 561c84f767537d71c901a23a061213cf03b27a58 |
| SHA256 | 3384357b6110f418b175e2f0910cffe588c847c8e55f2fe3572d82999a62c18e |
| SHA512 | 673c3bec7c2cd99c07ebfca0f4ab14cd6341086c8702fe9e8b5028aed0174398d7c8a94583da40c32cd0934d784062ad6db71f49391f64122459f8bb00222e08 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-150.png
| MD5 | a23c55ae34e1b8d81aa34514ea792540 |
| SHA1 | 3b539dfb299d00b93525144fd2afd7dd9ba4ccbf |
| SHA256 | 3df4590386671e0d6fee7108e457eb805370a189f5fdfeaf2f2c32d5adc76abd |
| SHA512 | 1423a2534ae71174f34ee527fe3a0db38480a869cac50b08b60a2140b5587b3944967a95016f0b00e3ca9ced1f1452c613bb76c34d7ebd386290667084bce77d |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-100.png
| MD5 | 57a6876000151c4303f99e9a05ab4265 |
| SHA1 | 1a63d3dd2b8bdc0061660d4add5a5b9af0ff0794 |
| SHA256 | 8acbdd41252595b7410ca2ed438d6d8ede10bd17fe3a18705eedc65f46e4c1c4 |
| SHA512 | c6a2a9124bc6bcf70d2977aaca7e3060380a4d9428a624cc6e5624c75ebb6d6993c6186651d4e54edf32f3491d413714ef97a4cdc42bae94045cd804f0ad7cba |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-400.png
| MD5 | adbbeb01272c8d8b14977481108400d6 |
| SHA1 | 1cc6868eec36764b249de193f0ce44787ba9dd45 |
| SHA256 | 9250ef25efc2a9765cf1126524256fdfc963c8687edfdc4a2ecde50d748ada85 |
| SHA512 | c15951cf2dc076ed508665cd7dac2251c8966c1550b78549b926e98c01899ad825535001bd65eeb2f8680cd6753cd47e95606ecf453919f5827ed12bca062887 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-200.png
| MD5 | f1c75409c9a1b823e846cc746903e12c |
| SHA1 | f0e1f0cf35369544d88d8a2785570f55f6024779 |
| SHA256 | fba9104432cbb8ebbd45c18ef1ba46a45dd374773e5aa37d411bb023ded8efd6 |
| SHA512 | ed72eb547e0c03776f32e07191ce7022d08d4bcc66e7abca4772cdd8c22d8e7a423577805a4925c5e804ed6c15395f3df8aac7af62f1129e4982685d7e46bd85 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-150.png
| MD5 | de5ba8348a73164c66750f70f4b59663 |
| SHA1 | 1d7a04b74bd36ecac2f5dae6921465fc27812fec |
| SHA256 | a0bbe33b798c3adac36396e877908874cffaadb240244095c68dff840dcbbf73 |
| SHA512 | 85197e0b13a1ae48f51660525557cceaeed7d893dd081939f62e6e8921bb036c6501d3bb41250649048a286ff6bac6c9c1a426d2f58f3e3b41521db26ef6a17c |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-125.png
| MD5 | 8347d6f79f819fcf91e0c9d3791d6861 |
| SHA1 | 5591cf408f0adaa3b86a5a30b0112863ec3d6d28 |
| SHA256 | e8b30bfcee8041f1a70e61ca46764416fd1df2e6086ba4c280bfa2220c226750 |
| SHA512 | 9f658bc77131f4ac4f730ed56a44a406e09a3ceec215b7a0b2ed42d019d8b13d89ab117affb547a5107b5a84feb330329dc15e14644f2b52122acb063f2ba550 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-150.png
| MD5 | 771bc7583fe704745a763cd3f46d75d2 |
| SHA1 | e38f9d7466eefc6d3d2aaa327f1bd42c5a5c7752 |
| SHA256 | 36a6aad9a9947ab3f6ac6af900192f5a55870d798bca70c46770ccf2108fd62d |
| SHA512 | 959ea603abec708895b7f4ef0639c3f2d270cfdd38d77ac9bab8289918cbd4dbac3c36c11bb52c6f01b0adae597b647bb784bba513d77875979270f4962b7884 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-125.png
| MD5 | b83ac69831fd735d5f3811cc214c7c43 |
| SHA1 | 5b549067fdd64dcb425b88fabe1b1ca46a9a8124 |
| SHA256 | cbdcf248f8a0fcd583b475562a7cdcb58f8d01236c7d06e4cdbfe28e08b2a185 |
| SHA512 | 4b2ee6b3987c048ab7cc827879b38fb3c216dab8e794239d189d1ba71122a74fdaa90336e2ea33abd06ba04f37ded967eb98fd742a02463b6eb68ab917155600 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe
| MD5 | 57bd9bd545af2b0f2ce14a33ca57ece9 |
| SHA1 | 15b4b5afff9abba2de64cbd4f0989f1b2fbc4bf1 |
| SHA256 | a3a4b648e4dcf3a4e5f7d13cc3d21b0353e496da75f83246cc8a15fada463bdf |
| SHA512 | d134f9881312ddbd0d61f39fd62af5443a4947d3de010fef3b0f6ebf17829bd4c2f13f6299d2a7aad35c868bb451ef6991c5093c2809e6be791f05f137324b39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7025cfcc18dc02d910360a4bf014c46b |
| SHA1 | 4eb5056c54e724a2290a2fab638d3b2f8440beb0 |
| SHA256 | d7f6b52d9ffdcd8921aec224197f9aa96bbb928dca5a3659efb15dc8cbd49ed5 |
| SHA512 | 8d15e9a3779fc8be523c85b4b627b5eeb731ec42dbb63c778537be5765191efc096223988be45fc9494537193134b04985525918cce80ea6ec94e7344fedb771 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05f2a5ef98ae11b7f27d14c55ad05ffb |
| SHA1 | 2d80be00d8c36f7e9385ce4d5df4de5e1143f1a4 |
| SHA256 | 1d9c4bb6c610a665a0db8e78947d6c08fbecba158e2e340a078abee1b370f7a2 |
| SHA512 | a6dcde5d701339952e1347a5bacae7a214c9d5e4afd947051affd396a382fb0ab54817bd4c2e0c93931507c7e58ba7f38988242bd1aeaabedd4ff5c190a92fc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d316c283fbc277c5758e6fffa6c40b83 |
| SHA1 | 8eaa253c15cbbaeaf981bb6df1a715f3ce2b2c57 |
| SHA256 | 02d1690342ea9b63b3e4d4f98dc66ac6ec4650333e60e71a5d0a2e086db412f2 |
| SHA512 | 90fb6c7fca74a2db0747e21fad7b8e442db75f3a7b11b6dd09212a85ae329fb1aa99a97e75a6499e9824d0721e0a357121fb4ac0ba539edc31bb58012a5c30db |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini
| MD5 | 03f660a610132596c373401da8ab1d41 |
| SHA1 | 77ddcd028fdad65cb1a63446d507fc0396e3d1c0 |
| SHA256 | cc254b312d2d5c95e0b7c6f1ddc077493238e0b6da28589f121ff18b772fa251 |
| SHA512 | 8b259ce7fdcc5a24124890f2cd65f87cf8b43542c112a92185f6afa2f12f9643db186b9abaa125c5f5f3b8bd48361368b8b5168fc6ba691563bfcdb59174db6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bf61df0cf3f6dcc6b9e251ca93bcdb2b |
| SHA1 | dd3e34016e0511628b7435c4eabb07f42c7b8e3b |
| SHA256 | 953124ace917f50b211cc46671d556e0d313f64a005618f9237edd4ae66bba84 |
| SHA512 | 46f8bba521d5a23ef57f449fa88721391fc7bc0d55e0be728ad5c48ae0924d2f47fb6dbded2b564f4aac88ca2ef008990800c030c5f45df1918db8b301dcef9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be4eddf24c794104c2644d5d2cbbd842 |
| SHA1 | 32f6265f496254af2942b069e769229c84178442 |
| SHA256 | e76b4d4d8746f3640ef2a47c96815a568ac79fba0ef0fc1bc22ec058e5eba1e9 |
| SHA512 | 66633a40a0c4de2a265682fc8cb0315258681b0c39fad4aff76482f698a7437639f97139ac69c7fdd1a655dd65e0eff4ad77e69a39c2fa734acd67df4dddee67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a11764f08a3fcd28a5d8039dbd68e486 |
| SHA1 | bfa697ef2892d296ad888640b04a576ab12e4329 |
| SHA256 | 5d499184ab9d3fd708d295e98b79b86d2bfa21d2be78c5714e9eaac59874e136 |
| SHA512 | 223b6d55be9dd68c6f7e4658bc032a2c8e69280b9ec12210c893a449d84fcc4b16f17e62daab53826345d4d62e0ce25db6a7ca62c1eef2d11fe3fc23e1ab190b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\5\CacheStorage\index.txt
| MD5 | 045f4b9f05286e858b91597a00ce5115 |
| SHA1 | c1b4b36fabcd626fa081979a8a1f19b9e4ced0d2 |
| SHA256 | 33b09500cd590f25006943acaff157242b7b09a8aefb7e74cda1b567bfa0554e |
| SHA512 | 8d007219565d12162cfccceaebe93e406365b8d209f1f560ce4c880cae1b3902e3b9d51bd68ae5c953462b26f02254530ce1af41e87c9d4379fc38e0e4a56907 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\5\CacheStorage\index.txt~RFe60133e.TMP
| MD5 | b23ea0cb759eb2240caaa4f95d76ae81 |
| SHA1 | 4f687f0bdf7f2e5c27e6482d8fa49af2c8bd4dfa |
| SHA256 | bf03a2d93963d59b9ae085ea1ab6354bf6cf1887218cfb5b6f71a051ee4ec68f |
| SHA512 | 066648254feb7b1b26c5f6de1c82007d7b57a95158acbdf915a3dd1f15316372df339ae3892ef9c7be7e536816124fe20be32a4801dc388002c878587e100a0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a060f6005719b8120a67b5c83b329d5a |
| SHA1 | bdca76ea8600bbd6e4b99bcbf084c130e1f3506e |
| SHA256 | caf27ce2d5734366d8d9145360a7d7c73ed72ca3e5354967daca023d6f6c5663 |
| SHA512 | 8979a636ae4abf57ff9da62ecd4faf69b448dc986371697516b46604ca65f7b97fde8d86a6ea991a46bd225bcd0619e0f93eedb2309df2979df44e959092078d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d84ab2ec26cc887ce329910da25aac78 |
| SHA1 | c599765a1a0b8051e4103b8548ae97689ab1902a |
| SHA256 | 4dc7cf846ae4cfb1ef9833f2e5f7b354d67a173e2434eb09937b4e96c5c82b33 |
| SHA512 | 2a43224d9d00638b36a810087996e7c404bd97438cac5ed6678428a7333c696f327bb3c906b54e6ae53791394cb42a8667c8027814e4720005fb245c9c256dcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 460832644d5ef2fd9b336088d9e50816 |
| SHA1 | 4ac9ccbcd0b8d491bd6fe9fafe7310583302fc35 |
| SHA256 | edcc6000179c1acddcb10976540b94d6dc4841974e3f61534f49513fd4bd0c16 |
| SHA512 | 09d7cf548bddc7c5bf6b8bf3f93136752227f88e4271f94dba6cd4d8166c88bf89c736a1169cd06cf831d3123289d30027131e5fe67bb4cdef1ba0ef3e50da78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe60206d.TMP
| MD5 | e8e09fd69ad9fe5fcb9cc216da03a416 |
| SHA1 | da0b7ef2584f1949f41a0976499fe5297d628ea8 |
| SHA256 | 564c5eeff95e6aa0f61e5989daf60c28f2261f513357bd513b4d2cb829225bd3 |
| SHA512 | 4ba965f4f6e23b488f93f0ca50a433a8a51f627fc52dc96e5f0a5b7ca04e25f5f8bba936e003f355737c19f34b877a79f0e628c60142ae09c39980775778d3cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3152_1696725764\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 206fd9669027c437a36fbf7d73657db7 |
| SHA1 | 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5 |
| SHA256 | 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18 |
| SHA512 | 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 529a0ad2f85dff6370e98e206ecb6ef9 |
| SHA1 | 7a4ff97f02962afeca94f1815168f41ba54b0691 |
| SHA256 | 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6 |
| SHA512 | d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a5872a83-0b66-4c3b-92d7-692cb0d96744\index-dir\the-real-index
| MD5 | ec20f82b7bc778d007c0d8a1be442e0f |
| SHA1 | 3a46e8eb9c709e983edcc94a14cf026ef96db588 |
| SHA256 | 7176c6839ff4133e2db6a6013cee9bb64a0fc3e5bfd5a72d3ed143f854b0c544 |
| SHA512 | 7f9b0ae3302a28f7526aeceb4e7533902d3b804db10420c2faeac09364df1dc65d08f4cc7d0b83e9c9b35cf99e262ae6d1dd1d0a269d075ebc1fb012b00dc47f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a5872a83-0b66-4c3b-92d7-692cb0d96744\index-dir\the-real-index~RFe602dfa.TMP
| MD5 | 0fd040e070847c99b60a21ffa3708c5f |
| SHA1 | 696926d8474df9493a54d434c5ba10a702eaa15a |
| SHA256 | 4a63b788e110d1e1925bceba2ea27aa977da012762eadb9727a856a52722b91e |
| SHA512 | 570cdf5f38d7b1f519028791b5b0302ec23927c23f755188c097ffb0535f567a90e680f5dce3a4cf4d525725c352ed2696ae14519be3416fd96a20375257b53a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102
| MD5 | d51156aefe1bb617bea2b80267421bf6 |
| SHA1 | 21f5fb668da9d0a0b6b71f2c4f4c2b6ceada50d2 |
| SHA256 | add2bee75d3c9389bfe4ccafa5f08a9f1d3ab2f644c7ea02255070479d09bc72 |
| SHA512 | fdcf53ba59bc5e72954c6f13183e248354fbf6be8a51ee4bb7f4c9d01ca39c27c1eeed184572900caa4f48d279acd2b1c3ae0878285a46832f0724093898d8df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | efdb59c81849aeb613575146ee20c4f4 |
| SHA1 | 7a2d45a98d0bb85b7d27b8c6806ae9f773258858 |
| SHA256 | 98c0519a5daa6216041523b4200b22746fb8f03419765f5d8524f8a8afc2fecd |
| SHA512 | 76541fa984872468db7995e79cff223c3e167a2740390817087cb713f21fe14bf5a7bba3389f3ea4733f8252b46d2565faa05ea89ee82de58e954429f976e08e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | cb014a1ac79d143e3b6837b32ec72f81 |
| SHA1 | 2019f6c95065c214df8e5b84991fe118c86d8297 |
| SHA256 | 2d11147a2778361b8e6e536c3297ee3a01f9b86bbe1540e31e403aa04f435f06 |
| SHA512 | efa0080f875f51f845ceaa1ca6b55146fd90483850aed3d2d6b8bd3bab33c4ce6bc1d561826867e6219ffd8ee8312e212aae01dcfc39bfb00ba80207c76b18d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2978fc0cc1ad21d5eac0f8f27197b095 |
| SHA1 | a6cdd200f969eef500c12932e84d304937c7dbb4 |
| SHA256 | 4c4607c6f323b17930cc2e29b145bac887689b52b34238584ccdd69928328656 |
| SHA512 | d4ab6d0eb7a7d5f2d5ac0fcaccfb2bbd507d179455a377b5ce3962e51fcafe2ff4be84084f4d0ba50bdaf413681163d529d0eadb64cb3f77ef5f88dacb3d76c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 219a0f7f235ebabf015394dbb4e4c7e1 |
| SHA1 | 487dcdb5fbf077bb0c72354371173b8dc47144e4 |
| SHA256 | 2ecc9c29444816c9b197056e2b364d105f708bc848826f73ff97a13dac67f94d |
| SHA512 | 1d1aa0c25374640870778b00c8e92b9c55221e7ff4e5cda595369c0ad2ae3bc96208f9af8289127447b69e5763e5d91aa161e621ddb86202ac4c802dbebdf91d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c93f3b813daf0db08d91fb93e7c922d5 |
| SHA1 | 3f2a73f00acd4235100868cc96288d1972ac97d2 |
| SHA256 | a34849d24f2236fcc6a11ae7172b78c98bcbd4e11617ff7a85103821b852f549 |
| SHA512 | 522d81af0b6a09d1dd15e53d585dfb1d983a15ab54b78a05e1e6f875b72aaa1b6d197d8f3d7a97d08c3422c81a6f966336a71cc721852eda28e0d3a4265d7359 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100
| MD5 | 8b7e7b8c23b3258a2797eff7ee34f466 |
| SHA1 | c14bcce1022711ea331bbe8f36934dd7a668b1e5 |
| SHA256 | 1101c3511b7b6e02a37264660514fb7cb52983b3c878c83073cc62914a446aff |
| SHA512 | 868dba59ad30dee43d80dab8f0c73993157f94f34dcad866235b51e506af92a4344c601c3537dc13e2cf192671cb09eb1496550fc9c7b28593d176c7b6842dbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe
| MD5 | 1183ace68690f4de0c3571f4ed05cc57 |
| SHA1 | bd7478a0244ec28985db90d59e72604c687fcf1e |
| SHA256 | 87a41d8b8a5ea4808d65574908b2c63e0b925b06a8e2809b69b9c204f235f62c |
| SHA512 | 0a82d1ed585d014a25ca4ff3af2e64e83f3a529352a8893b24f4f1150a495de45906430e0ec0bbf0b91ac62e94c80985ad64dea2df45fb8ae2a7621be2dd5d9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000103
| MD5 | 69dbd6ee16d8fa653ad807bd7aaadaaa |
| SHA1 | 93996849f6cbcb1de0b9b49036a3e294ed7bf1b5 |
| SHA256 | d2f65062d74e0e67e6c84f55446442fa94b57685dbfff614f496538154d835f6 |
| SHA512 | aed0786f5ac60d1ac1d2ff6789e1713eca04a5e6f78e2d7da689854bbaa2d5c0e1dad4cfe68b07e65dd1d43ae78d3614006256da8b95a8d6af33233973c38eb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 98752a650a9f2aa659cd2801254f072d |
| SHA1 | c070e1f5845efb0e7314b25821897c1ddbbd49b2 |
| SHA256 | 2f89ce60c4fb2a5f031ec39ba59b72d0b7560d0fb959a1a6dafc838de190dd0f |
| SHA512 | 740885cda37185b02cfbfed2ae66f592125861b09cd9c682df3de5289294fde13240207a53e10966c0c5654207ae56f121ffb3e10608698070279f84292bfa27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000101
| MD5 | 401424dec575b5bd40fcdf3d8e156bf9 |
| SHA1 | fc7051e7c9c855a7d396e2d6eaddaadc2c2335bd |
| SHA256 | 014e7cd2d67b5573a78c65ad805f7ab1ddf085f5b23ee6fe73af8d8f49b4ad89 |
| SHA512 | 4a59e0b1a6326914570f75af0344f5da1cb64c053a928916b648e318dc232ed0e1cd4ccfcb053dd29405395203b7292c45c8dbc2deccd82e1081b55374e2640f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd
| MD5 | 18a64802714cd620582e3070cfe247b6 |
| SHA1 | 8b07b5a18b9378816ad4ea50545aae6c28796262 |
| SHA256 | c920432f90cdfb91ca4074cf59d22871407e1d2ac429b95c5ca46690ea4314f2 |
| SHA512 | f8a66354bf3b6ac887994f48e84d5d35fa38684c0c621f90fc9c846074518ddec7e3f89ca6a924456c1f54f8323ed2d5649893bc2d62061724e281a9a9028ab9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 059c2eaeef57e2e0105a65df134dcbc8 |
| SHA1 | bca8f424c1bfbadce97526a7c1bdfbeb8d1f6a65 |
| SHA256 | d555b40155087713f5521ee2f94df9d0d4eb8a190ec8dc411f6950554eafef5a |
| SHA512 | 39eaf3470aeceded72e870b69ee2b69d5d953f8b0c958473ead472e10a1d1d1b70758344f5fed9a66921a00c831e3c84d37855a6a83776d923cc3fdbad5ba885 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8951754afa7ff02d8aed4f1d110b913 |
| SHA1 | c2122c53c525cb302ab28fe41a5b1913fadfcb0b |
| SHA256 | e1b36b30039bd3acc2ec05623a80b095807cc8e83b44c5fe2a3652807a47be4c |
| SHA512 | 6ab75e80ecc032994dfdbad15de1cbbba9f5b9aba30b287a492571b7c7ee555c4931d92714dda543ec667b5fbaed923b6558b94bdd71cbf7d004976f885a7647 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 62cb308d796c400cccc5025b21337949 |
| SHA1 | ca6c3ad1c84da540e277b921762fdd8a0ea57ad7 |
| SHA256 | b30bf1045298230e12e2e2ae6926a5beefd076ee64e876152d1e20b777240878 |
| SHA512 | de378a9bd6eda2083f8694106ab3baf9623ef04e2a63eb1f1b11574f6a1ef50c40cf4dcff181120d0b7f7398cffc1338d1a5a15d706df1f61e6fbc535631ca74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4e9c0f59371c148f20132ab42b7feafd |
| SHA1 | a8058ca8385558c30699815833e056bbaade25b2 |
| SHA256 | 41a7e9de0c94f7501df55cf9b39c4aa22435c6254191d45594cd48de22fb58df |
| SHA512 | 11690ad7f679f782cd799acf94f76e2fb94807525a0e0dc11de6fe798c03b0fd81be7e64f147474f79cc835b868b34ca373086448eb9cb83a3905e42915b69cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index-dir\the-real-index~RFe608e69.TMP
| MD5 | 9e549491d4f10746435d906bfbb2b0e7 |
| SHA1 | 726302740dbee6c5bc5b5f2b5f40d8aeb54977e2 |
| SHA256 | d883e95e514f9b9d260f819424d2dce3fdcbf5602e8a365e6fc1633a0206a23d |
| SHA512 | c064d7074456e250f1e295998592ff6bf6d6c27e67f8797853715579e636c29944ce9bfe7e211a45b9b3b9f860cf30314503d7b26bd8905346b0cc712d278e26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69105014-fe94-4463-936c-072e8cbfcc4d\index-dir\the-real-index
| MD5 | d1f8622e574c0c2825ff63a8d255ea48 |
| SHA1 | f165bd9b10bb78bc5e6f305c4c9cc286639fc232 |
| SHA256 | 3971094f1eba441ee2b05353d40a61095747ad1e140016b7dbaa0119c56a1b81 |
| SHA512 | 66652d202e55ccc4b33882f65763f7f39341db8748e3c55d514485fc29f3cd34ba8e4ffde76b4e4d3ce88db4be039ec569196044736d848b81ddc9fa218c71bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c24e9ed5-93b8-4931-99e2-051d2d4b2760\index-dir\the-real-index~RFe6090ab.TMP
| MD5 | fc44cdf887d04447724e95553b07bf03 |
| SHA1 | 70c34a9e75fff00050abd2e3cc80ae637cb66ac3 |
| SHA256 | 687398c78c2ef153ade3ef6fe98237807fab4898200a8aa47dd9f56aaa76df3d |
| SHA512 | 472fe880db5b04ae53799cc05202d93276dceca73e2c7295a844d0a6acd9bf4576aa19ff1db432f57303d415e485e6bcbf72a5cfd9b67b7adb14a6849f4f46f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c24e9ed5-93b8-4931-99e2-051d2d4b2760\index-dir\the-real-index
| MD5 | 91ae4100fb51b6b4a6252857503520ae |
| SHA1 | de89a86470fa43ab5f178c8e810aae41288af719 |
| SHA256 | 6ba80ce489cad385b5f28ef4665280b9d01eda56393fa3dcddf7e671df615cdd |
| SHA512 | 1d3d05c2efd258a31800f06762d10ac94d4b342ff0c0c3869896259c7d06f3a0f7462abd46e417602aeaa6a9cf72d1de62e1957242bc22de7b02d227d97435c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 47f52a0964543941950a79a81d5512bd |
| SHA1 | 28b906e30102501037c9246948db3d36042187cc |
| SHA256 | 4b5a75a10f4155c4eb5aab9b8705e72de2a83ee7688247f57d8261148eec727d |
| SHA512 | 77897390e1b92b7c991f68efaf74dc78f0f8ce9eb190316713c2b5f2bf7c0779e1a6e7ff433af0e74f49efb503a5e2a9146b122f6bf4088c693dbceb8b6dcf4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1a00fce741dcfe2f9c84737cfde35b1 |
| SHA1 | bfd1d3dce3769fbe2bd6e27171b198e68d0a5955 |
| SHA256 | acfbe43bec859114bd1aaad8984e0193bbc01f54dcb4cb6d62ee0fbe01e4f422 |
| SHA512 | ad7b2daeadb9326b1354c5a306ea241251eadc5495a6a957cf9443f193b28d742cddab06a8d6f99d689f1f430c36be9b6fbedc02610db7de78f186863d3babf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6272bfab20eae850f5f6c9c491e86b6d |
| SHA1 | 1e21d6468a1dbcfffa9a610d5352c2251e304778 |
| SHA256 | c14b46e314545ba14aba880b02d8d0a79bf6d08f06708805dca90a0f65d02527 |
| SHA512 | c6b8165cd8d0356a22957a5d1d30838b1cb92015970d604851610f7fbfd96787f8cb4d5a0e7824917d8269a3d372ad2f15ea6c2cd73bbbeab166d51af5e3bb11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a2c1329af61b89d2626d17fe1a05c176 |
| SHA1 | 04521a846c2ae03e380f504c9354d70d2d23ca6e |
| SHA256 | 0e8ccd0e160dfc600f201146a16823605acb475bc4e7ef8c2db42a211acf3106 |
| SHA512 | f27426241a1ea73822984788c42efb97100628aa67eebcbadd6a3f5b7d79b044a08c9c07dc270c2d702cc89ef70c5c112c49fd8ec934a7aaa09ca96e1785b7c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4457edbee35f574606b8e068bff2878b |
| SHA1 | db22791b50a4a9b839db60b3560b7fe5f2cf0e85 |
| SHA256 | de82ccbcb2eeceae854925b8891187058b203e29058192dba5f56028288557d9 |
| SHA512 | 605b31eeedd938579e07840edbb12d31741faec76b81c439b4d39febdeef3074910e59925da2d1c164e511450b89934a31207ce29cdaa064f96a74d219285799 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dbc8662f73a90f5fe062ef14fdc50377 |
| SHA1 | 3c150578af86819ecb392277899df2eb03a4e852 |
| SHA256 | 082cef5c285c9fe9a46dc7b88e68cb0ec98de023ec38ce15bc62026e8422cb38 |
| SHA512 | 623374374e59c94d375c9c9bfa320f461fce994fb7c1b376b139ae1ebd9f3bb05683fbe8cb6b45173242d5a05c724f10b7308a390b758a36601c6d9cbb400b71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 459c222da884bdca200e07b22969f19f |
| SHA1 | cfecd440dfb0d4daf2e8b8b264d5bcc25138fcee |
| SHA256 | 4fd3a160e610fc931ef0eaff77bf5e7275a6a3b83b1f6bf94417c3ceefda5634 |
| SHA512 | 48602c0fcd99ffe11986f3c9fd64014fb17a2144115ee085105190b7a70455a0e5ab2439fc3d9d4cf06b6ea50a1421f43cfb6188caaf8f94ce497ff6a769d24a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3e30ba3b28754f6acd72ec4545d6c619 |
| SHA1 | 77864282cb88a6a1089a4b2a512a8bd0b31433e6 |
| SHA256 | d40d37938b142919c400b2af345c19a677bf3147a48980003d0fc523c72e8482 |
| SHA512 | d274adabd3b9b6e90acdfe6b1818d0403933ef78aa815b688ca78979b3a64b8c4c00a1c321663c8f419fda4a34284827dc5e111ce594cffbab680a69b8821941 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d995dd24bece962389a8a80930072710 |
| SHA1 | 01b4e55a5881d6971cfa0e73ebe8647ce44d1e5d |
| SHA256 | a0ed28a940e1cff9d76a94fd910ce1f37ba09391419fdc6eb60411e09ad7774b |
| SHA512 | f2bd2d2b725e0130da7c0ad6b3abefa0e32cc258d53fe1288fdff88c4ac5da5ecfafd5c51deb774a32a6389f1486b995befcc94f568e67b8639583974d58bf99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9adbeffc66fff421c2a72f32f558ac58 |
| SHA1 | a26a41030b40078a9cdedccfdff0fe79a04abd4b |
| SHA256 | bab27aedef761e55ff2ce57ef348c98a065285927476d675442940fd4a2e9917 |
| SHA512 | b36f8c3f9781edbaa7eb8c3038d9b4a89b52c703228adebea914455921ecb0857ea2dd8186dc3530389f5853ef82990fd15742649bd337e054e51d2cec689424 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f234b01b9ea2e61742b7d891db1b2d7c |
| SHA1 | 0d42406d856bd1242ab69e0ea4c3793a6d9d2307 |
| SHA256 | 517c75b4c45d80313dd7c5bee3ed0e6aeb408d1a62208d46b9b4035ce1630fc2 |
| SHA512 | 086f2407e15f4e6861130fe690afbad81db80483e152a37ea7389a58d4344a005ddc447eeebd07013f5a884ec926342aaa8f9535aa6238635391468b2ec53156 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | d29309b4f3a44533dd87e83224b6ffe5 |
| SHA1 | 8ad3a1d4fb4d5e62c7f3d54d735c5c0769baff7a |
| SHA256 | 68a21a55051d946ef5d8c37cfd3d3143601bf1dcd6fca1a7ec9e6babc76e0bcc |
| SHA512 | 68003775e99ff317d63b224ba9d48ec604f6119c36a850b5aa1563e4ce8198a7562f938845da7433e27c6d4be4d526e018a1a63ef2db4c06c59e83c9d3004771 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 70aaa19f7b79239ba1718ae804296fb0 |
| SHA1 | 69226b5661c8a53aa02ada9510a6ecfe4c70bb48 |
| SHA256 | 60cc3889a244c77bfd085069ecb547c9764d2bc468d84bf84104e23bee4d6ea9 |
| SHA512 | c2a464c82082b21bccf95800a12428d1f0a41119fff8ec27070de421fba02bcb85636931e041c0af0df602624e60a470842df092a54b222c89396d449c2d71b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 65f7a73960648e77ae9d3819b1bd7324 |
| SHA1 | c44fe8293eddb120c213bf7a59cafb82f647e0ad |
| SHA256 | a3105d84fd212713a557910c8bd6a403251db4e4527b68bab67208dc77dc91fb |
| SHA512 | 8274cb7ad4f883469d8e6eebeeec531ccbb94e3fee9149777a6ad781a9bbacd4966f2c95230f70a41a737c4393d2da0260e35bc2b756fcbf4ba0e737fa4ffbe6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5e991bbb647200d729bfd4ea4426f33 |
| SHA1 | 4057f2697c72760c3e927485d14b2ec5c1f3b321 |
| SHA256 | 786958a762432de04e5b3f835d33d056f345189d1f8798f94818e6910692b3e2 |
| SHA512 | 22ccb61109e21cc496b5b21c401552b5f9f72dc32076248a98609e9dd12011051120748727aac2bb5692c0d355f482e29f656dbee92720e85b2c13e33c14e53e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 719ddb9d53bea279b38790614c55de8f |
| SHA1 | f87173d5f943c08a851cc2df7a0cdd0f8ede357c |
| SHA256 | 147877be2691fb373125f3dbc7d1705333009698b586ac775c10a12dece22b02 |
| SHA512 | 2e07efa5ac71bbe53badd776e44dd25f5d811429a380f2e1b078a06043c92eda159ac10808543a18788aca1a1d5ec522d322c7f48a8b32f33ae9cdb734421ce7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 858e08b7e2dd14970bd66d9d146023af |
| SHA1 | cb628108cf0534e5c16728c7fde1a98fb5994c11 |
| SHA256 | 1738dbf3309c7d37f44358d23931b52481b73b8e4272028f66c80e75d95412f4 |
| SHA512 | 964f84d2e4420f68af4d923edea3d1dee275f54f55333276fed94cdd5060bf4e226e87c94d4babce7b5f512caf11242c9abcc73e1cba1bf02288d41bfebd3ef6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b3da6134009b874cf2ba1271326bb4a |
| SHA1 | 549d3bab4ce6ab2b27fb3a60896e841192d03fbf |
| SHA256 | 79314f83018a48e463237ec197e2be003142fdf940876db7ebd7875268b930f6 |
| SHA512 | 2044b1b2c5b101baa0be389543d1d736c2463b0233e165a65049b1bc938643f30a27fc0a217f9e886c3e7d43152b5211be79b4402c282b4f425a7c87b6b3e931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt
| MD5 | 24623da08bdd2dea78211a02fa223bc5 |
| SHA1 | f6f1adeeadc9c9d968a02a6bfae8d83fb2e957ed |
| SHA256 | 1e85063b368418ef4ef9ad119c3902a99c28ad5fa970d1e90ea6b6b90aabcd76 |
| SHA512 | 88671fb9df5b3c65479a9eb63faaeda65c4a234e3c2f318295e60e43dbf81d20ab14ed9d2d7b616c31f0dae7ad2f692e25dacfba1a2e68baaeac78f7e3c68484 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt~RFe622a56.TMP
| MD5 | ef016e793163d44a37518d159a2c7b6d |
| SHA1 | b95f12cf2540d14b44ae84b08fc5cf69a3fc73aa |
| SHA256 | e48a1c7e4327728d34759d7ba48290a0958dc369c58d682cc71cba986f61ca5b |
| SHA512 | ce7ca12b9b3fa4a4a715905dd6928d59bdba3ebb614bae660d13de7866271457bec6f677144c3ff8f9ab4e0f2e6bd7dd963e209e49b67867d144ae389eb62d80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 863f70cf65ddcf1d328fd886f06d4d6d |
| SHA1 | cd1164db12b584f72a799a4057fbdca58303a715 |
| SHA256 | 6d208bf53ad096aaf05803d70c6952e0a422203238056fea0a2dbe5101e5f511 |
| SHA512 | ea1bbb12184897884e46358df7635427613595bd9f4c223d2d9e234c8621d261bcc6d9e4bf5eb21893357221902c83b9db2ea0ee8ec69b003f98a3582c66fd11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ef77cda9a440a4393d9125c839187633 |
| SHA1 | ce5c79d56a02d1f95bbefcfb28e3ba3c8200e168 |
| SHA256 | b431c148a6cff82d5ea69ba9e6bfb39e26b602193b681938116bfe2651734613 |
| SHA512 | 6484d238f3eb75040d51da594d6e3e04213deeb9d43e6d6fa5670ea42e4e8b47d23b28802e240426e376a1ede263efe14378c44865364beb73f789ce9f9de3bf |
C:\Users\Admin\Downloads\Unconfirmed 882897.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2cff12eb739cbf219509e2c0e1d54c4 |
| SHA1 | 12e8bd4529338d98977df9c8bdf20a3579a10782 |
| SHA256 | 93eb4c3cf0bb08c5f6447a862d7cdb70bebc844577598bd1b4ac20a7863e7d4f |
| SHA512 | a7e7ac751b459d10214db879d9245ebfdab43c70bbe8bf902fbeb4ef78fb6a27f4452ef664a2c892b5f842a025e2918e4326fb2c0da49ae4b2fb40073cb15559 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5a49127d00a2a075f9029c35ace7cd35 |
| SHA1 | 26e062598d5123b9f780598b60aadb7e49b10830 |
| SHA256 | 0ad306370cc1e3220220e0ec94ae9d78e9c958d74a7faca28b8b6f4ac7a65b48 |
| SHA512 | 7128db703fef44bf39e2907b69a2b368405a950570e43273181c17ec8cb722f3515cefebef9b3b0862ea71a38cd413d0e25fe0f9b751875a1c9fb871b6173e7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\b8df8da8-a667-4016-99bb-cb67faafe757\index-dir\the-real-index
| MD5 | b9e46d0a886eb1c9cb4d27642daaf1c0 |
| SHA1 | 372becb221a7ba6b2ca03896470cd9230b86bd3b |
| SHA256 | 0abdedc87e54e856fff46caa01f31a3e46f3c1dcea7dda9e636f84f4a9c1ac3d |
| SHA512 | 2886c6283c01864423261d608680015e8767510a222fb6587a208da74de645e6ad600416e70cf79025c8d06793d30e8ec71ec1f7627c76cc7e21995c2bc4db43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\b8df8da8-a667-4016-99bb-cb67faafe757\index-dir\the-real-index~RFe627a0c.TMP
| MD5 | 7d586d37c863640a384538ada6d6d514 |
| SHA1 | 7470e112fad4a78ce69623c3e26e73b43c7fc21e |
| SHA256 | 3f17b672e104555bf2f5b9bd6a2be0eb4bec9ec99dc61802b399cbd018c83c4d |
| SHA512 | e3337fed048cc27a6503f905acaac1c0f4e7238106dd8a45b2f2d51255493077987f651bf1afbdff9b68f9b6eeca48603f295e5d083374864629d5ad6f685996 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\2df87814-9a3b-4355-89d3-bb078f1f7fad\index-dir\the-real-index
| MD5 | 9256b3b80225c4a2f0421e06f506a21d |
| SHA1 | 0a857829f12c76c5f9ec2f014e42c2874df15e84 |
| SHA256 | f0cb247fe018f765d75899845ad34bc625726b28bda67c72da834c84975ffba7 |
| SHA512 | 59db459de09fc7487e56361233b1dfed2399fe6d8958a3235b525b80c57751b2ce1e586b2ecb57e183598ae9aea6bf87bd01bc2dec445be8946a313ea6928c48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\2df87814-9a3b-4355-89d3-bb078f1f7fad\index-dir\the-real-index~RFe628661.TMP
| MD5 | 6be36d9741d61a152cbb6d4011f100ed |
| SHA1 | ad5db7a491a67885cc74887963f30054a6a80659 |
| SHA256 | 79eee539b47bf9599a83401b19eecdc04cd9f8a6ce99142b9f93b321f74faa31 |
| SHA512 | b3e52d59816b632d0112f303aa83c6b848adfeef18846a1c083c4172180beffc75409189501ae7f8d497e26878e84fa0df1cf9beb060810571f64ba1d8d8fada |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt
| MD5 | de6cd86036f7bdf4e0eb00025c2a26d6 |
| SHA1 | 77e920723d911fc03ea15a39988e9ef54fa48b0c |
| SHA256 | 0bc5503c8b6b3b35d5e1660413a82cd1b12ebe088dcbaf6980a6345461332462 |
| SHA512 | 31f73c2d9e33be64de9d4b441f62d0e45254c1b074b0a2ba1b4558233a97bc355c240d807a2666c0c00ea656353877138ab66f415ef64359f8e5c226e38f6364 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f6346a3cb14edfe857b267abfc220a9f |
| SHA1 | 7550969cca76513e90351bc6a4a5a03730d6a59d |
| SHA256 | f64b626f8ddce3d294bdeafb451896c27e32f02630087bc1e36475fcfe99ef98 |
| SHA512 | bf4b58eb74b9533588f14667a5b5de4eab972e9f5f36b3b9f2cda18ccbf02f47f23d3153d03b2ebdcd7e2d405fe251544b6b16788ed9143b848dfee0477e0c8c |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8af7786d79c675c00c49c0c51a62fb50 |
| SHA1 | 282afd3885b9041cd3485276797e18e4c6708cdd |
| SHA256 | 5cbec99205e99378589209f9c6866c3b4c61d4bd2c97a1e7af1351e7c13ce017 |
| SHA512 | 5bd934b149fcf158c628c473f0011734ebd260e40839d01da7b3a2b2b5a1f4b117c3e2d4338b1d4989be24ef79da993effd358f94b3f5bf3f3b2dd2fac865f85 |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32037e2a3f19b98041f9fbd89960cb47 |
| SHA1 | c2a970ae2a553c416c19ec3baa51643fcac37fff |
| SHA256 | 7ffd70fe9ebd29b3c76783ef6e14491f6dbacdfe6ee37e045feeb27606140d65 |
| SHA512 | 0c82e410fc4cf2839815e85494ee8ffde9e3c63fc84f04a6b4c37bcae4ed93bc42b6d2c6498d6e344cc06b2d147cb01b05b3c7d3a81217ac0bfe9553110e480a |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e1704b5524441cacc453e1aa5b5f483 |
| SHA1 | 5f26751a02c8eac8979ffafaabc3e789be1266fe |
| SHA256 | 508b236aea92fce51c1942e70cc2908b668ca9b9bcf9229b1e208cbc4af0945a |
| SHA512 | d40cac9716f9d6c000d2800b2feaa032debb648609c0449dd7a85e6f9589bd2b52917f47a7dcb66d437458d1fe2cc05e88425aa2d70558131076eea4bafa62ce |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nscB41A.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0c98e98da255cdb501fa3f1fa2c7ea55 |
| SHA1 | 25372835493a3cee2d8cc13c160374364c2711f0 |
| SHA256 | 8d0f81fc83cafcabd56ab4354cef93c8af314ff657bee08b6e79caafe10387f5 |
| SHA512 | ee68f32be1e9058c4d19cfccb90a80390b4fdbe410af5b73ec719440623b14f4d7dcaf2e08aceaabc896deb6879c7781ed76d2a644a2ff2939ed83b945a4cef4 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
memory/6696-19080-0x00000000006F0000-0x0000000000BA2000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
memory/1468-19122-0x00007FFF144E0000-0x00007FFF144E1000-memory.dmp
memory/1468-19119-0x00007FFF14140000-0x00007FFF14141000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
C:\Program Files (x86)\Steam\config\config.vdf~RFe63b6b3.TMP
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf.async3752.tmp
| MD5 | 3b524487bd729bc5436392c7ca6ffcf6 |
| SHA1 | ff61f7c97e35368a64c80101addacf4278501355 |
| SHA256 | 27c545453ba3c8069b95836312b760d48c8d8197f5da59e30fb0ff32dfa9661f |
| SHA512 | 2daf613b3f4862c9b1102e2367891d93474dd289c0f12eecefcd76b57c647d6ffda8f6e823353e9b4846be053170c40fc159a681aeb3c5c3a82c900137ac9d82 |
memory/3752-19223-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 8a435c199bc70d7331481cbda63deec2 |
| SHA1 | 503d24af6f2f7ee2f820a5b7af0f55dec75d2f81 |
| SHA256 | 7d816724170df4843823bf7cb66816fb71f3c76aa73d5e15b2e664c383a8bb21 |
| SHA512 | c75c7025c5a7ac558a5e6ce5797d023cd1f317940f611f1548fd89d9ddeb2dec15b7eb303d58b266a0fb58675c6f539ad4ac818bcd9ea1ebd6760fe6999097d6 |
memory/3752-19263-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 635e9346e4856752c75026a912898673 |
| SHA1 | 68e892bb808a2a3631910f898b46348f15a12e22 |
| SHA256 | 819ef1117131908ee524003d6a415b9a13bc7a985a138aeb494725b914a2757a |
| SHA512 | 0294bae53a07dddd22feb16773b50b48edab11b8d79ed3986957ab2f3e50b92bea643799beaa027d7877035d2daeacd90b73b4c2c1adbd367f227252fe612955 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 93499e87d81fda1ffa0c45ee00352109 |
| SHA1 | ba8d4da1a5aaa4f0ba6f2c85ca7a9baab947fc4b |
| SHA256 | 49c1e767d8a0b266a803cedf559d6175da4e82c45f06dc8115a67beeb452e5c1 |
| SHA512 | 03c1d78915dc0310dc250a51f0caa0345dbc2805cf591b74cf29867438532fdadf6e60141c0bdcd2790e83bad8e07b3e9d38c214c5a659a645cd85150b15dd7c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | d96cf1e19b4a4504098c098398ba2994 |
| SHA1 | 391ae6ffc85a1b29f5d1fd77897a90703d6ae1ee |
| SHA256 | bfde0e336305b77c96f9b17605172efec9b56c4bf7dad319ef4490b8973e589d |
| SHA512 | 5cab69fef28d6da246f96a655647092683cd779a6bcbd007f04c1cad978e63d8ca38ed88b542dc69ba90e1fc6519e96033e246cfa37ba41a6e142528684f42f0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | d1faf4e2cdf8064d494b85ec1f2740e2 |
| SHA1 | 3ca0a369225ba794c50660b7829e26bfac76dd42 |
| SHA256 | a7813a16e47d4c5344c601d271297c7d84e00b46242f1bf9a1635cfb0aa197cd |
| SHA512 | a657c9a6e4f4950205304a4a38bd10c5d564fb362cd0554e11332e610697652d039090e35674db4def7c7652aba02373ceb91037f903ef4dff287adcc162ab32 |
memory/3752-19305-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 2a6e2c115548a1e80711bd971a7eb038 |
| SHA1 | 8b8e5cbad1266bce57bfecb7df47ca79454e8070 |
| SHA256 | 61dacc3599ad3cc73cf0201b76f8e25dac214a5dd20e48996b7165f8cc68b948 |
| SHA512 | ba8dbbae8dc07e05949a453cb53c25f158e290779be6f2cd89900f971fc911ad1833a2c745ffe9f7b30d338fd12bc76ed88b508af820c8d241d607012c6ed59d |
memory/3752-19326-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | bc542c4b487e5c94d117654d2fcb44cb |
| SHA1 | cc2c3cdaebfc9ed766e343988a7e1a9ace27e68c |
| SHA256 | c269c5bb3ba78fecb7ec2600eb325499d34068f20fd528b7bc46148209206613 |
| SHA512 | dcbee4332b7f734988670c0ad3524f1341e2acee857a538d53e13cbce09b24d8103a654a235adf3e807d2927c3893afe8ab4fce5eaecbee9a0cb68a4424ca369 |
memory/3752-19344-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | bc60a19a9c4b5e93242a4045c68b45ca |
| SHA1 | bb19032e401f3321ac6e2d486e2705f04a48a2bf |
| SHA256 | 611cdb7a88eba85105ca47a2223d563f922abc819ea5035fdee0b4b722856f47 |
| SHA512 | 020246ec381b2629a356ba41fd0c9c324ebd93472df2f1e777f98e34040edc72256f155fa467aa9684a0b49187dc8563f93ea82e051b97408ebde02975602ad7 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 36de4972c8e98a90767436ca05b3b410 |
| SHA1 | 6e30082302231da804d0b0ca8d811cb3ecd2330c |
| SHA256 | bbe143ad10e7c1d763f548c425c4aa7d8551c9e5a78876def74fe20a252103f1 |
| SHA512 | 89430e1b8af538dec42849264d4d7aa628b6ff4c72cbfb4b5ccd230d51ed97950ac7d26306b6ad56f88429c036f7c1cc017b519f6db40c68fa87abc86ca43cad |
memory/3752-19369-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 8b10623acd2bca2ca363b72ba063303b |
| SHA1 | d0b15b047e2fc02b3117729ba060670126ceabd4 |
| SHA256 | 3ebf5ff09682c47895fb41fa985b6a4d881967e2240ebf557885b7fadfc8bf1f |
| SHA512 | 3c37ceaf1db618182578498d901f69414d6ab6bccb4433f82b6d5442d66eae71148266fc3ee85d21f7de07b571ee6e5472aaef81b8adc42096288fc60167af55 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json
| MD5 | 602c49f9246967bdcff45b4f43cf2fb0 |
| SHA1 | 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d |
| SHA256 | a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114 |
| SHA512 | 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe64b7c7.TMP
| MD5 | 68b20851ccb9834d21fb32615e42bd43 |
| SHA1 | 88fab935f0b9484994097c08f785e9ecb7d68127 |
| SHA256 | a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f |
| SHA512 | dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe64b7f6.TMP
| MD5 | 7d8e65c6d96637c6052f04076c46e107 |
| SHA1 | a03f2e5f1deb4266c9747faa557b5566c9717ed7 |
| SHA256 | a293b96e12015c9438b7332c8b1209a0f29912a2a162411d57ee54fdc9c7e0d4 |
| SHA512 | f0db498d3a2461a67ed0b94cf81ff8b26d2fabd1c943f0ac9597b9dfb1c3f2355657c7fa05eded10934b43ff9f2194ea409a2cd927826d013b2cdc78c0b8d6e9 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | bb197a3d3c5e143dfe9a0136834432cb |
| SHA1 | 7b353576a77c5ecc7b61dedd4bf79744562b4f46 |
| SHA256 | c59a1e70474b5db13b5eeb45b4eac7ca822c5209f5c41e2cb25cd3fa7e01e144 |
| SHA512 | 230b6fc9dff6262db3ea965f9248dd0215c3140b135f7df03d160f53fd27a0258cc30aa5792d1004fcba6f78a9de24cc752cc417607d4768c6ee52f2eae21a0f |
memory/3752-19398-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 0a601c1bc2e83780218c7c76def2b58e |
| SHA1 | 8cfab6653c286d1e71ce15ff85dc417e242e35ec |
| SHA256 | 67984aa9473013b435a9ab3f13ed46b2b42b4b39337ae9bf82b1341c28d9e5ed |
| SHA512 | d6fb76772425355c908d8683228f3f30b38e29c60ac5e8e8784597623e3e910d234a186810eaca9fc1c21ac31752c31f9477120f3ee9432084f2b156788dd1af |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe64bdd2.TMP
| MD5 | 9387bb311aa3b3b17b56a192ef9166de |
| SHA1 | 4e0349b1d314e13b98277b825c0a864643328f64 |
| SHA256 | 1684a334efb3f7a5f5f916d82dc1d9ad195f830115c8073acfdd6d063ef348e0 |
| SHA512 | 64f80614e91feb5ff0711b63e7385bf97661a5faebae02827ed32e7d5cdd498868c7cd0d709d8a653457d7918b4733b9501598b2761c5aa6dcb5ee4fcde6a36c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe64d14b.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 7036bbc536131f857699b3669be5334e |
| SHA1 | c8d73de7f2a7bd98369e646a1b6e8ad027f2a411 |
| SHA256 | 88db33d35b9662b02c42aaf1926cd5e7956d80e49aeb8c2521357e8a72fb84d1 |
| SHA512 | 0589e820cbda80b1769ef2ee5aae540dee8047196424e5c921436bcae08ac01da77e94a81b601ecdef165d509aa85d03eb2eedb3879e641507a4d5f3c4ea7625 |
memory/3752-19417-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Program Files\chrome_Unpacker_BeginUnzipping380_1460901691\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
memory/3752-19455-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | ef48733031b712ca7027624fff3ab208 |
| SHA1 | da4f3812e6afc4b90d2185f4709dfbb6b47714fa |
| SHA256 | c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99 |
| SHA512 | ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
| MD5 | de9ef0c5bcc012a3a1131988dee272d8 |
| SHA1 | fa9ccbdc969ac9e1474fce773234b28d50951cd8 |
| SHA256 | 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590 |
| SHA512 | cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 251c37280c2796e03785fabad91d0c65 |
| SHA1 | b5e54a3ca31397d5c9657e2c695828e16e9724ec |
| SHA256 | fde9b6952aaa2c52a26f648ec40cceaf42bfb6f74978dbdc05fd1c18381cbba0 |
| SHA512 | b751f2a534e066d4524250441aae458535ec86958ce670aceb172aa30c1f8295cd8827120b41300f04cbfa6cdad7d2107275da05049776dba87a0d902bd8759b |
memory/3752-19498-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c26d56556e8ebf21851882ff2b1e8072 |
| SHA1 | b8b7a1a042cf190831a73315ead64a29f7f2d22b |
| SHA256 | cd7aae333a14036cdb6d2c20d4b3d50563d862cf35cc6c6c5f1231885ccff6fe |
| SHA512 | fc97e1f59fa577dac799c2813672a262950f0bf60443c5aebf6bb36d53f35ef345bf375141f51de62c9c0b4630d98fc1fcdf18d0955a4d8e1c33253de043e8cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec41b2d5e902dbccdd817642504f58ba |
| SHA1 | 14b9dbdf42ed3e4402131c3ec82e051a304076a2 |
| SHA256 | b25aa70481171cd699f74e9b74cd4658ab93080a24b8f5e3e8f4c2d4ea889799 |
| SHA512 | 67eee4b89af52fd2d85076db448d27544fa4def1d7dbdff4a1144e452839e1cdd15aeebca8d6b50b4aa02d273728bed6882f1a3fb727d255f52b2651b7eacd47 |
memory/3752-19514-0x0000000067560000-0x00000000688A1000-memory.dmp
memory/3752-19515-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20cbb06b4f49657775752d6a1ec2a1c6 |
| SHA1 | 402fd2e5522136b4d2cc92529f217b50f6f70a3f |
| SHA256 | e077caf3825bf760f5f3fddf47705191d11f53e2d52680ab0d07e87fbfdeb40c |
| SHA512 | 530276873b4630c7c40341f4950d44d4deb2363a76e5b770b6a044f9c0f9ac852cbc06be623bc8958e6b99ec8b66e0a0ee02e89a790c9335dd07e18a8c01e56c |
memory/7336-19527-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19526-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19525-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19537-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19536-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19535-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19534-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19533-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19532-0x000002043F750000-0x000002043F751000-memory.dmp
memory/7336-19531-0x000002043F750000-0x000002043F751000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | e76e2f0eb248522043d80f0050719a93 |
| SHA1 | c32755f23880b92b17bf83c01b03261aa8ef3f1d |
| SHA256 | 730c8cc7a3d41b41f5e4d677f3e22d46fbd90d2f4b6b7552213c5b5ecdfa16ca |
| SHA512 | aaa6545d9d2b16b36a3e4ab6fd2d44d58b7532aa451614f8311621997a1616ee37f834f2979ade694018d518583ed8f64933d38fa67ef2b982f5fe06217f6b12 |
memory/3752-19557-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 24e6c97978f33468e00bbd486d8bacea |
| SHA1 | ac04967c68c27ddd424dab4b07e846a031a6c5b1 |
| SHA256 | 3dba0b33595f88c694b13bfa66dc21a34e31b2082b3e46fe02ec882dae659bef |
| SHA512 | 8f99d08ce012fd8ebe9f2a65e2fe1e232220860553b98e106fafa4c34dd6a6d3de4f2672363c385b5ee8720454de01244edd07370873da49c9c7d3dcaeb76388 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 77750d408dc290e6f9f1a48917719905 |
| SHA1 | 1c035bd72754d61a89772c3697cde87bbe963e90 |
| SHA256 | d317725528eab603d665801ae7f868f0b290598f4eed0fd1aca4695cc57933ce |
| SHA512 | f73db55fd0c805e91e24f06ace4dbb6be0f245ec6f9019de5b4908e6c43fd9439a7c96020857607ee4e6b90806d15b6e21032540554ae2a4edf9f2ba78839285 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f079334aa67afcd6fb1dd5c97b98d3e |
| SHA1 | 5aee66b54eeeac5fd93c529a59c01d875d2cd00a |
| SHA256 | b28dcc75ad13573a17b101edeb5ca39e718f302774b441eed6167525fa0810da |
| SHA512 | 841bba902a35b0e299c9900c94b42b49a167bc9fb8a60fabe70099977ce381b6877a18451f3849764bcc1e9a070d639182e4f7509bf70c2a74cd9f86957e42c3 |
memory/3752-19610-0x0000000067560000-0x00000000688A1000-memory.dmp
memory/3752-19611-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2e9eed4009cfdc4064d53399d0d8a71 |
| SHA1 | ab064e8ab5ca77cfe028705eab1b2711072b0bd2 |
| SHA256 | 2ddce42f6b6a222989d3ad87e65f4ea109765e1022d8976c6260f0a8930c20c3 |
| SHA512 | 4fffe97ed8e15b82516d71d836d0e8af95333792aaa3b31143756e5eb6dffb5d5678c4f323f425076c02c7e0657ca9b5825a1e21ece250631e89031b1be19227 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | cffcd1af92bbef026f7a9f8eb3e4258d |
| SHA1 | 54f3bfd783495babfe2cdb3a0b8cdc8b1ea8242e |
| SHA256 | 2056b1542895fa0a53c431c17a12d85a47cbe5fd86edc0627e626c1856fd86e7 |
| SHA512 | 7ec5815f0a721757c0edafeb89b6688018c4e64377bbb08308fb9c742b6d47b3c9e98dd440d810d41d8b72ecdc7140b95122094b7f4c7ce2ccfdc86d9171d627 |
memory/3752-19631-0x0000000067560000-0x00000000688A1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27a1dd74dd409763a4c839853791091e |
| SHA1 | 61706228e635575963eddfd6ecfe035c81499560 |
| SHA256 | c1596aaa006cb1e0721169cbb5ac23c7158f39053ba1266ef14dc62db231eb6d |
| SHA512 | 4a934c95ec4333535fd601b2f79118b69ffaaffd5048c31b8273e5a7e44b80a046e521f435a4533c2acc47ff55b1c0108a785c24622fe3450902506951729ad8 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 39ef9f7187bf2550f1841357d15e4fe5 |
| SHA1 | a31fed669b02033c0cc32f68300aef39780ccba4 |
| SHA256 | cece201e9ffd05c7846fb637d4837b3439f2e753ddf066876122106d20c10e56 |
| SHA512 | 898394261fcca0cf68a42920fcb3db74de86fe3774d4c847ce62a0ee316693257e1699d0463dde760cf51a62a03a838a98d01804a3a957c9680d919fa59980fe |
memory/3752-19662-0x0000000067560000-0x00000000688A1000-memory.dmp