Malware Analysis Report

2025-04-03 19:50

Sample ID 241109-w4zb6asmfk
Target sample
SHA256 1574e033e2aade93e29879505b3d27efb9d6a31a819eb3e11028fabe8c9ad87b
Tags
defense_evasion discovery persistence phishing privilege_escalation upx
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

1574e033e2aade93e29879505b3d27efb9d6a31a819eb3e11028fabe8c9ad87b

Threat Level: Likely malicious

The file sample was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery persistence phishing privilege_escalation upx

Downloads MZ/PE file

Event Triggered Execution: Component Object Model Hijacking

Checks BIOS information in registry

Loads dropped DLL

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg55923646930443652165245927921611404456

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg_55923646930443652165245927921611404456

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg

Executes dropped EXE

Enumerates connected drives

Checks installed software on the system

UPX packed file

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

System Location Discovery: System Language Discovery

Browser Information Discovery

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Modifies registry class

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: LoadsDriver

Checks SCSI registry key(s)

Checks processor information in registry

NTFS ADS

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 18:29

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 18:29

Reported

2024-11-09 18:59

Platform

win11-20241007-en

Max time kernel

1799s

Max time network

1767s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html

Signatures

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg

phishing

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg55923646930443652165245927921611404456

phishing

A potential corporate email address has been identified in the URL: F207D74D549850760A4C98C6@AdobeOrg_55923646930443652165245927921611404456

phishing

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate C:\Users\Admin\Downloads\Detection (ah4).exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Users\Admin\Downloads\Detection (ah4).exe N/A
File opened (read-only) \??\F: C:\Windows\explorer.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\perfh00A.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfh010.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfc011.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_726cea1f0f349cf7\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\wvmbusvideo.inf_amd64_38452bb97e6ec2c3\wvmbusvideo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\wbem\Performance\WmiApRpl_new.ini C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfc00A.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfh00C.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File opened for modification C:\Windows\system32\PerfStringBackup.INI C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created \??\c:\windows\system32\driverstore\filerepository\hdaudbus.inf_amd64_8207ba80cf22e40a\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Users\Admin\Downloads\Detection (ah4).exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_585900615f764770\usbport.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_cc6edbde0940344f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_346f3764318c1681\vrd.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\wbem\Performance\WmiApRpl_new.h C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_702fdf2336d2162d\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_5ab7d1c25144fcab\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_8207ba80cf22e40a\hdaudbus.PNF C:\Windows\system32\dxdiag.exe N/A
File opened for modification C:\Windows\system32\devmgmt.msc C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\perfh007.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfc010.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created \??\c:\windows\system32\driverstore\filerepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_cc6edbde0940344f\keyboard.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\virtualdisplayadapter.inf_amd64_afb8b1a6452c68d5\virtualdisplayadapter.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\displayoverride.inf_amd64_2a9c012705b571c0\displayoverride.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\perfh011.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_702fdf2336d2162d\input.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_5ab7d1c25144fcab\msmouse.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\rdpidd.inf_amd64_ddafac63f34fa55b\rdpidd.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\perfc00C.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\PerfStringBackup.TMP C:\Windows\system32\wbem\WMIADAP.EXE N/A
File opened for modification C:\Windows\system32\devmgmt.msc C:\Windows\system32\mmc.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\mshdc.inf_amd64_84ea762c0a90c362\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_726cea1f0f349cf7\machine.PNF C:\Windows\system32\dxdiag.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_84ea762c0a90c362\mshdc.PNF C:\Windows\system32\dxdiag.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\c_display.inf_amd64_3ae9c622a9f0ce68\c_display.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\system32\perfc007.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfc009.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\system32\perfh009.dat C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Users\Admin\Downloads\Detection (ah4).exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_585900615f764770\usbport.PNF C:\Windows\system32\dxdiag.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Process Hacker 2\ProcessHacker.exe C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\WindowExplorer.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-O7HU5.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-DA7PK.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-SD9B5.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-KHINL.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-STJ9D.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\ExtendedServices.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\ExtendedTools.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\OnlineChecks.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\Updater.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\x86\is-U3MMC.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\NetworkTools.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-REPKB.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-3RUNO.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-CASE3.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-C3LUD.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\x86\ProcessHacker.exe C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\HardwareDevices.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\UserNotes.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-NBT4C.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-CV4G0.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-RRJ9K.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\DotNetTools.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-Q2PSR.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\SbieSupport.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-4SVTD.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-SIMJ0.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-9LLB1.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\x86\plugins\is-EFV8T.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\peview.exe C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-U2DKC.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-891IB.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\ExtendedNotifications.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\x86\plugins\DotNetTools.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File opened for modification C:\Program Files\Process Hacker 2\plugins\ToolStatus.dll C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\is-EQOBL.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-5RCP1.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-2DGEM.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
File created C:\Program Files\Process Hacker 2\plugins\is-HQUGB.tmp C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\INF\c_scmvolume.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\inf\WmiApRpl\WmiApRpl.h C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\INF\c_fsinfrastructure.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsvirtualization.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_primitive.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_magneticstripereader.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontentscreener.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_monitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_linedisplay.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_camera.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssecurityenhancer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\inf\WmiApRpl\WmiApRpl.ini C:\Windows\system32\wbem\WMIADAP.EXE N/A
File opened for modification C:\Windows\inf\WmiApRpl\WmiApRpl.ini C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\INF\c_cashdrawer.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsencryption.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsundelete.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\INF\c_diskdrive.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsantivirus.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\digitalmediadevice.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystemrecovery.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_processor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_netdriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscopyprotection.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_scmdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsphysicalquotamgmt.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rawsilo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\inf\WmiApRpl\WmiApRpl.h C:\Windows\system32\wbem\WMIADAP.EXE N/A
File created C:\Windows\INF\c_fsreplication.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrvolume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_proximity.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\wsdprint.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscfsmetadataserver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\xusb22.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscompression.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_volume.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fshsm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\rdcameradriver.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsactivitymonitor.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_computeaccelerator.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\oposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fssystem.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_receiptprinter.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_holographic.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_extension.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\dc1-controller.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\remoteposdrv.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_media.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_apo.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fsopenfilebackup.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_sslaccel.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_nvmedisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_barcodescanner.PNF C:\Windows\system32\mmc.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\INF\c_display.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_fscontinuousbackup.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\miradisp.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_ucm.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_mcx.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_smrdisk.PNF C:\Windows\system32\mmc.exe N/A
File created C:\Windows\INF\c_swcomponent.PNF C:\Windows\system32\mmc.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Detection (ah4).exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\processhacker-2.39-setup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\SYSTEM32\netsh.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\processhacker-2.39-setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\dxdiag.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\dxdiag.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\mmc.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\system32\DrvInst.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Platform ID C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\Downloads\Detection (ah4).exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardVersion C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\bios C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BIOSVendor C:\Users\Admin\Downloads\Detection (ah4).exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\ C:\Users\Admin\Downloads\Detection (ah4).exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756505740795741" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "7320" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "5589" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0\NodeSlot = "4" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "5327" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\1\0\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "6042" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 02000000010000000000000003000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "7377" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "16243" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = 00000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0\0 = 1e00715800000000000000000000661aa9a87d3a24448d2404e180695c7a0000 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "1731" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "3117" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "7176" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "13580" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\www.bing.com C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "2002" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{0057D0E0-3573-11CF-AE69-08002B2E1262}" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "8287" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "4803" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\Shell\SniffedFolderType = "Generic" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "3776" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "2698" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "4803" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "5589" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay" C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Windows\system32\dxdiag.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ProgID\ = "DxDiag.DxDiagClassObject.1" C:\Windows\system32\dxdiag.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove C:\Windows\system32\dxdiag.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "3764" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 14001f706806ee260aa0d7449371beb064c986830000 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "3977" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 = 19002f463a5c000000000000000000000000000000000000000000 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "1068" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "4542" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "6294" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\FurMark_2.4.3.0_win64.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\processhacker-2.39-setup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\Detection (ah4).exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A
N/A N/A C:\Program Files\Process Hacker 2\ProcessHacker.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2072 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2072 wrote to memory of 2348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff160dcc40,0x7fff160dcc4c,0x7fff160dcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1804 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2484 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3280 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4504,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4520 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\Windows\system32\werfault.exe

werfault.exe /hc /shared Global\d51bcb0d07914cdc96ec4a27df38851f /t 3796 /p 3732

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=736,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4748,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4796 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4752,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4776,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5112 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5172,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3292,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5000,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3108,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4960,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3484 /prefetch:8

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3400,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4852,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2268 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3116,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5004 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4996,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall

C:\Windows\system32\DrvInst.exe

DrvInst.exe "2" "211" "PCI\VEN_1234&DEV_1111&SUBSYS_11001AF4&REV_02\3&11583659&0&08" "C:\Windows\INF\display.inf" "display.inf:10809047d4324726:MSBDA:10.0.22000.1:pci\cc_0300" "45da5c193" "0000000000000150" "b983"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3760,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4900 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1864,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2964 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=1988,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=1828,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3736 /prefetch:1

C:\Windows\system32\wbem\WMIADAP.EXE

wmiadap.exe /R /T

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6032,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6040 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6024,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1804 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4240,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5552 /prefetch:8

C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe

"C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe"

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe" "__IRCT:3" "__IRTSS:25260914" "__IRSID:S-1-5-21-2410826464-2353372766-2364966905-1000"

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\a55ef3e4f8664fae944bc070f35b9b87 /t 1052 /p 1244

C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe

"C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe"

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe

"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe" "__IRCT:3" "__IRTSS:25260914" "__IRSID:S-1-5-21-2410826464-2353372766-2364966905-1000"

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\58692bf67d844e978bad77e704ddbaa5 /t 4184 /p 5804

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=4760,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6964,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5540,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5068,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4868 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=5092,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5196,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=3492,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7688,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=8024,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3340,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7712 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7960,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7792 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=3360,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5504 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8156,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7912 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7856,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7868 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5324,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7768 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7908,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=4788,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5532 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7720,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8048 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7048,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8016 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7024,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6916,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=3336,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5288 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5672,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5684 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=3480,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=6948,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8112,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\FurMark_2.4.3.0_win64\FurMark_win64\FurMark_GUI.exe

"C:\Users\Admin\Downloads\FurMark_2.4.3.0_win64\FurMark_win64\FurMark_GUI.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=3348,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7620 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5152,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7920 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5420,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2168 /prefetch:2

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=4896,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7680,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7068 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=4224,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=3264,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7984 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=7420,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=4140,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=7132,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5584 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3308,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=2004,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6640 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7040,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7488 /prefetch:8

C:\Users\Admin\Downloads\processhacker-2.39-setup.exe

"C:\Users\Admin\Downloads\processhacker-2.39-setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-HDPUR.tmp\processhacker-2.39-setup.tmp" /SL5="$70148,1874675,150016,C:\Users\Admin\Downloads\processhacker-2.39-setup.exe"

C:\Program Files\Process Hacker 2\ProcessHacker.exe

"C:\Program Files\Process Hacker 2\ProcessHacker.exe"

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=6608,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=6624,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=5088,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6728 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=1956,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=8436,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7056 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=8356,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8352 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=8676,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=8772,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8672 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=8912,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7144,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7176,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8208 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8668,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8212 /prefetch:8

C:\Users\Admin\Downloads\Detection (ah4).exe

"C:\Users\Admin\Downloads\Detection (ah4).exe"

C:\Windows\SYSTEM32\netsh.exe

netsh.exe wlan show interfaces

C:\Windows\system32\control.exe

"C:\Windows\system32\control.exe" /name Microsoft.AdministrativeTools

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7156,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=7744,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7000,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9152 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7056,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9192 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6824,i,11837999116844003196,11537609719904049604,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8260 /prefetch:8

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\86a3825820364d4e8140d1943f8eb446 /t 5448 /p 4184

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe"

C:\Windows\write.exe

"C:\Windows\write.exe"

C:\Program Files\Windows NT\Accessories\wordpad.exe

"C:\Program Files\Windows NT\Accessories\wordpad.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc

C:\Windows\system32\control.exe

"C:\Windows\system32\control.exe" /name Microsoft.AdministrativeTools

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe

"C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe"

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

C:\Windows\system32\dxdiag.exe

"C:\Windows\system32\dxdiag.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 104.86.110.98:443 tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.187:443 www.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.16.238:443 apis.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.200.14:443 play.google.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 13.107.21.200:443 bing.com tcp
US 13.107.21.200:443 bing.com tcp
GB 92.123.128.152:443 www.bing.com tcp
GB 92.123.128.152:443 www.bing.com udp
GB 92.123.128.194:443 r.bing.com tcp
GB 92.123.128.194:443 r.bing.com tcp
GB 92.123.128.194:443 r.bing.com tcp
GB 92.123.128.194:443 r.bing.com udp
GB 92.123.128.194:443 r.bing.com udp
GB 2.22.249.221:443 assets.msn.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.75:443 login.microsoftonline.com tcp
US 13.107.246.65:443 3pcookiecheck.azureedge.net tcp
GB 92.123.128.187:443 www.bing.com tcp
US 104.208.16.92:443 browser.pipe.aria.microsoft.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.151:443 r.bing.com tcp
GB 92.123.128.152:443 www.bing.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 92.123.128.153:443 www.bing.com udp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.161:443 r.bing.com udp
GB 92.123.128.161:443 r.bing.com udp
GB 92.123.128.178:443 th.bing.com udp
GB 92.123.128.178:443 th.bing.com udp
US 13.107.246.65:443 3pcookiecheck.azureedge.net tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 104.21.47.123:443 www.simpleunlocker.com tcp
US 104.21.47.123:443 www.simpleunlocker.com tcp
US 104.21.47.123:443 www.simpleunlocker.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.26.9.123:443 cdn.datatables.net tcp
US 104.26.9.123:443 cdn.datatables.net tcp
US 104.26.9.123:443 cdn.datatables.net tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
GB 2.19.117.143:443 aefd.nelreports.net tcp
GB 2.19.117.143:443 aefd.nelreports.net udp
GB 92.123.128.187:443 www.bing.com tcp
US 4.150.240.254:443 arm-ring.msedge.net tcp
US 144.2.14.25:443 rum8.perf.linkedin.com tcp
US 104.208.16.92:443 browser.pipe.aria.microsoft.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
GB 92.123.128.189:443 www.bing.com tcp
GB 216.58.201.100:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.187.234:443 ogads-pa.googleapis.com tcp
GB 142.250.187.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org tcp
US 104.20.36.13:443 dl2.tlauncher.org udp
US 104.19.229.21:443 hcaptcha.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
RU 77.88.21.119:443 mc.yandex.ru tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 104.20.36.13:443 dl2.tlauncher.org udp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 95.100.195.18:80 ocsp.securetrust.com tcp
US 104.20.37.13:443 dl2.tlauncher.org tcp
US 104.20.37.13:443 dl2.tlauncher.org tcp
GB 142.250.180.4:443 www.google.com udp
IN 142.250.67.227:443 id.google.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
GB 142.250.187.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
IN 142.250.67.227:443 id.google.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 227.67.250.142.in-addr.arpa udp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.179.230:443 static.doubleclick.net tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 llaun.ch udp
US 104.26.11.81:443 llaun.ch tcp
US 104.26.11.81:443 llaun.ch tcp
US 104.26.11.81:443 llaun.ch tcp
US 104.26.11.81:443 llaun.ch tcp
US 104.26.11.81:443 llaun.ch tcp
US 104.26.11.81:443 llaun.ch tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 81.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
RU 77.88.21.119:443 mc.yandex.com tcp
US 104.26.11.81:443 llaun.ch udp
US 104.26.11.81:443 llaun.ch udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
GB 92.123.128.187:443 www.bing.com tcp
US 8.8.8.8:53 p-ring.msedge.net udp
US 150.171.84.254:443 p-ring.msedge.net tcp
US 8.8.8.8:53 254.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 254.84.171.150.in-addr.arpa udp
US 8.8.8.8:53 5bbc8e6e47771d0d34d5987cce821198.azr.footprintdns.com udp
IE 20.123.29.87:443 5bbc8e6e47771d0d34d5987cce821198.azr.footprintdns.com tcp
US 8.8.8.8:53 87.29.123.20.in-addr.arpa udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 92.123.128.133:443 www.bing.com udp
US 8.8.8.8:53 133.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
IN 142.250.67.227:443 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 216.58.204.74:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 www.nvidia.com udp
GB 95.100.104.18:443 www.nvidia.com tcp
GB 95.100.104.18:443 www.nvidia.com tcp
US 8.8.8.8:53 images.nvidia.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 assets.adobedtm.com udp
US 8.8.8.8:53 static.queue-it.net udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
GB 2.23.205.29:443 assets.adobedtm.com tcp
NL 18.239.83.79:443 static.queue-it.net tcp
NL 18.239.83.79:443 static.queue-it.net tcp
US 192.229.220.191:443 images.nvidia.com tcp
US 192.229.220.191:443 images.nvidia.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 191.220.229.192.in-addr.arpa udp
US 8.8.8.8:53 store.nvidia.com udp
US 8.8.8.8:53 assets.queue-it.net udp
NL 18.239.50.13:443 assets.queue-it.net tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
GB 95.100.104.21:443 api-prod.nvidia.com tcp
US 8.8.8.8:53 13.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 21.104.100.95.in-addr.arpa udp
US 8.8.8.8:53 ws.zoominfo.com udp
US 8.8.8.8:53 www.influ2.com udp
US 8.8.8.8:53 cdn.evgnet.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 151.101.192.114:443 cdn.evgnet.com tcp
US 34.107.254.219:443 www.influ2.com tcp
US 104.16.117.43:443 ws.zoominfo.com tcp
GB 151.101.188.157:443 static.ads-twitter.com tcp
US 151.101.129.140:443 alb.reddit.com tcp
US 151.101.1.140:443 alb.reddit.com tcp
GB 2.19.117.135:443 snap.licdn.com tcp
GB 95.100.104.20:443 analytics.tiktok.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 dev.visualwebsiteoptimizer.com udp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 151.101.1.140:443 pixel-config.reddit.com tcp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 analytics.twitter.com udp
US 151.101.129.140:443 pixel-config.reddit.com tcp
US 8.8.8.8:53 t.influ2.com udp
US 172.66.0.227:443 t.co tcp
US 172.66.0.227:443 t.co tcp
US 172.66.0.227:443 t.co tcp
US 172.66.0.227:443 t.co tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 34.117.110.211:443 t.influ2.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 layouts.nvidiagrid.net udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com udp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com udp
IE 54.171.207.30:443 layouts.nvidiagrid.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 tags.clickagy.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 js.adsrvr.org udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 nvidiacorp.us-5.evergage.com udp
GB 216.58.204.67:443 www.google.co.uk tcp
GB 216.58.204.67:443 www.google.co.uk tcp
NL 13.227.219.83:443 tags.clickagy.com tcp
NL 18.239.67.100:443 js.adsrvr.org tcp
US 3.147.15.118:443 nvidiacorp.us-5.evergage.com tcp
US 8.8.8.8:53 aorta.clickagy.com udp
US 8.8.8.8:53 insight.adsrvr.org udp
US 8.8.8.8:53 cdn.pushcrew.com udp
US 8.8.8.8:53 219.254.107.34.in-addr.arpa udp
US 8.8.8.8:53 43.117.16.104.in-addr.arpa udp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 157.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 135.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 20.104.100.95.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 137.102.96.34.in-addr.arpa udp
US 8.8.8.8:53 67.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 227.0.66.172.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 211.110.117.34.in-addr.arpa udp
US 8.8.8.8:53 30.207.171.54.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 114.192.101.151.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 100.67.239.18.in-addr.arpa udp
US 8.8.8.8:53 118.15.147.3.in-addr.arpa udp
US 8.8.8.8:53 83.219.227.13.in-addr.arpa udp
US 44.218.158.12:443 aorta.clickagy.com tcp
US 44.218.158.12:443 aorta.clickagy.com tcp
US 104.22.1.247:443 cdn.pushcrew.com tcp
US 8.8.8.8:53 hemsync.clickagy.com udp
US 35.71.131.137:443 insight.adsrvr.org tcp
US 34.194.117.32:443 hemsync.clickagy.com tcp
US 104.22.1.247:443 cdn.pushcrew.com udp
US 8.8.8.8:53 pushcrew.com udp
US 34.102.183.26:443 pushcrew.com tcp
US 8.8.8.8:53 prod.cloudmatchbeta.nvidiagrid.net udp
US 8.8.8.8:53 aa.agkn.com udp
GB 80.84.161.230:443 prod.cloudmatchbeta.nvidiagrid.net tcp
IE 52.51.236.71:443 aa.agkn.com tcp
US 34.102.183.26:443 pushcrew.com tcp
US 8.8.8.8:53 privacyportal.onetrust.com udp
NL 18.239.83.79:443 static.queue-it.net udp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
US 8.8.8.8:53 247.1.22.104.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 12.158.218.44.in-addr.arpa udp
US 8.8.8.8:53 230.161.84.80.in-addr.arpa udp
US 8.8.8.8:53 71.236.51.52.in-addr.arpa udp
US 8.8.8.8:53 32.117.194.34.in-addr.arpa udp
US 8.8.8.8:53 26.183.102.34.in-addr.arpa udp
US 8.8.8.8:53 smetrics.nvidia.com udp
IE 66.235.152.156:443 smetrics.nvidia.com tcp
US 8.8.8.8:53 nvidia.tt.omtrdc.net udp
US 8.8.8.8:53 j.6sc.co udp
GB 2.22.249.39:443 j.6sc.co tcp
IE 66.235.152.225:443 nvidia.tt.omtrdc.net tcp
US 8.8.8.8:53 c.6sc.co udp
US 8.8.8.8:53 ipv6.6sc.co udp
US 8.8.8.8:53 b.6sc.co udp
GB 2.22.249.62:443 b.6sc.co tcp
US 8.8.8.8:53 eps.6sc.co udp
US 99.83.231.3:443 eps.6sc.co tcp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 39.249.22.2.in-addr.arpa udp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 62.249.22.2.in-addr.arpa udp
US 99.83.231.3:443 eps.6sc.co tcp
US 104.16.117.43:443 ws.zoominfo.com udp
FR 152.195.15.58:443 cdn.bizible.com tcp
US 8.8.8.8:53 tags.srv.stackadapt.com udp
US 34.107.254.219:443 www.influ2.com udp
DE 3.77.64.9:443 tags.srv.stackadapt.com tcp
US 8.8.8.8:53 munchkin.marketo.net udp
US 8.8.8.8:53 s.adroll.com udp
US 8.8.8.8:53 t.contentsquare.net udp
GB 23.204.224.203:443 munchkin.marketo.net tcp
NL 18.239.50.21:443 s.adroll.com tcp
NL 18.239.18.75:443 t.contentsquare.net tcp
US 99.83.231.3:443 eps.6sc.co tcp
US 8.8.8.8:53 v.eps.6sc.co udp
GB 142.250.180.4:443 www.google.com udp
DE 3.77.64.9:443 tags.srv.stackadapt.com tcp
US 8.8.8.8:53 cdn.bizibly.com udp
NL 18.238.243.50:443 v.eps.6sc.co tcp
US 34.117.110.211:443 t.influ2.com udp
US 8.8.8.8:53 3.231.83.99.in-addr.arpa udp
US 8.8.8.8:53 58.15.195.152.in-addr.arpa udp
US 8.8.8.8:53 9.64.77.3.in-addr.arpa udp
US 8.8.8.8:53 203.224.204.23.in-addr.arpa udp
US 8.8.8.8:53 21.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 75.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 50.243.238.18.in-addr.arpa udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 c.contentsquare.net udp
US 8.8.8.8:53 d.adroll.com udp
IE 34.249.87.52:443 c.contentsquare.net tcp
IE 176.34.105.208:443 d.adroll.com tcp
GB 216.58.204.67:443 www.google.co.uk udp
IE 34.249.87.52:443 c.contentsquare.net tcp
US 8.8.8.8:53 dpm.demdex.net udp
IE 54.72.201.156:443 dpm.demdex.net tcp
US 8.8.8.8:53 q-aeu1.contentsquare.net udp
IE 54.171.25.132:443 q-aeu1.contentsquare.net tcp
US 8.8.8.8:53 560-nbs-753.mktoresp.com udp
US 199.15.214.243:443 560-nbs-753.mktoresp.com tcp
US 8.8.8.8:53 52.87.249.34.in-addr.arpa udp
US 8.8.8.8:53 208.105.34.176.in-addr.arpa udp
US 8.8.8.8:53 156.201.72.54.in-addr.arpa udp
US 8.8.8.8:53 132.25.171.54.in-addr.arpa udp
US 8.8.8.8:53 k-aeu1.contentsquare.net udp
IE 52.49.246.129:443 k-aeu1.contentsquare.net tcp
US 8.8.8.8:53 243.214.15.199.in-addr.arpa udp
US 8.8.8.8:53 129.246.49.52.in-addr.arpa udp
NL 18.239.18.75:443 t.contentsquare.net udp
IE 52.49.246.129:443 k-aeu1.contentsquare.net tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 srm.ba.contentsquare.net udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 x.adroll.com udp
US 8.8.8.8:53 pixel.tapad.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 sync.outbrain.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 185.89.210.212:443 ib.adnxs.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 13.248.245.213:443 eb2.3lift.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
IE 52.18.240.151:443 x.adroll.com tcp
NL 141.226.228.48:443 sync.taboola.com tcp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 64.74.236.223:443 sync.outbrain.com tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 download.nvidia.com udp
US 192.229.220.191:443 download.nvidia.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
US 104.18.36.155:443 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 212.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 151.240.18.52.in-addr.arpa udp
US 8.8.8.8:53 12.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 223.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
IE 52.31.154.139:443 srm.ba.contentsquare.net tcp
IE 52.31.154.139:443 srm.ba.contentsquare.net tcp
US 104.16.117.43:443 ws.zoominfo.com udp
US 8.8.8.8:53 login.nvidia.com udp
IE 52.50.114.31:443 login.nvidia.com tcp
IE 52.50.114.31:443 login.nvidia.com tcp
IE 54.73.220.127:443 accounts.nvgs.nvidia.com tcp
US 8.8.8.8:53 login.nvgs.nvidia.com udp
NL 108.156.60.79:443 login.nvgs.nvidia.com tcp
US 8.8.8.8:53 31.114.50.52.in-addr.arpa udp
US 8.8.8.8:53 127.220.73.54.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
IE 54.73.220.127:443 accounts.nvgs.nvidia.com tcp
US 8.8.8.8:53 79.60.156.108.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.204.74:443 ogads-pa.googleapis.com udp
GB 172.217.16.238:443 play.google.com udp
US 13.107.21.200:443 bing.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
GB 142.250.178.2:443 cm.g.doubleclick.net udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.204.74:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 maps.gstatic.com udp
GB 216.58.204.67:443 maps.gstatic.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.213.1:443 lh5.googleusercontent.com tcp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.179.246:443 i.ytimg.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.179.230:443 static.doubleclick.net udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 geeks3d.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
CH 195.15.220.232:443 geeks3d.com tcp
CH 195.15.220.232:443 geeks3d.com tcp
CH 195.15.220.232:443 geeks3d.com tcp
CH 195.15.220.232:443 geeks3d.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 232.220.15.195.in-addr.arpa udp
CH 195.15.220.232:443 geeks3d.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 216.58.201.110:443 fundingchoicesmessages.google.com tcp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
GB 216.58.213.1:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
GB 142.250.200.2:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 142.250.179.225:443 ep2.adtrafficquality.google tcp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.179.225:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 225.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 142.250.179.225:443 ep2.adtrafficquality.google udp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 ads.travelaudience.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 ius.ctnsnet.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 pm.w55c.net udp
IE 3.248.152.233:443 pr-bh.ybp.yahoo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
US 35.186.193.173:443 ius.ctnsnet.com tcp
US 35.186.193.173:443 ius.ctnsnet.com tcp
DK 37.157.2.230:443 c1.adform.net tcp
US 35.190.0.66:443 ads.travelaudience.com tcp
US 35.190.0.66:443 ads.travelaudience.com tcp
NL 64.158.223.137:443 dclk-match.dotomi.com tcp
NL 64.158.223.137:443 dclk-match.dotomi.com tcp
IE 54.171.131.187:443 pm.w55c.net tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net udp
NL 35.214.136.108:443 x.bidswitch.net udp
BE 35.206.140.87:443 pool.admedo.com tcp
US 8.8.8.8:53 233.152.248.3.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 187.131.171.54.in-addr.arpa udp
GB 142.250.200.2:443 ep1.adtrafficquality.google udp
BE 35.206.140.87:443 pool.admedo.com udp
US 8.8.8.8:53 87.140.206.35.in-addr.arpa udp
CH 195.15.220.232:443 geeks3d.com tcp
US 8.8.8.8:53 gpumagick.com udp
CH 83.166.138.104:443 gpumagick.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-if-v6exp3-v4.metric.gstatic.com udp
US 8.8.8.8:53 a.tribalfusion.com udp
NL 35.204.158.49:443 um.simpli.fi tcp
US 8.8.8.8:53 gcm.ctnsnet.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
GB 142.250.178.3:443 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-if-v6exp3-v4.metric.gstatic.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
IE 54.246.188.223:443 match.prod.bidr.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 104.138.166.83.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 63.150.64.172.in-addr.arpa udp
NL 193.0.160.130:443 p.rfihub.com tcp
GB 142.250.178.3:443 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-if-v6exp3-v4.metric.gstatic.com udp
US 8.8.8.8:53 s.tribalfusion.com udp
GB 142.250.200.2:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 223.188.246.54.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-i2-v6exp3.ds.metric.gstatic.com udp
US 8.8.8.8:53 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-i1-v6exp3.v4.metric.gstatic.com udp
GB 172.217.16.242:443 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-i2-v6exp3.ds.metric.gstatic.com tcp
GB 172.217.169.82:443 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-i1-v6exp3.v4.metric.gstatic.com tcp
US 8.8.8.8:53 82.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 242.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-s1-v6exp3-v4.metric.gstatic.com udp
GB 142.250.179.227:443 p4-h7rhkcczlhzmq-mcatvotvdqqorjgz-785369-s1-v6exp3-v4.metric.gstatic.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.204.74:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
GB 216.58.213.1:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.16.227:443 ssl.gstatic.com tcp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.200.42:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 processhacker.sourceforge.io udp
US 172.64.150.83:443 processhacker.sourceforge.io tcp
US 172.64.150.83:443 processhacker.sourceforge.io tcp
US 172.64.150.83:443 processhacker.sourceforge.io udp
US 8.8.8.8:53 sourceforge.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 172.64.150.145:443 sourceforge.net tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 145.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 172.64.150.83:443 systeminformer.sourceforge.io tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 104.21.85.212:443 systeminformer.dev tcp
US 8.8.8.8:53 212.85.21.104.in-addr.arpa udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 104.21.85.212:443 systeminformer.dev udp
US 172.64.150.145:443 sourceforge.net udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 172.64.150.145:443 sourceforge.net tcp
US 172.64.150.145:443 sourceforge.net tcp
US 172.64.150.145:443 sourceforge.net udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 104.18.94.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 41.94.18.104.in-addr.arpa udp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com tcp
US 172.64.147.47:443 a.fsdn.com udp
US 8.8.8.8:53 d.delivery.consentmanager.net udp
US 8.8.8.8:53 cdn.consentmanager.net udp
US 8.8.8.8:53 c.sf-syn.com udp
DE 87.230.98.76:443 d.delivery.consentmanager.net tcp
DE 195.181.170.18:443 cdn.consentmanager.net tcp
US 172.64.154.159:443 c.sf-syn.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
DE 87.230.98.76:443 d.delivery.consentmanager.net tcp
US 8.8.8.8:53 47.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 18.170.181.195.in-addr.arpa udp
US 8.8.8.8:53 76.98.230.87.in-addr.arpa udp
US 8.8.8.8:53 159.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 ml314.com udp
US 216.105.38.9:443 analytics.slashdotmedia.com tcp
US 104.22.74.216:443 btloader.com tcp
US 34.117.77.79:443 ml314.com tcp
GB 2.22.249.39:443 j.6sc.co tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 34.117.77.79:443 ml314.com udp
US 8.8.8.8:53 c.6sc.co udp
US 8.8.8.8:53 ipv6.6sc.co udp
US 8.8.8.8:53 b.6sc.co udp
GB 2.22.249.39:443 b.6sc.co tcp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 ib.adnxs.com udp
US 3.33.220.150:443 match.adsrvr.org tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
IE 54.72.18.169:443 dpm.demdex.net tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
DE 3.121.27.153:443 ps.eyeota.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
GB 216.58.213.1:443 7b2b77b7d41ce9a8a4e98bbc280e580a.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 9.38.105.216.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 79.77.117.34.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 38.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 153.27.121.3.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 172.217.169.33:443 tpc.googlesyndication.com udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
ID 34.101.114.154:443 e2c9.gcp.gvt2.com tcp
GB 172.217.169.35:443 beacons.gvt2.com tcp
DE 87.230.98.76:443 d.delivery.consentmanager.net tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 216.105.38.9:443 analytics.slashdotmedia.com tcp
US 130.211.23.194:443 api.btloader.com udp
DE 3.121.27.153:443 ps.eyeota.net tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 151.101.65.44:443 trc.taboola.com tcp
IE 54.170.33.189:443 sync.crwdcntrl.net tcp
US 204.68.111.105:443 downloads.sourceforge.net tcp
US 204.68.111.105:443 downloads.sourceforge.net tcp
BG 87.121.121.2:443 netix.dl.sourceforge.net tcp
US 216.105.38.9:443 analytics.slashdotmedia.com tcp
DE 87.230.98.76:443 d.delivery.consentmanager.net tcp
US 8.8.8.8:53 loadus.exelator.com udp
IE 54.78.254.47:443 loadus.exelator.com tcp
US 8.8.8.8:53 47.254.78.54.in-addr.arpa udp
US 8.8.8.8:53 wj32.org udp
US 162.243.25.33:443 wj32.org tcp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 b.6sc.co udp
US 8.8.8.8:53 d.delivery.consentmanager.net udp
DE 87.230.98.76:443 d.delivery.consentmanager.net tcp
US 8.8.8.8:53 25.14.2.144.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 254.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 254.84.171.150.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 219.254.107.34.in-addr.arpa udp
US 8.8.8.8:53 114.192.101.151.in-addr.arpa udp
US 8.8.8.8:53 157.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 137.102.96.34.in-addr.arpa udp
US 8.8.8.8:53 227.0.66.172.in-addr.arpa udp
US 8.8.8.8:53 211.110.117.34.in-addr.arpa udp
US 8.8.8.8:53 247.1.22.104.in-addr.arpa udp
US 8.8.8.8:53 26.183.102.34.in-addr.arpa udp
US 8.8.8.8:53 243.214.15.199.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 216.105.38.9:443 analytics.slashdotmedia.com tcp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 c.6sc.co udp
US 8.8.8.8:53 ipv6.6sc.co udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 173.193.186.35.in-addr.arpa udp
US 8.8.8.8:53 66.0.190.35.in-addr.arpa udp
US 8.8.8.8:53 87.140.206.35.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 63.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 83.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 145.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 41.94.18.104.in-addr.arpa udp
US 8.8.8.8:53 47.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 159.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 79.77.117.34.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 169.18.72.54.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 44.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 105.111.68.204.in-addr.arpa udp
US 8.8.8.8:53 9.38.105.216.in-addr.arpa udp
US 8.8.8.8:53 33.25.243.162.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 processhacker.sourceforge.net udp
US 172.64.150.145:80 processhacker.sourceforge.net tcp
US 172.64.150.145:443 processhacker.sourceforge.net tcp
US 8.8.8.8:53 processhacker.sourceforge.io udp
US 172.64.150.83:443 processhacker.sourceforge.io tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
GB 92.123.128.189:443 www.bing.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 c10888a0419648fe09601975a925c9a3.safeframe.googlesyndication.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 142.250.180.4:443 www.google.com udp
GB 172.217.169.33:443 tpc.googlesyndication.com udp
US 34.117.77.79:443 ml314.com udp
US 8.8.8.8:53 b.6sc.co udp
GB 142.250.180.4:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.22:443 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 22.213.58.216.in-addr.arpa udp
GB 142.250.187.206:443 www.youtube.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.213.22:443 i.ytimg.com tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com udp
GB 142.250.200.14:443 play.google.com udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.systemrequirementslab.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cf.systemrequirementslab.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
NL 18.239.36.16:443 cf.systemrequirementslab.com tcp
NL 18.239.36.16:443 cf.systemrequirementslab.com tcp
GB 146.75.72.157:443 platform.twitter.com tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 104.244.42.8:443 syndication.twitter.com tcp
US 8.8.8.8:53 157.72.75.146.in-addr.arpa udp
US 8.8.8.8:53 13.86.236.54.in-addr.arpa udp
US 8.8.8.8:53 16.36.239.18.in-addr.arpa udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 hb.vntsm.com udp
GB 143.244.38.136:443 hb.vntsm.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 connect.facebook.net udp
GB 146.75.72.157:443 platform.twitter.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 hb.vntsm.io udp
US 8.8.8.8:53 hb-vntsm-com.global.ssl.fastly.net udp
BE 66.102.1.156:443 stats.g.doubleclick.net tcp
GB 216.58.204.67:443 www.google.co.uk tcp
US 151.101.1.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 172.67.36.131:443 hb.vntsm.io tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 ats.rlcdn.com udp
US 172.67.69.19:443 ad-delivery.net tcp
NL 13.227.219.68:443 ats.rlcdn.com tcp
US 8.8.8.8:53 geo.privacymanager.io udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 13.224.81.110:443 geo.privacymanager.io tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.exelator.com udp
NL 18.65.39.103:443 cdn.exelator.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 156.1.102.66.in-addr.arpa udp
US 8.8.8.8:53 131.36.67.172.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 68.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 110.81.224.13.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 mydmp.exelator.com udp
IE 54.78.254.47:443 mydmp.exelator.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
NL 18.238.243.82:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tag.wknd.ai udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 34.120.253.250:443 tag.wknd.ai tcp
CH 23.50.111.224:443 secure.cdn.fastclick.net tcp
CH 23.50.111.224:443 secure.cdn.fastclick.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
GB 216.58.201.110:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 events.bouncex.net udp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 onsite-tag-logs.apps.nielsen.com udp
US 8.8.8.8:53 load77.exelator.com udp
US 34.98.72.95:443 assets.bounceexchange.com tcp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 52.71.201.70:443 onsite-tag-logs.apps.nielsen.com tcp
DE 212.102.56.179:443 load77.exelator.com tcp
US 34.98.72.95:443 assets.bounceexchange.com udp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
NL 63.215.202.178:443 proc.ad.cpe.dotomi.com tcp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 104.22.5.69:443 a.ad.gt tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 82.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 224.111.50.23.in-addr.arpa udp
US 8.8.8.8:53 95.72.98.34.in-addr.arpa udp
US 8.8.8.8:53 32.8.111.34.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 179.56.102.212.in-addr.arpa udp
US 8.8.8.8:53 70.201.71.52.in-addr.arpa udp
US 8.8.8.8:53 178.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 250.253.120.34.in-addr.arpa udp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
NL 18.239.18.78:443 tags.crwdcntrl.net tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.18.23.145:443 cadmus.script.ac tcp
DE 91.228.74.159:443 secure.quantserve.com tcp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 i.clean.gg udp
US 8.8.8.8:53 rules.quantcount.com udp
US 104.18.166.224:443 pub.doubleverify.com udp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
IE 3.248.120.42:443 track.venatusmedia.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
IE 54.74.74.210:443 bcp.crwdcntrl.net tcp
US 34.95.69.49:443 i.clean.gg tcp
NL 18.239.50.73:443 rules.quantcount.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 pixel.quantserve.com udp
US 34.95.69.49:443 i.clean.gg udp
US 34.120.111.33:443 cdn.edkt.io tcp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 grid-bidder.criteo.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 krk2.kargo.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 elb.the-ozone-project.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 mp.4dex.io udp
NL 185.89.210.122:443 ib.adnxs.com tcp
US 104.18.34.190:443 elb.the-ozone-project.com tcp
NL 18.239.50.87:443 hb.yellowblue.io tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 18.194.194.150:443 krk2.kargo.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
DE 138.201.52.226:443 shb.richaudience.com tcp
US 104.18.34.178:443 mp.4dex.io tcp
DE 3.120.207.148:443 btlr.sharethrough.com tcp
FR 163.5.194.35:443 prebid.a-mo.net tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
NL 89.149.192.65:443 prg.smartadserver.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
IE 67.220.224.144:443 aax-eu.amazon-adsystem.com tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 216.58.213.1:443 1e95695a5c391802ba05d8c672799151.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 33.111.120.34.in-addr.arpa udp
US 8.8.8.8:53 199.68.239.18.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 42.120.248.3.in-addr.arpa udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 8.8.8.8:53 210.74.74.54.in-addr.arpa udp
US 8.8.8.8:53 73.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 190.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 122.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 87.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 150.194.194.18.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 178.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 4.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 35.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 148.207.120.3.in-addr.arpa udp
US 8.8.8.8:53 65.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 226.52.201.138.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 8.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 144.224.220.67.in-addr.arpa udp
DE 18.157.61.93:443 pre.ads.justpremium.com tcp
IE 99.81.32.63:443 g2.gumgum.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
GB 172.217.169.33:443 tpc.googlesyndication.com tcp
GB 142.250.180.4:443 www.google.com tcp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 54.231.236.80:443 s3.amazonaws.com tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 54.236.86.13:443 www.systemrequirementslab.com tcp
US 3.210.118.1:443 www.systemrequirementslab.com tcp
US 3.210.118.1:80 www.systemrequirementslab.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 54.231.236.80:443 s3.amazonaws.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
GB 216.58.201.110:443 fundingchoicesmessages.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
IE 20.123.29.87:443 5bbc8e6e47771d0d34d5987cce821198.azr.footprintdns.com tcp
GB 92.123.128.187:443 www.bing.com tcp
US 152.199.19.161:443 fp-vs.azureedge.net tcp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 ax-ring.msedge.net udp
US 150.171.27.254:443 ax-ring.msedge.net tcp
GB 92.123.128.187:443 www.bing.com tcp
US 8.8.8.8:53 s-ring.msedge.net udp
US 13.107.3.254:443 s-ring.msedge.net tcp
US 150.171.27.254:443 ax-ring.msedge.net tcp
US 8.8.8.8:53 a-ring-fallback.msedge.net udp
US 8.8.8.8:53 254.3.107.13.in-addr.arpa udp
US 131.253.33.254:443 a-ring-fallback.msedge.net tcp
US 8.8.8.8:53 254.33.253.131.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 216.58.204.67:443 www.google.co.uk udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.213.10:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 www.win-rar.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
DE 51.195.68.163:443 www.win-rar.com tcp
US 8.8.8.8:53 163.68.195.51.in-addr.arpa udp
GB 92.123.128.187:443 www.bing.com tcp
US 8.8.8.8:53 ev2-ring.msedge.net udp
US 150.171.64.254:443 ev2-ring.msedge.net tcp
US 8.8.8.8:53 t-ring-s.msedge.net udp
US 8.8.8.8:53 254.64.171.150.in-addr.arpa udp
US 150.171.84.254:443 p-ring.msedge.net tcp
US 131.253.33.254:443 a-ring-fallback.msedge.net tcp
US 4.150.240.254:443 arm-ring.msedge.net tcp
US 8.8.8.8:53 254.6.107.13.in-addr.arpa udp
US 150.171.27.254:443 ax-ring.msedge.net tcp
US 8.8.8.8:53 d0e670ee2ec1eac9ff68be71a37a552e.azr.footprintdns.com udp
NL 20.107.96.130:443 d0e670ee2ec1eac9ff68be71a37a552e.azr.footprintdns.com tcp
US 8.8.8.8:53 130.96.107.20.in-addr.arpa udp
GB 92.123.128.187:443 www.bing.com tcp
US 104.208.16.92:443 browser.pipe.aria.microsoft.com tcp
US 150.171.64.254:443 ev2-ring.msedge.net tcp
US 13.107.3.254:443 s-ring.msedge.net tcp
US 8.8.8.8:53 static-ecst.licdn.com udp
FR 152.199.21.118:443 static-ecst.licdn.com tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp

Files

\??\pipe\crashpad_2072_ZOKZBCNJQQPWIIYS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 941b53a6775447b27535ccde44549923
SHA1 985f8f30cc034ad50a43c2b82e48c894ae91af7f
SHA256 3044d33e184cfbfc60c7a51ca3e7232896bb4501bf9e3402d1f13d303feba35b
SHA512 cd4a17125fc796774769faabd937b0e4807ef4982fc6d1054be27a9c9e0865f4187265ac27a88dc3687201b54d71bac3dae64ccdd3aa08b6820f1d00371eb4f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b5ac73f8fa5cf469810cfa2eaa44083b
SHA1 061ee9083f6653ef8fb5c92372bf00edb6ca52e6
SHA256 62cc75511a04e7df18e64163bf7c3bd853682d75d014e60a19f622e6ab37fbe3
SHA512 520ae7cbd8d4463af3910006e90646666fe404e43fc4fbc39b189177d435d5dc34b1c3f246e5e2bc5394e20d1818147975df92999735af26f191d785013ea3f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94505897ff53d8246eaf9d11c4f2d38a
SHA1 5ab94ca1b0bee6c5f99d7ff07d42b803055517c9
SHA256 8e1d52ebf87bccd70adf53a30d25fbaa7a5e417d27111b0be5381668fcfcc7ee
SHA512 0bf7f625d6b4d1ed6a83a451f12b592ab904f1130fe9f68135a897204eeafb8ff60d9042b836097a58c1b224e3705bd0bb6fca00121b013cb932ac2e2ef81e0a

memory/4544-124-0x000001CE44800000-0x000001CE44900000-memory.dmp

memory/4544-179-0x000001CE439D0000-0x000001CE439F0000-memory.dmp

memory/4544-180-0x000001CE45450000-0x000001CE45550000-memory.dmp

memory/4544-181-0x000001CE451F0000-0x000001CE45210000-memory.dmp

memory/4544-242-0x000001CE44800000-0x000001CE44900000-memory.dmp

memory/4544-241-0x000001CE44800000-0x000001CE44900000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 1bf37e5bde1df555719d1ff594d8ff47
SHA1 79db3af234462959f890e10ceaf921be21cfd7c4
SHA256 ab28b8c3db9479547fa392b235ad390bb46423073fad7ecfe88b10a0f1f8b05e
SHA512 75e5db3ae4857ae6479d5ee9783dde1c065032779fd1663d4b899ce4567a4367479f6641c1d51dc02fd24770c098b888482629ddb9a493e475016d4335b5dfec

memory/4544-261-0x000001CE45980000-0x000001CE459A0000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 3fff3dd5bb949f03bb7a7cf7e168b220
SHA1 1330de8f66ddf33f1f42cd598512c71739b5da19
SHA256 c78a5ec8b7dd09d7ed5d3d78dfef32c619223687875494776c45a30a72ca0d37
SHA512 214261b57813ceb459e4011f8d8b5c8aaef8b3627ba1829929bc26424b70b6a69866701acff26b9f30ee22ad86948755761be30fc915b929562a7235d4d7d184

memory/4544-274-0x000001CE48C00000-0x000001CE48D00000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7027f1791cbb3e82c47598ddbdda0e3f
SHA1 86f641e5016af6adc7f80ce7c2b6b3356491a8c3
SHA256 20d5239420dd15f0cfa5eea9b9f22367f96948f0dfef5e861103f1e7948096b9
SHA512 68c52b8d3469d57e88f82c905ec376f214032237c01b6552589e22a4daa225a2f50a2b9739f05760d79ba8d8613279877782cb560a59c6a3402f04262616b8ea

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 82bb16f9017f6dceb6a6791498491ab0
SHA1 e310c867ab4b35db92b0a955b010714a8e55aee8
SHA256 77e0bbcbd217d4e1613fe6d0e88d8ccdd871f613f965bf290ad37d91013f531b
SHA512 8d1b94c837e9edb5597aaa002446473c3983ddb9807685f1914984c73ebb7409d930b1ff218fb25cb5528bd4c3f8bc19750e0b69fa580b8fcf1faf96d034705e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 abad8d5a3ea101afcaee4283a3696eca
SHA1 d2b8ce4a311cab36656a971a836a55f39e2aa017
SHA256 d8ab87f255cac7cb6a46f7be5ee49b8cd0bf644ae3cac102de2bb0c4ac7d4f42
SHA512 d6d16a5de320e895664fa74e54c686504d6f22aeb12ef76fad7d62a671b9ff0d758c28d60cf2d600ae9d8b2231ee28909241ce7b35152e766980cf447f37417e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d0e98a44151acfcd9da2d57283196dd
SHA1 1dd0e937692bca93059e900586e30e4cab33a849
SHA256 bb9032b655f025655ba53fac5478d84309e0b80ca9031c666245ce496906e618
SHA512 aa8f291d3cd0e2798a76d75ab69691a4d964c6e44b85cb8debf0006700b8f2491313be3a90f44e56069046b5472e6612a7d12a8937840eb360b6cc127e55fa2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c05c563051b0e87ef71a5d4c304ba996
SHA1 0f21d22b2234d3a341315c7463ab35093226e7bf
SHA256 90c3a2a3a27ffe8e9877599d80e2e67b0870be8dd4fd404d993534281f977526
SHA512 9b36a19cbebe3884d9fb7621bfbc0e063546875a0675e8bdbefdd32cc6775f9fb1e352261b360363e8646ed9895518bd183dcb580b79fb40810d71d7c3ab38a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e10d39e6a100e8148b9f79c0a14d4c9
SHA1 62022304651576ab2c8f5c1e0dd42dac9a373168
SHA256 f1f2e725ab6d2bd155c1a4a3d92bd04554146fa094f1e891e73b5b447af3095e
SHA512 460485fcc277d4723fa82ecd1a471f76dcafe9c8941e9a85d5535481909d8365f056b87f370c005a7440fe5032caf966b6e7db94ed4a615be9e385b624ea7952

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5032e87860ae9fcd6419c7b3f3e16fa8
SHA1 595eac089b815e9ea7c01620187877907f6d31ca
SHA256 ea991bd94982125c446457b669473a0cc38e5fd388f47d66c858369b28c480bc
SHA512 6f30a9227575abfc410bbe2d39afdd43c89e209fa94f09a5bdeee241624a70bc3bac0101d64d27d0f013cbc20da13acb35989c548a31e839f777b799f9d5f09a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 803df2c5cedf31648be5ffae27dca682
SHA1 e8c65c63214372d99dbe73f6b6ad437b267eeeb8
SHA256 5f505358493ee3dd98831e76251db57e9bcbc925ebe906d1dcc947f846194ac7
SHA512 8be8b49592eaef59119583ec12642898ddde83b4716af6798626bb2c7ea6c65eb27868cd42c4dbe93dd42ca6b4c16cbbe2aaad62a01cb08a3b80af5825dde6d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b701374c5e013d5f427987061abaa242
SHA1 fd3e9db300b68f90276b6800bd050290625eec40
SHA256 4d43469006e13695dbfa25fa6a432bde2111ec5a5fe0072dc455b3147b6b5739
SHA512 723d456a2e8d9146da2608231f82fcaafff016d9fac1c28f8f061d45e82b9fba97939b95915abf9c33fe284c8c05264c7b77080883c1f76c89c5fc455ca5352b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15b9186719089cf59913b12f8f574de2
SHA1 9c7026564e6936106e1e362aa1e757496b13722c
SHA256 fcd2c6151fcb742fd59e84b35e6c484397e3491ed1584990b87ffad5217b2410
SHA512 5c355c5afff1d4aaabe52a15f9169b6721b9de50a071bfc47168e12518e87fd4c8b9dcbb8b09460f5b635b854c5a27ba92e1f4f408bdf24a3a4440ec674bde62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8eda24a4015db6da4b619c52e44065d0
SHA1 e25d827ab32187c103fc75d5cd08f70b869f54a5
SHA256 a88afca708f6caaaa045adc9f35ab961c5a41fc011aa67b69cf7f644415fa5cf
SHA512 fc6de440464c5a48fa0c21e06484cb5ee249364f51641d303f67a93c540b1f1d14602c1c3f170f94bc9d42828c3e37e9b6a5d27a18badecd2b13707211aa38ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51e79f52ab5c82c670d49dece45b9a21
SHA1 0c5d82e9dae0675d6580a7975c3d7f7897fb7252
SHA256 0547153880610feab262748db19d73850e8f5a3238da968999d6219a0c457281
SHA512 215adf71d710e572df6e817e41ca0924b37673d5bff100f40e1fd94dbe40c74d05140990a5ded84b348535f20e35a4cb64e91ef04752d04b35ff4d058bcb0247

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 667a6206598c51a1c7f7bf05a446dbdd
SHA1 812eb48cbc80c91d8ee79c00b9915e732abe9dbf
SHA256 a001e24d7815b46a61a661d2181a02523569c0d9658f2dc91380971aa19f03f9
SHA512 9830b8de76ce1ba3eaba7157f80f48295bb17e1345c6c00824ea07e619d2473910a2c5e772e06ed8876b911f2cb26761e3970b18955213c60776a5ee05a1ed09

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8710ba2f54111ade546c6c7fd43da16c
SHA1 8add8a39167bd906eb58c3227a36a8580bc2b00d
SHA256 9352a2ddede6870ad74ddaf24f1a5b267fe95f0ca8a97d52ed9b594aa5a64463
SHA512 59651d91527265214aefc954b8e14a72a124d0fcbde9f747e0b9654c5b70a14b45d6730ddbea44d8a6fad8f91ff1846aa394ab82ee80f3510a7af51538f08fbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3deb89aa1cbce3e44396ae8ae69b370a
SHA1 e3f929e47204faeccb59928c3dc45ef68d4effe0
SHA256 81eff7ab15b2a0a1c27da20c805720b6c8d14f16c96fa0b9fb59b9dccc83a0da
SHA512 dd77b7ee8e62c79698bdb06d8543f7c9aab91f80603e2ef8aebb78518d24eb0fd55cc8df01c02aeeed0c50750e4220bb9be31ae71b26d870b6c1b8edd91bcbc0

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 646f97912cc02f438a4f9dadd8eb36c4
SHA1 441587f2e5caf0ad4491632f7087adebb516fe4e
SHA256 3c97e41ee11c10f8e97edb5a991bebefc85560b165d26058514406c9555f5ac0
SHA512 3b92d49c9255081afb8cfa8c935b6aaf8702dcd17396ec26b7d88e222debd38ca9a445a0b14f6d40e37e4aa669bf3f955b025e62ff3b4fa5501a81ad1130a291

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 fdc62be0be2d47676a40c041d83800d9
SHA1 b30c23a1ff85c57af6829444a3274c870d5ca2d6
SHA256 f7b2c253d3dedcaf5150183b4d7066f6e8d345061a1173699cd660bb4fdbc160
SHA512 8958ab6f5f70d2b26792ec671a26c9239e66d61a1d9100c0fcce8d4fef179420c0d76e42f2969c9d84b2ecf3888578b491e964ce5e759f69483dff951027e0a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ddfaf38f1be01e87ee53ed6f619fefdc
SHA1 3fb5a8f9d065fef1c133f40611e4fd383caa8d3e
SHA256 5584b507cf3c18a3d7539902ce90f306d4cbeaa2b911259de646062859434bda
SHA512 04de8ab3d7303b8c3312e93674e18a62f6a3add8390d14f5da25a5dcdc12fb4b89c1343abfeebb7270c74c398e2c55987fa1c7efbfdccc17ce4c1b0d6af46462

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0e649cc9a8f9fa7471b219dd9596b0df
SHA1 cd313fad66a5f105f00cd718c7377d04bfbf44e5
SHA256 b75baab7aff834d24d5eb8bf07d7898bafdc0c2a3e624898e0c2213936cd2c65
SHA512 16edde262d34b40d3a7b1fa8f137bc34aa24c88ca9ae7b7b5040973f26bd9ca15ae5b16a0de5d49f05aea5bbdb71747ba7223addb4696224df810f87a511416f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3546f67e67a018a70622ea68b1500b4a
SHA1 ad037c49d62cb5770571530f23cd27c1924c44b3
SHA256 f7694c445f875b8175a1c8427932a7c8bcc625fa8e4f5ee6db63998a6f48d8e2
SHA512 7231697cce2685ea1e26c72b41fed7342c149c775b90c856bce3b2a59a36a660fee78d97102a2eae20ad30d94648609595e94a0ddebee38485cbb1fd794805ef

memory/4544-1589-0x000001CE23630000-0x000001CE23650000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 9bbff18e6fd660120e26ba8db23e6171
SHA1 cae3a2634726d4db5e6dfb6f28e2d8ce0788d467
SHA256 587695e792d34f24b72c38acc056530ede03a3f51793a85c5ec366e8eb043b4b
SHA512 b6d76826bff923dde7260eba6d24f9e4155ad22a7d4f5e2334d0f9636e24b414071333e36b310347ec059c0ffc3f2446fa958cbfdfe6c1e27c1b4317cd66019b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c63d52ed0bfcbc2cae0d93cdca2bc70d
SHA1 b48331776e3b96c81ada19cdd644d9af4fd4ceec
SHA256 64612b443f40b784d499f979f92e048057da731f757dea4a50ad88c84c9b9538
SHA512 bd83ccd5f70df4b1c89ba9d270a87ed5171221876a7b182dba3d898e8a2bea0630a1d52c86f1cf711ba3c58451f95c78eae866abe1cb5625c214ed92693cc1e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d9987ac43b6f4bcfa5a71ae1ac40377
SHA1 7c763dfc86aaec5813a2831645a8f0039e7428fd
SHA256 3731dd970102ade7d92b7c2d6cb755e325abf338736c4f14b28db1d9db753d2b
SHA512 07e6590d969bb9dab6de3a1aa6776a99f6a2f5413ebeb5ec001428fc8eada399b0453e9087e6ffb4b8d7e71c47e88b7798d442abfe3a3cda38ff7f4117c0f2d1

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 711f1a880c08e1f7867f1bdd117320b7
SHA1 50c2d0859f6fd41024d486e2ab537507b975991d
SHA256 f868e98aa21c341e365d73e301d87c006b557033d8d7b2808fed207734fe5143
SHA512 885c2abd9047727b33ea760836cbbe4eaf5fddc08375a8b37840c99332131f0f7164f87c0abeb4523f42262349ab12a1c22c12813a9d81d6955c7d20b41a9a0a

memory/4544-1864-0x000001CE46ED0000-0x000001CE46EF0000-memory.dmp

memory/4544-2237-0x000001CE46E60000-0x000001CE46E80000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3296f5a142511764a380c5656ba8ff5
SHA1 aaa1f942febc99f984af6f817ae8316f938dd480
SHA256 9af4993121bbf439f4930e62f51950dff39ffe91394827df5000c0cd8b55d210
SHA512 88da11d4dfec50ab18b3a6027bd0e6250349b01c790857a1bb43c35dab935528f0e3112e2e546411bf418a46d166d725260b6b6afde6a45a7c404930ed95a583

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 765c05b04165c547b3b449116292e9b8
SHA1 1582b119c5babaed43441249d79ae07fe544584c
SHA256 811407a89c97970eee4b7d1395710c8192407b5db1f0f947cf79c350f46d5e3b
SHA512 ab44e2fcbd11210b31d0ec61a7af6c4ec4e0da1023a4e86a63a7a45107e4a523e105b3d25e0df87ee0e81292e65bde08fe47de414ce8039f36555fec7faad858

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3165744aaea50b0eee2a9631ef5063d
SHA1 a8d7d7a0c63f17f89fa168dd048a6ba95e811c16
SHA256 2fe1b2d344f59ae22a70996cad59ffa156ac9604535b9fda8dcf78869f04048c
SHA512 86494a9c511401b36b320c6f93a51489082e300e913366d4bc5670e94a4946dae88a56e94893e233f003a73a6a4bcd0ffc02e31cbdf03ebe26728cb73790d396

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 06fd1cd386c9045844a7aaf3e23f5a5d
SHA1 59fdbf737d70df8985bb21b48444f9d328bfc369
SHA256 05833cb7d8c7798c2bac0dee8754ebcfc5cf39bdbcd46dcb02e60f168b5d3f53
SHA512 e51f09d5b2d1271c617d4349adff52d51df3272e24073d2d112a14310f94bb3a22c48760e09d9e59938bae2433e50f4e53c17c1237b7944828bb3de976f61c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45242a962b367a502406f000517356eb
SHA1 9913dbf9df77c576e903a238a6a1b0b7b2ed0f5c
SHA256 ed5d294b44271fec26ee49ec308ea841e4fd4bd69e05b0d6ddc764982157ab9d
SHA512 9502316c0d09d5b6ffa0fce72142a634c3cf603f8ff395a642ff4d3e25fd3125150217d1023367daf69c6e8da8749da5ff90df354a4e10ba1b98cc194fecd393

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80d0abb1b72b83efd3bd7b707bc2d589
SHA1 a416fbdbff2af3b7b828b0762c66477b2b3d9acc
SHA256 0e32f6cd8a30b26b2fc04f5ecefc91744e8efe70e2fb86bbc8797526eec7e3cc
SHA512 abbfd5104fb7945216e145c2dd2ba7ad225f9c028662d9f4bd21543d36c7bedf881d8ed792e6bb52b46feeec795eba3c3f95104550ed4da8f2e6acad92161895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 01dd7e159d801ac54576ec1011889904
SHA1 3b0d0d72db7ab65c7dbc9a28a21645d3127dc3bb
SHA256 44ca977d164b813532b33ac92b5d8f87ec9f8f7ff262594fa05e4c77657c68ae
SHA512 edd5f8e4cdd999a62fcf1263be554c631c5f8b40b819f16f2d1d0da9eb90129305f5d3469c23e48431481e88cff4fdf5d8d9f530d176cabe5ffa4606c369eaae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 44d913b2f836f8cfe7da438442dda467
SHA1 d086ade278f4d34143e3671b8acbcdc460ed1203
SHA256 3d80da49d04c2ddd24499d47ce44eb0d6a212e325da2af62f8c5c6940ee7aec8
SHA512 a2d52bc16dfe95494a9b1119b38a79b122e95e641016d82b31b97c3fa15869ca164618aead74299f2a8b85c7cb0d5ed3f61f5273a33932dc811468b68cd79f46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 832034324c86b0e9267fcfb667cb263e
SHA1 2e438226308e315c32b0d8cc718ad4680339d3db
SHA256 506a46d6a9b474aecb5eedb47b1acf8a808e93c87529a01dea213529d4195780
SHA512 65f4267144317b508848cb26d576e87141307597ddec683e60043e8367409950dbd698ecd4bfc1429354e2eb8f865f6b767667a197015b7852f732a6e3c0ae70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ad6d2a04124091c43d6b6ca081d2bf3
SHA1 cc60a7a4d09e6a61eac065964b9af40bfdb9615a
SHA256 b0aae40f91a620c16ba06a1aef55862ed04f91f10a6dcc06e739452e184a2623
SHA512 73b9dfedb5d668e6efa4f1c5bd1040e2e47846bad23bd25d84680e095568afc9c99acddbbefa3a0780f337a3a19e30aca5c6cd1901b79347fe02d74fa3dc77a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5043b1e48c50f09bcce98b93dda1a0ce
SHA1 50416fd764886a68420494b45f15de9faf658984
SHA256 9b7c636298879a67bdd10ce49aa3265c9473dc6a370aba32ffd9f01bba8344bc
SHA512 2b78d94afe6bd0ee849002ec40f3bc9cf7c20bbf75b850bd52f582e3ebb83fb78710112de4aaf11feaf20e1cc10c8aa9b70006fc8e6bbde1439b8206da33322f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 246a26260fc8a26df316abd0cab72db0
SHA1 cef1de9d0e232250074d9318fcda84519860fff4
SHA256 fd6e6624bf34ea75e3f70e182d39888cccc14a7108f8b591e6fab2d2aa932e85
SHA512 50254b792d0d857eb79e1a1ae0dc34b8b098ceb9a3f4a04c70c363542e43926c46695bc1c2bf28d1c27d01a173b14e2332e1715b475c4eed2f2f0be9007c760f

memory/4544-2828-0x000001CE225B0000-0x000001CE225D0000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 448c05fd165100ef7e39b968eaa14bf5
SHA1 2b931587cd15c66feca3d07c0c0177979ff658fe
SHA256 f4baff8b71c8dda50e7e8171a65158881fd6f94e4bc7790d348719234d7a94bf
SHA512 77ed40559d510d51b19dd8a23885976bf068ce3e1633e5477622f329606f5507ef6739208db1608605db9ed852aeeb641a21b3d5f9a84d5134bcaeb610cf7805

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 0598d66c2b36a89dafc3afa8cb38e046
SHA1 f86f08292334fcdec84c67b423913827744726e5
SHA256 cdff90b56ef39d7001455365578f45c7b55830a67895976c127be639d253b69c
SHA512 4b19b76c21cde9010a85dea068c2482063337f6ea472398bc7d5c16f1779b86f00a7581657ee2bc92d45714ecf20c3cc779404493e3072e8946ae104c6cf8b1e

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 65d8df5cb04b62ed2612697118ccb006
SHA1 4997413a6ed53b468b3bf9b0ea25b45e97b8ac09
SHA256 d09ee0c4cf5778354349c370777d2812b91a344995238bd9fbcbfa8c460221f5
SHA512 3f616306f9576ad0a4da0797b786a40f423c43f1ebc23a6820173cff4ce99db3f733317fb6e38efba8a260d18a4cbe852ce279c2ce4e16d81beb6c00e922460b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4d7c593ff5d0a094c182e4ef93d5221
SHA1 6041868d6e94922dcd139d0a245de14e0ef674cb
SHA256 509fdab7d6e9cba27e1efd462461012b5f0fc2900b4b408e270be8cf53e146f2
SHA512 de868dc987465b9f2a358555129fb915af61d274336e2c575faaeef35af4c758c027d6d574dd0403de5e52e5c2076341cf74ce8628c79c826f42cfd3fd610a10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e6fdb53885c6699982d78b2d35a90236
SHA1 26e8183f0dee397444fbac2bc3bbc15eca708b4f
SHA256 ca52f715d86434b05bc59a6f276039856a814d6e870001657ed12211a92ac4a0
SHA512 3c824ff878ca735af6f5f3ba59cb097c8b668d5afdc9d6532ff56f986c42d88f86d062e4213772f4de1ce5f191653f2f625804d252409f210e1b53ddeca73784

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 045d759a53427584792e1696240213a1
SHA1 fa048f5ffb6daaf40fa0cf33046422ebe7b3a5d0
SHA256 61b03c2cc1c99c8eeaa320080d97816fb7d5546e4c6a66b54637134598198e0c
SHA512 a063c890205c9fa136b1bef6cd6bd348af137ccc1a2193f1de2837944446956a4a330e2cca13cf73f35354a21778db22f4ce942bbdf1db64ba86073642b8f950

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0401e0fab3e1bb8f0fba0346999a41b9
SHA1 aae75fca6d9d545dde45cf460d29f2d91e9d53b8
SHA256 ec24b83c811d9353084a0aeb7569c7f034761928ba3a0a4100b9b344180d5234
SHA512 080b3719e393c86dbcf07caad6071d08afd244fcb09ed5bc4a11e4f662b1116fbe3231b4c473572ab485a45b66a5be0ad43800b04b134da04c457f93d5b532ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59bd2f547946b446a9eabc2944d1a097
SHA1 dcfa3e29db244f2bce6c113279a78885ff54db79
SHA256 d0bd9adcefd8f68360076c9220344c25fe435f65da4a04e54de707d76309e671
SHA512 0009edde87c71df676d528dc621b50f4c7da33607b0c2527461571de7b0acd7a72b26597d0b18d9f3c49cea6cf87d0457906ccf70291241dfbc5508a5cb2416d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf86cb0a65273a1e3b01898690f3dde4
SHA1 09c7f6fa0ae03da98604952e22b8feffbb2497be
SHA256 c96ed8f4941a42ea9b1a6bf7821a79022f4bf43ee3dfb225165acbb9d4a36e7d
SHA512 10fdf5fc33f5d532a55612342de8e96d28b890ef3a7c295f507a599a2c3e397d91a1b7347fb1e80b9330c8be541fcb06b8c4cd9fecb86f486651b18642e5a8b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce0d90c031bf864fa27e6b580753181f
SHA1 3b2aea30f51ad38d4a0e7d65909d300038a01646
SHA256 4be81ef278704d2dfc47891b8e3f43de3ddf49f206b38af7405e258e2d87f173
SHA512 761330b1f6dbd896edaa0f640599b40a8be74ae342d1e094d767f53235f50c15edc21c5017aa336df55f0c0ee4c1c71b20c6a13b15792392a0d4710f672ced06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01add29a5d3849f121c437fc253b0539
SHA1 ea4771118e75d1acd2a9e56b59c5c15a1274dbb9
SHA256 98ca70f44f67fbabb30920b2a69e1aca0f9746b444b583c1bc1e8586314a6962
SHA512 9a6d5dd65529310af1986865e7075d564e569777bd70346dbe34485bd3ee9b903a41c51fc4a3a30c4c6e26fbf9c946b2dbd51fb1f3d8a4775ce54acbcdb47981

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2b55c0a7dca4b4dab9a4a9ba941c87bd
SHA1 7e9ad4bfd4276971117a93da9c75a08d1a3b31d8
SHA256 e16471eb36b1c68d12e86526152891a8d9c55f74cf591a979a3fd12ea0044d52
SHA512 8af30dc7ca29f335cdded76ba892df705bbf7323f2c3c77ffa84e609373ed172686c665471f16d414a06de0435a7b9acf6dab9be604f5adc10b6d72093374566

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

MD5 dffebd43f93882523b02e9dbaefeb49b
SHA1 0d37513b4bd92be4d583c7804db6cd806944c88a
SHA256 ccf64fdaa07aac034b295ef6d7226e41848eeffba3374f68225a3da838d46314
SHA512 c0ac20e97e88c0aad13a06015c64db3936dc24f5b9930d039f8fff91652ca08776aeb910cbf3eba3d3ec9a6d0f334fee2627f11dc8ac734158e3cf84a3a5f92c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fdb42fcad0965e0b4b818225e28eabd6
SHA1 612d1184ae2617010184700e172ddb2ef7017bba
SHA256 55c8470138c83a4a9da60683f99c5459aafe55cdb8df8fc7a9347aeed9d8b936
SHA512 101532c29fa2fe59a6d286baa158460828b10447eadec2e489f8eb450ddef9087d8802573dff4e54c99fe8af823e853346bcc2cfdf5ed0b9a3e41ad61a6c4c6b

C:\Windows\INF\c_display.PNF

MD5 7fa3734bc719e289f22b7259c8004600
SHA1 f2b9d23239c82a0e20c97ef106791caef6327685
SHA256 21e47723e0b51c49f7a20899575fd0f3ce29f0f12bc989d841274dee6ed67ada
SHA512 0eaa59876e15451292609ade0b006d13c4f6f51bc85865c5bafbb3755d541528e7033cae2b8dd72b67cf17a3f284c8bbfc410691e37eccea3adfc9dee9db6671

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 76426c5124921babbb4d09bf8aa72082
SHA1 0f8c4c56fc796d2c193de33ec3bee640e506d539
SHA256 492db0017143d5872c1259f01a3ccdd1f30cc9df6f832a395bc17b245b1e17d2
SHA512 befc9b481859f0a82893c9e8b2f041ff1ad66f8a36036576bd4e310725d832c779cdb99beb5d8558eb9d90a71b1ac17e91f4ce7ab2f1a800ef0b1b0f8872688d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000009

MD5 079c7d9a5a10a0bb610cee034470d512
SHA1 4104a095ddb39788364a38ee958561e45d31c1d0
SHA256 dfcaca932743ad0baebd5e49084e086062027182063b858762a67b9c9e4f0149
SHA512 4ccab5c601def11d534f6b066a411a9ace3ad53019e119a45488439a4ae3d11123b86409c6d5cf0b56864c3d3ad678d5ffb7b042ebf6453473a6782f94c36075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7338896a4be89465ebab4a36b21d387e
SHA1 c35416b7bec7b8cca28b9dc2a83b4f11c5c93357
SHA256 7131888eff1e3034a9de7fabed91310379fdb59c1d09ce741efb26fb24ff0bd0
SHA512 beb6187ca992377766d6b364daa93d5e66b4dcee856692ae23538f280f22fa551aa6adce53c83afe7876a5a342ca0d06fff59c5340bbdb4408d09a740ac8227a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10e1a8d2d5552809e4d975498a1adfa9
SHA1 8524400b9b8db11f6876a6a89b6b051847be3851
SHA256 ed759c447497dfa1e677422a6be79504be62aafacc2c7deace0d4b7dc7f62a96
SHA512 e64c0bf1a6a1a7683cd99acb87372b1ef214dcf9845da262510cf14efdde1e47b0c6ad3168cfe9fda62ae4eacc1de61b0d5c1a3df47c1736107441e5d5cf0859

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 912f61860cc98b6fee6a825413f7ba23
SHA1 825d0f15d832a24ead4f63f2da2c73e0c8de7c62
SHA256 910e0504f65f33b30c61a6a6872822e912edafcfd81b90fb5106a8dda53651d1
SHA512 13ec894528827088f1405e3818c647cef6df164ae2c929013454ad58c352d1fcb51231e62e767779163d9bc0a99fd1489f162b3a8b235e2381c2fb342f0f308b

C:\Users\Admin\Downloads\Unconfirmed 760126.crdownload

MD5 18f27581ee61474a5661fb3625022df0
SHA1 265d21bff7bb85d42a7eb2779a75c6e1468a9a79
SHA256 f59628d7b563e099c5769b93df66123bd2274ef43e262337b1dc0e41785faf45
SHA512 99dc67916fb4dc1c1ab93a98455f1db3cb3d23fb5b42f7cbf7f8f6c098ace89abd75cffb0059548409068bb7ea738584b817c9c694e724f7d7afabe487f3cc5c

C:\Users\Admin\Downloads\TLauncher-Installer-1.5.4.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6be23f668aa9f202bc68d70130845602
SHA1 69cb9a2f2a33cc3a5bb8a1ef41bcc9ddd6283b99
SHA256 5d3bcafbacef240ad7d4b5e4abe99ec6bd80b87c6bf294d232e2bf358c980f41
SHA512 5a0ae00e0e762b1362976f698f34c508a5c52645cdd583a524083900ff0fdef21894fe7202d7832745e0b61aa48185a9d1faf8bfed7885b425e3667bc2776860

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d11ddbdeff2a86b2fa433fe60deee7b
SHA1 4a21f578d68d624c50b45fa7d3f72dd2a77efa71
SHA256 dbc5da39f9415ad9dcb603d57c4e7ec00f07a3a57cec29da938a2fba4d647e92
SHA512 5253bc2d92e12d5ed430361e4d149345d54884f7c57c517fda67faee528900e08fb08bba4d71b093936df4d8fa41e9abe7199a23799392cea70303994ec7ab32

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe

MD5 0b689a412150e3e6b39c6ec69146504e
SHA1 b690cecdb4217d05947f46eb3720fd3c10f0ebd2
SHA256 ee52474483d6f29d606aa7061d3c3b958d95c9c940bfab7578c75403be59d656
SHA512 e978b873cef32a8d6a8e692cf12728bbf8089b7af67ccd972eeeab69f88a3abecc5aa1b51dcae35e28ad01152ab7c978cc4df2e9580db438bc179dc5ea9f115e

memory/1244-3905-0x00000000000D0000-0x00000000004B9000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll

MD5 c333af59fa9f0b12d1cd9f6bba111e3a
SHA1 66ae1d42b2de0d620fe0b7cc6e1c718c6c579ed0
SHA256 fad540071986c59ec40102c9ca9518a0ddce80cf39eb2fd476bb1a7a03d6eb34
SHA512 2f7e2e53ba1cb9ff38e580da20d6004900494ff7b7ae0ced73c330fae95320cf0ab79278e7434272e469cb4ea2cbbd5198d2cd305dc4b75935e1ca686c6c7ff4

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG49.BMP

MD5 5c9fb63e5ba2c15c3755ebbef52cabd2
SHA1 79ce7b10a602140b89eafdec4f944accd92e3660
SHA256 54ee86cd55a42cfe3b00866cd08defee9a288da18baf824e3728f0d4a6f580e7
SHA512 262c50e018fd2053afb101b153511f89a77fbcfd280541d088bbfad19a9f3e54471508da8b56c90fe4c1f489b40f9a8f4de66eac7f6181b954102c6b50bdc584

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a7e13a1a3043acaa043df0b8a1d456e9
SHA1 e8a5257870f300d089c43ec65fc1f15b255b0dc8
SHA256 778b715c8ed51c5ef169269e05c6128b0ccb9c99d7bd9307a07d6215bfc993d4
SHA512 5cb0c1e324c4b20299c106ae3fea2420695954e5e82aa2420645e08018ad03590e45cda58db3e6510083795d3a5691d72b80f830c5080c2a8efe8a6610fd4649

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\200.ico

MD5 e043a9cb014d641a56f50f9d9ac9a1b9
SHA1 61dc6aed3d0d1f3b8afe3d161410848c565247ed
SHA256 9dd7020d04753294c8fb694ac49f406de9adad45d8cdd43fefd99fec3659e946
SHA512 4ae5df94fd590703b7a92f19703d733559d600a3885c65f146db04e8bbf6ead9ab5a1748d99c892e6bde63dd4e1592d6f06e02e4baf5e854c8ce6ea0cce1984f

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd

MD5 da1d0cd400e0b6ad6415fd4d90f69666
SHA1 de9083d2902906cacf57259cf581b1466400b799
SHA256 7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575
SHA512 f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a

memory/1244-4581-0x0000000010000000-0x0000000010051000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd

MD5 dabd469bae99f6f2ada08cd2dd3139c3
SHA1 6714e8be7937f7b1be5f7d9bef9cc9c6da0d9e9b
SHA256 89acf7a60e1d3f2bd7804c0cd65f8c90d52606d2a66906c8f31dce2e0ea66606
SHA512 9c5fd1c8f00c78a6f4fd77b75efae892d1cb6baa2e71d89389c659d7c6f8b827b99cecadb0d56c690dd7b26849c6f237af9db3d1a52ae8531d67635b5eff5915

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\BrowserInstaller.exe

MD5 199e6e6533c509fb9c02a6971bd8abda
SHA1 b95e5ef6c4c5a15781e1046c9a86d7035f1df26d
SHA256 4257d06e14dd5851e8ac75cd4cbafe85db8baec17eaebd8f8a983b576cd889f8
SHA512 34d90fa78bd5c26782d16421e634caec852ca74b85154b2a3499bc85879fc183402a7743dd64f2532b27c791df6e9dd8113cc652dcb0cdf3beae656efe79c579

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc2f7823b185d73ae088173df5438bb2
SHA1 19647bdcdf9dd8bce918fa9682bd7e02b34f0b94
SHA256 1d16d89f9f5f4b99077923f1b300480ccdae1b538086c60daeb9d1fd44436463
SHA512 41ebc09ce7a0653978f8f7d6c11f481d9a79f19eb59606a1ae22009dc42734971d6a6d9883063ddf987b90630448325d8ef3fd7742e3617a0583e3a3c1d9f49f

memory/1244-4616-0x00000000000D0000-0x00000000004B9000-memory.dmp

memory/1244-4617-0x0000000010000000-0x0000000010051000-memory.dmp

C:\Windows\System32\wbem\Performance\WmiApRpl.ini

MD5 ffdeea82ba4a5a65585103dd2a922dfe
SHA1 094c3794503245cc7dfa9e222d3504f449a5400b
SHA256 c20b11dff802aa472265f4e9f330244ec4aca81b0009f6efcb2cf8a36086f390
SHA512 7570527fdae4818f0fc780f9f141ab6a2d313cc6b3fdb1f7d7ff05d994ad77d3f8d168b1d77c2555d25dc487d24c18f2cc0eab505d1dd758d709f2576aac1a8a

C:\Windows\System32\wbem\Performance\WmiApRpl.h

MD5 b133a676d139032a27de3d9619e70091
SHA1 1248aa89938a13640252a79113930ede2f26f1fa
SHA256 ae2b6236d3eeb4822835714ae9444e5dcd21bc60f7a909f2962c43bc743c7b15
SHA512 c6b99e13d854ce7a6874497473614ee4bd81c490802783db1349ab851cd80d1dc06df8c1f6e434aba873a5bbf6125cc64104709064e19a9dc1c66dcde3f898f5

C:\Windows\System32\perfc011.dat

MD5 5afbd30597a275ad6d5e98187742c01b
SHA1 4e9a82a388532a0fcb3671047504384e040b48a1
SHA256 26ee1d72642d1d79b307581e6027a259696d5e3299d9d6685153a68b8c58b61b
SHA512 6d2514d6a12809a7db4901b586b57e03b6e5b0cc4ecd1baeb4f5188ca033773f7ca077fa8e8beadcf82724fd16d9136c0fc252a0163b71a0ff0eae3363f2c0cf

C:\Windows\System32\perfh009.dat

MD5 a89ae42f5a026c19299f9fa3278556cd
SHA1 ec0a61aa2b89c9f80c734006446f124530e0f66b
SHA256 94ddaf67c6973113ef2992feab11bd2147194541c8c8efc82f7b51e89fc08a25
SHA512 fad978dd060c6a507d8be487d8478f4f550c2e3fa440c8b3f90c19771f9e2b0d34ead3fad6f026ea233bbd5ec0f5274b7dc6bab4ea4d090322d4406edd3a836e

C:\Windows\System32\perfh007.dat

MD5 3bd8043ff69087c78cf81f0aa082664f
SHA1 c669871201f05f6153dfa3f6a78d4609d818568e
SHA256 d1b8be34dfdff53435bcd3f176f7aa9f17aa8f1145c42edee1ed1eec9faf02b2
SHA512 a51d2bb5641aaff1ab091a1c331b6e515bb333d2dfa9f09662d35b2315e6fbd14932102167075cd8bdacf7c8f57fe7313f7b1639090070851c2ecf7662384d6d

C:\Windows\System32\perfh011.dat

MD5 33cbb4d0e471fd527da2ded235fe9636
SHA1 aa9d9b062511eb38a1faf9a740f8fb709b02a7dd
SHA256 73174de99ccd45c2a8d818742ed313a55321186162005c0f2567e162954943a5
SHA512 a4c17182347bc3c5cce76562f26b27ac62e84c8589dd91d2840a452b6c593656f3d3a2fd5b7f207f32be0f5a0494bc44987fb70e6e8f3a756a0703df20baa93f

C:\Windows\System32\perfh010.dat

MD5 a583c28c05f94a635bd67fee2d905a27
SHA1 a4af858c69297cb8a59cade7da6e5a36b43e7548
SHA256 c70b892d93e93c37c826ba97459e8fb724e6c5cf6dc2288613430fc59c0c1eb0
SHA512 06626f291b69e044e8e44fa46576c0287e4df434cd07b0bdb1b162fed25ddef652e5ad8d08d984f2d7d4c027c8ee032eef485f7269f0a83e11c1fa61f80a5d67

C:\Windows\System32\perfc010.dat

MD5 31f061dd23766fb40b15c9754bbc5a61
SHA1 1d6e9a4b87576e771c2c2157919236195aacf4d8
SHA256 2e69db7389943a3ed9aee54788510f229b1462c6281e2a3e54d8b7e83fa1a0df
SHA512 49af16e7d50be8025b3ecf6d4c965339ca4d4db29d3e606318c94f8f0e68d7914c57cb9ee78f5b8d35f5772c0b6e008b3196932785625019d28e6fe5d6ad7369

C:\Windows\System32\perfh00C.dat

MD5 f5fd5898bda4a68842ec6c6a9088adec
SHA1 f974a58b258b438e79eb4bea3ae54a91f516a10a
SHA256 e962a408ff9a789b92bc1429637cb30e00fc47bfa3b06a7fd7b22646e1f5b872
SHA512 932e551597139b85b4faecfa9156e7e98d33b5dad4bd6f4c40504ced7b032c8fed223b81f056654a75c66a8326c51b28fef102ad55d5b224722f90c778b6ed98

C:\Windows\System32\perfc00C.dat

MD5 ac22e4ddfcafca323b25a78120008e1d
SHA1 1a22e811a017e48900633aaf28c8e3d0f647dcfb
SHA256 4ce9124ff763431485fd5dd8d2725f9baed086e9b94513f6ba7337ffe6f13308
SHA512 c1cd3db4455cd599ba8ce9e735a75622fdc6d7dca02409bdb1af00e2c47559191f64414a011bbfa11990eb7d0e67ec10edd8bdba9fdcb06ad3b4cb784f6d1bcf

C:\Windows\System32\perfh00A.dat

MD5 ef8cce0162906b208cff1441fe71f927
SHA1 7a3f2d0dcb39698a6ec9190ea69f2ea01d76935e
SHA256 ba9df27d32c3fa43d6840146e28e5266908124efde25a4bf459d908c232a88a7
SHA512 35b3dbb9f5cd8b30aa0a26fdb29c562ae65ab9823ba477f082960a19d354a68729008e3c0cfce2f8cce66f6f5bab9fed7d6cbe62628c7a751bc4770a4560f5e8

C:\Windows\System32\perfc00A.dat

MD5 c6fe83f357de22f711d81ff85e7b03e5
SHA1 1862ff629d0760c521b5b2d351ecf0cb45a97fdf
SHA256 9480aa369231d65d5e1006acb3c6d4331478fdc9bf4ad6e3a7094449e42c3640
SHA512 d1ba1e46fee1fa0b610628c288dde5438cb59daa22867a014e5a94a0ced3d95fd728eb8a0aea3ddf882217c4ae99abfc5c59ce5178cb21b1ce72a01b5adb37ea

C:\Windows\System32\perfc007.dat

MD5 6e71c59a539ba8c2d46c4c8f478edf8c
SHA1 868558341297d83b247f8be13b375541eb58b886
SHA256 4e4e1300a939cc5d58d0c6914410d5ad8eaf876571011fa1c6f0ce27bf59822d
SHA512 1a86ab970d99430334ba14cc14d75cb902f267e9e15019afcb64400ec6e4335adae3687a5916ccfec5fd0c82c89bfeeac2aed0c6aad693f35e7326f8fb158f9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 907607a7524d14b8441e06aeac002ac1
SHA1 edd397c0e37173d38d35632c3139b14ef304827e
SHA256 2f5f381822457ab2a90f38d820a4d92cc0cb6bb63ad2405da72a7f9008956f33
SHA512 726d097b5e69fbc319ce6aa1eba321ee643da7fa3504857680cbe494756b921ae8ea1af818acc448e69da5110d0dc6a97cca11a49639c276e727ce546bdfd640

memory/5804-4786-0x00000000001F0000-0x00000000005D9000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.dat

MD5 7d59406199bb0dc15868de4cd763e833
SHA1 11358676ae6f2f296a14bb670b5e551274bd3916
SHA256 92cb2f5817ff912241c24bf82139e150188c2076d9c8c624701d813e2eb29a7d
SHA512 132d5fd76650b0a17495da8cd76cc7382d0d208c05c0c2d9f8e9c573c280374d21c5b78468970aa5766ad944213d9943d784f27bca44bf27705c157be39e6790

memory/5804-5453-0x0000000010000000-0x0000000010051000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd91f87c515b57c48593a5ed5905782e
SHA1 c1b7b02cda5537788fe6482f9348ff81586dd744
SHA256 164d06fed3896ddca61158f6f6276635e0e7afb4ba00bdba376d8e195eac77bd
SHA512 a910a2944aa220f3a42774b65634126efdbea039c9cbd543ba7afc3454a8593db13a743e901ae7be088845336e3b5e40a8c9397110ccff6f53c300c5d1991355

C:\Users\Admin\AppData\Local\Temp\check_latest_tl.txt

MD5 be27a7da181fe2e0f9daaae4c93dc291
SHA1 79bbf661f01c7d11916343bd98f0ec594a4c2434
SHA256 ccdb663ffa26bada8c166707005ebe784ca0beb9297de2f183f662950ac8d31d
SHA512 caced540aa47296317a88ac0c1a0932bfd3eced56ed653ba74e9c2b5bc0c02b20b3fb79f814a2ecfbc85f65c592ce1c0bec4495b2928b2ddbbd41300b083062e

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\IRIMG1.PNG

MD5 75ad0ac83402e7a8ecf154efa31feba1
SHA1 db2df40416a26580c651581b4ba1a0b5b26357eb
SHA256 e290ef30a761839e4f2ee4baab625d3466ef183d0c4e2419c08374624591a545
SHA512 f8e268138fadc3aa3055ec445e9c4b2122811603b28e0e2b8cd360f696167810556c13c6f78217e638b37d61e7c1bd68016f64b6c0814edc54620a92749d0ec2

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\IRIMG3.BMP

MD5 f5d6a81635291e408332cc01c565068f
SHA1 72fa5c8111e95cc7c5e97a09d1376f0619be111b
SHA256 4c85cdddd497ad81fedb090bc0f8d69b54106c226063fdc1795ada7d8dc74e26
SHA512 33333761706c069d2c1396e85333f759549b1dfc94674abb612fd4e5336b1c4877844270a8126e833d0617e6780dd8a4fee2d380c16de8cbf475b23f9d512b5a

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\IRIMG2.BMP

MD5 f35117734829b05cfceaa7e39b2b61fb
SHA1 342ae5f530dce669fedaca053bd15b47e755adc2
SHA256 9c893fe1ab940ee4c2424aa9dd9972e7ad3198da670006263ecbbb5106d881e3
SHA512 1805b376ab7aae87061e9b3f586e9fdef942bb32488b388856d8a96e15871238882928c75489994f9916a77e2c61c6f6629e37d1d872721d19a5d4de3e77f471

C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\IRIMG1.BMP

MD5 3adf5e8387c828f62f12d2dd59349d63
SHA1 bd065d74b7fa534e5bfb0fb8fb2ee1f188db9e3a
SHA256 1d7a67b1c0d620506ac76da1984449dfb9c35ffa080dc51e439ed45eecaa7ee0
SHA512 e4ceb68a0a7d211152d0009cc0ef9b11537cfa8911d6d773c465cea203122f1c83496e655c9654aabe2034161e132de8714f3751d2b448a6a87d5e0dd36625be

memory/5804-5487-0x00000000001F0000-0x00000000005D9000-memory.dmp

memory/5804-5489-0x0000000010000000-0x0000000010051000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4ab08ce4b3ed525108375490a28257e3
SHA1 b77b91a2233648670c7303caaf33683eb4047df9
SHA256 1418f171ba5bf0e6e4b9e19cfce20265fe1ec248d427de8e4465f9676e049f78
SHA512 99425925b6c2fa9cec7c24ed90fe2b77d980f6686cf7207531cc23d7f36f6613abcc519fb4db607be44f750a878e01af9c5d3e6481727bf6b87dc4bb670c6aba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a8f59ebbc590030555a1a2f189e0a6e0
SHA1 593cd8ae8ae914293fb3928c0ec04a62bb51c817
SHA256 4de7452304e7e1263f259862b9499821726ff4b37bbb800eb384334b005e4524
SHA512 597feb89365b166656c4fcc5f867c54d7d489529ee2b941cad5eecb6f51dff68fd881d0433852325500c367d342220320b8fc98e8ea3671cb5e2c3a83b981838

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe5ec9a7.TMP

MD5 84effcf1d461818235aee0a6c1c60cad
SHA1 759848a3bffa8b21d2c16bb0759619e41f3af414
SHA256 7108150a13ef0130d6b3e1d7a85460f05d10205882fca1375a0b7fe8d170c5be
SHA512 a4cf74f759ae54ca42d0c33785ba53bc9416d07c74b95a65fc49f2db6c6aa7a4e7a37473934cf749e369e9fd2739a797b583b0e8e73dac1bb79e19f91d5a2675

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 46cb7641be727eb4f17aff2342ae9017
SHA1 683a8d93c63cfa0ccbf444a20b42ae06e2c4b54d
SHA256 944fff1dd6764143550534f747243ef7d84fdac0642c94135ab40f584520f63e
SHA512 dc1b5f363e90abff5c1663a82764296922c842820d2819805e87da6da1081f1b5f2d8debc83ac34a26ce289b7b22588b022433686b19b039074ae184968b9fda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 005da9676d06fa75173743935f7f3d73
SHA1 0c6f281ce8678981a05b76ba48ca42219e478227
SHA256 d63497302a0d130af484ce3e2cec764ec87716f845ba48061d152f8ba8e001a3
SHA512 65d7289715473ef49cf8085abf46ae5ac8f5fff978463391a4a3d235c661ab0bf3e4d1484d54a9ca68680e1dbfc06fc7b8407e4ac5c341822ec5b798d2146b25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d3ee8815176f9de0e61ca5479f7f7dd8
SHA1 bed91ccafb9563a1ee299f94557d6bb3cf628425
SHA256 de98a9f9bcf107039860db33390ab2de62158a719fa42e413e6197adb48c1db6
SHA512 b4903a3a0232e9216f483e237ca31d5e0dbd003ac05af7b92de945faac97d503639f59c2d8fff1892d6ed1434e768230f4261e69f193a337ca882af7cceb3a7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ee4b005f417b83d42a29e01cd3c1091
SHA1 dc704c0202dd41f35b1b29497d423b46d0ba3c16
SHA256 55bb5ce5945cfaa959107ac44cd621e0a8544cb0d2e8a817dcc29f72341ee408
SHA512 779d4effd47fa4ce39158885de624b8d40eb2048bcd9d6debb3b4e124ea7d017ca287da03780b0dad0d688b5a45545024341f7c6665a1ffc74f2f1a994d489c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3986cca740a76562d8c2298e23855cb2
SHA1 cc251295126ade3db36ad19c74ff760d00db5bed
SHA256 378fdf6222310688951fc932b424b4d85bb8b060eaae5e024abfa0864b801dc8
SHA512 00fc77a52162724d7529e776bf58151ee00ae0fa466c9f5e9bef96d6d368b9ac9e84bf63ef896665fcd1643792f5a2e911221e909fce00992f7057afa7aa01ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f060dd3a9d519c87d79f0600fd7e1638
SHA1 6a31241e555c8afaa813c980d19ac5c336dbc79b
SHA256 96915eaf86a6b9729bbd2fe0f6af6d3b1577230382754b252b3e844c135ccce9
SHA512 6772cc7e87767b8d382d40adb3eb8d24df290ed632007b9bed8a2041c9856d37b642a2c06beb0b3508a46d408a2b2b0dde1fe9c29292afb98a8cc37881de11d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad8fa7de52d296bbfa0f185eb6e71d4d
SHA1 a7b338aa7541d9e03431c6910240d195b2333d49
SHA256 47e0185a486e427df8fa538266ac949d95d0a1232887bc9c78fad1c0cb571228
SHA512 0f4715bb5a3fc427b6dbc6d91172e03df23040e44e8109a035103c08a6d777b498b21811b48ec9c3719b95531aa7ddcdebd23db8503c06e9511e4a80b256fd46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d7ed18aeb690062e490e928dbdd9750
SHA1 09abcaa4b7b0daea14901c4e3394d008dac9a6bf
SHA256 d16249492dfe7824900feca077f02f51a6af21f4edacc52280ab036021dd504b
SHA512 5561383cf4d1e58458198cb8c2b3e5e8fd5c0638d22bcf9e7319ad403489141945b02c0200e072ddb4cff540075f132acfdd01547a8f649599b05b50eee10d06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35b255d920d5147a6513b7e9949b9c64
SHA1 ded4aa97440fb88cd2edc7c9aa0447830086e788
SHA256 593c88b3992a1a7dd299c8c177ae41826288e5209891254c3319ff4363ba717b
SHA512 d607848e6620365e3fffbbc116fee4303c34dc49f8839fdbed80ef02335bcdddcb56afb39c0a6939295931f49cb76bc213153598398fe4f78d66c126b756a6be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7910f77cea954e39e03a6baf6109b6d7
SHA1 712c3e44b8c5d382001084382f64ffb007558d6a
SHA256 ff111463b34199de7a1cb022270ecf0fa24a7b41625ac794049b2697bdd1a0ad
SHA512 6be48f8484b7cc321645a3f138e1ff97b81e69717bd94317c4541ad8eda9074ca074585806bee3e99720c4d319ca43cba58668a07c91d8cd845894d589738b72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3371873f0876b6b5943004e866080b32
SHA1 bb060ac374f7018a5e4647fef8bbd483bf4909fd
SHA256 6bedce6f3bc30acade33880fea588e2daf6bc0710a94a8a387dbb725236a90fe
SHA512 77ae4c3a199c49124ae6d39aae1be0d93796644532d4648e9ff3a86db9b8237594895498086ee7420df411cc6bcad35fc7ce1d9006c96073b99b3d9837a91085

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb539fae0d88094ac00c26822b2e8d25
SHA1 c8e8e6f4a557c179b8933a70c556b000319dac78
SHA256 e327f1a684408a5b0af82c7445d11929855c829b72a8a4d41ea4388c001db062
SHA512 0db13fe119fe68c865845e642ddaebc421ce3131cd1b7829327ea7cc1ce271274423c23b5a3bb8003b010473a7a1cb73ba5b8b79dc88994f5b59cea05513ff34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8e23db230cd2ce07af7143aa59ab8ac
SHA1 0d4e18b1a76e28df9c95216fb079d66c400bfefd
SHA256 7e8cfc155c95b0a709993e5e459159cede32800f9f92ee9a881730cad301567e
SHA512 8aa8c4b2e3a6e62f917bfea2c72d780266c2d315064b11b89c63fa29571fe0a841e448bbb738aff5f938ec4a56ae3a77edbb2e0cf4299ec06ea565560f9deb6d

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 e9ede41b5bf8000c516dc4e229f00e57
SHA1 e04a2b6777080bf040b838ffe057e2b076f2b3bb
SHA256 68ae2d223e26ce9b83787a1b6040c15815414a9bed76753633ee27b6a495a373
SHA512 ac8492b158140fc09c620aebe61e874ba907419bef0b6794c5a534c935dcd1d10dac64bfcc0bd84d8554b77cb9bd451ad1061407a20330e3474f0135d5bfd780

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\INetCache\OXZL6VQ0\trans[2].gif

MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA512 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe1fa2532059f424e25745ed9cd27fb9
SHA1 240a1f105962151d63f8c8ea8beac01c36b29989
SHA256 fa91077c98aefb26abbda0e34b95c5d05b2ea93a3e372972e3151c3ee18b63b1
SHA512 9a90e5a0ed52829ac2d6b565e487d3129a9a79d8f4a86b1fe1664a6b254756d8762213fa2323d5e0450f70f387cbc177ccb06e7c5a6a7fc5f882bb3f71f923f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d87a112cced8aa1469ca78f7b6ec0604
SHA1 457ad710c5a0aa3067a6a0a9aee67a274f437de8
SHA256 35218d1ca65f48b7e8353824aa5839a1cecf360ce20c6ac3a426a8e9d65e1bc6
SHA512 44cb5ad6ce99a370ceb61c49c3b25efcefabe6cc764fdf01ad947b8c7dfa69fa6ec57f78432f5f780ff94d02a33d6b6659e2147a56acf62fbf5417f25f33ab30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4cc794f8b0bbb36790cabb765f8c2ffe
SHA1 6d6b6c412c5ad12e22a0d9d9ebbd1c0effba51f7
SHA256 b2b48e2be0d77f50bbd3c5f897a7c8b53531a8f269ad4ddff1842085bf955fad
SHA512 c511d8ac17f348a58e165c40c48c5f6cb13edc5bb4aba59d86f70e5633f557d134234a1cc959e065c2798342875a8eb8faa908d23b3d2773a11bfc1695423ac2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf0c1e405f07de1c47042b6c347d6cc1
SHA1 e76a5dde0be7ff14b81706ae5fe0df8d0322a399
SHA256 08dcc13bdcdf2187793aeb15929d03cf1141946ae188986395193a979c1ea5fc
SHA512 88dd65108ca4ca2e82e4ac977d17f316b9116ec4ab54da77104d0fc743831c196d0721b1b56c878e668acf0cbe3f6aa2d110e0e4516bb9b7e577238a29b41ab0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

MD5 6e16a0e00a70defc9c40ae9ece97c9e5
SHA1 9772b4012ee94ed05356c98ba7e27e71283211d7
SHA256 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532
SHA512 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b0965dc7f5da0bc51b595e94e073e2be
SHA1 48e07dcf3d7ae17583f3a0de1ad0a6dcd6837d37
SHA256 8664205c85058705a4db5dc135dce9ed72c1b65a9de4c4237df745d39910b7d4
SHA512 4c7eec201649cfffe75c1cfb26e0fd51e49aa0985366bd6c3d208863f273c7b2e2289edb35d728d67a0d0b533980c877e0d4624df48326e105f2792d31c643eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b738f3b34fe4f33a454e30ecd7ff6aa
SHA1 a524e4e4a9be2ffbf90f1a50879ca7a050fb020f
SHA256 a3bd022c9c2af4fb4a16d51501dc8acf99681f0acee52197591f57c1b08e9934
SHA512 7ff1dc9a472c44ce3811033b378a11c7388e076780d334e87fdbafdc0f9053864f50d5c6737f6177b3c9332fdb418f5956f022ee8a10ea58659dc010cc38466b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7de5029e48e71b7d0579dcb576cdceb8
SHA1 13acb3dbe52d4f411dae71d29959fcab4b673a06
SHA256 7cd9c99bede003f23f3cb20567f7a37f055e35e40d7c97ee98a02f3e0abe1181
SHA512 84150a5cb2501cad5a6226f54e763c9d185e1955da8254bc72dfdfc6f24bd31bfaaba12ee887e5cf5ecb709ac7314ab73f2f4c61a8171c86651bc0fdfad3f4a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.nvidia.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9fb28eacc8cd5eb65e9f9f177e77f1b0cab86165\index.txt~RFe6198e4.TMP

MD5 b3250cd0fecac5ec96bb8fbc4cfdf41e
SHA1 3e998c56a19014defd6af88d5918ea4bea8845d2
SHA256 73069cd66430111b6d23249b163dd853a14837325c007730b0dc27f2fd9f2319
SHA512 943be203f53c308affb5725d6a565d786f3ceaed78e41da0a00ea65cb978e37a1d16ae929fb08f9191c0e52610a06dbdb0d8a0e4b289be020457e3c0047c8583

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9fb28eacc8cd5eb65e9f9f177e77f1b0cab86165\index.txt

MD5 18e1e2771e517dc9107c82a3fc4f61a9
SHA1 76ecf2f6ef234fb46ac1561a8835d20fb5a2ea18
SHA256 d63e7e02202926556a513630958cf09cbe940757f9edf03af4be89648487dcf9
SHA512 755100ed33a33806c55fad9641a19dfee06548a10f78c7651861364cfc8dc87ffe822367530b31f5958b75719ba71d53df252e3b2ebca6cf20d45d4facfe6f1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

MD5 3bbaac229206bd92a3e4400390b2ef73
SHA1 78c881ac9cf6ce55ce3b19ab5596282a6dd4adc1
SHA256 c86e0c059420e48b62d18097104ab5d04775097c7bea2a2474b78ac6d130be3f
SHA512 dbaef238fe6888a230d092a6bc3080d3e6ebb69fced42f15315e53b15bf0ff003cb2cc02c945ab9ca31568746476e587810d935f2e9d091ae70811c81fed3dcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

MD5 b0989814f853c247c10512a08e9d7ac0
SHA1 c0202190114bd91396696bc83ab15c3b2e03bc40
SHA256 a069e175f139ed8d4732bf5796102ebc73c3cb241d491bd3fbf391c976259db9
SHA512 7cc7461691954907755d0fc6ada2328c5c747246206c10f8a941978bb6028bbac781dcb90d622fb8c5a8c69e19c8bdafd75ee74f46f1dbfaaa64614fe7ebbd40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f

MD5 b86779553269fcf166a0e5119945bf21
SHA1 557479a902103bffb007bc50ce8b8bd42d0d3a0b
SHA256 366b985614d56fba24451cf58aad1ad50e79b20a34392292880fdd9d7928a93f
SHA512 06cf36a17cf946f832f1b348e8d47ef1da2523f32016e464212f4199b771f7f5ca05c16be04cf1286b9c97c2e690806cfaa977e952fe0fbd4a2377d3790ebf97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077

MD5 ecfdf125268c2cda709417675dcc2c1e
SHA1 02b1e843d5d1bd108814c7a53b700dbbc2043f1a
SHA256 fbe1ec61a2f8624b419f19722b4b2fc175ab27ce1335317b7a20d52cb2127753
SHA512 f465207249240beb67b0b8f7b7ccf37d9e42927775ac9572b481f22a5383e0a9733f3348df8aa2cf38c3fffce8e34795852b7a9523c609507979e8ad6c9701eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

MD5 590ce0fb47b2e90a42381cab1b51406b
SHA1 34d23764fe32eb5ecd93fc3089fb11e7eb30d7b7
SHA256 7543189007f5326ad6fede1edbf2b2866f8d793d9e0640b93d82b4d452a43145
SHA512 0fc5b0bf495092e2c98de6a1577a143579c98374fe290738acfea60bb8589e544f583b5ed6802cc058d8e9e9d487dc61a3d52472ec0e5dfc2348a2bf7eddd42b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000082

MD5 d6b358d2e514f9a64ab113d6a81cef46
SHA1 b7d94eeb1e79a480d3b491a33e976ec886d2add5
SHA256 1780b936bdab30cb39cbd93accf4a7b53ebbee79b7a0cbee2ef11e2ff6d4d97a
SHA512 9f4ef2c62deba45cfd5de0526f78f72b1f5149a4deef0532032239141c06c5227a02a47cf447a538695cdb4ab3806a1c451c2143f213d7d6ccc80039e5464a8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 f70baa579d763f4bc2df9911cd97f38d
SHA1 cb6ff1124c247215383843cb88bf36473aac769f
SHA256 69c6971720ae95f2ce455328db7afc3b142f1c2861abe1048a48c6efe72c1816
SHA512 2b320b07715c8326f870a649853aff109d1bc3fbd4b7e79363dcccb79a42d3ad6302e56ef95d769a3a37db7a5c606164cc2098f6d3e4354d04ba2b197dbdf775

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087

MD5 722d31fb0b7c7d2a7ead7bdcd032de8b
SHA1 8199000e1f3ff1cb0f761a1c5f10fc47d665efed
SHA256 475bfedb923449fa32d3e05181d3f9eba65f4346a5cecc51e0425f8092b46898
SHA512 eac5aad3bda943e2db3ecfa6c5e7cec6463ace80c80661c782dea008c3cda3bcab75dd3509a5ad87c14aa19cd26ed6207ee1191ba216dcebeb8c1fa9c394fe81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000088

MD5 c324d6d6e1842cc7e46cf2d8f7e0fec1
SHA1 7caad4e9f9f13ba05389c593a0dbe3a2c52e70b7
SHA256 2ebe5f6b8755fb123d3567795bf8b8733f4b515b4e88facd85461347cbee621b
SHA512 0e306f6a4c6412b614871d00d6cc77914876fce44b77a4dc8a0655cd4ac9ef40517ae21c163bff99583bef6d552f62c60857d14f4b1ff42ee5c14db1dec41b63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

MD5 4808a6b43a9860e0ef460f96f48bc008
SHA1 82b17ebd0c4945fd11e5c69980967a3c49152ae9
SHA256 86d5fa90695e528b8dcdfbff90ce6e46f5dc2e4f638c40c6a2174370d4a7855e
SHA512 d8661e8125e9ec62ba3a190b879a5f3fe90a3a417375bf87f17b6743a8e296324016fe3bd75284e9967241d16df48a26aa802d268dbbee874287db86475dbf62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b

MD5 a19bc04848b3f07675e90450ef7523a4
SHA1 475021aa846b97ca8c0508a2362ef16e959ee0ae
SHA256 d91525998a78e132e52494e426cabcea988bf6f59f1893dc0f9855e534cc817d
SHA512 4c7d5d7248a930c943fcb3e3d950d524e93890f43e7ff01febc4168afd5c8252adfdbb863534c347647e70ee3beb44012b4d1b2efcdb5399f0e510fe0e253906

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008c

MD5 8268dfd8966015f90eacf2f0b9295930
SHA1 88e90f3c2b29b8015e336b609bd862d4b66a7fef
SHA256 05199c722eed71a6e90953bf74435c66561af1fefae41663a381358531b6840b
SHA512 a60b4687dfdc6d72e44c1ce6fa22d287801abf5e8151e0ce2bf9c66c4c4e32b1862806300e7544d4d4e48d8dd448265839a59e46985b5be6da5701194ecccc93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

MD5 4fad09541ca18ec297be3eec955b5fb0
SHA1 c5ca976f2e9160b53d1564ab675503d9b181ea49
SHA256 e88ccdf63ff2dbc9f393eeb316fbcc861d6a389bede48f9420875d781890a68d
SHA512 b8697b03d3018f3fe5e0b7b6ea3c5778634a882ccdcf7641867e3e4ae58919b18171cf51e0025bc6c69f65055725e3e59c94cbca5a3e4634a29a878ed2592136

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008e

MD5 3b4e2c6f1ffd958159d259c891110eb3
SHA1 4e4cd5995d1edb161bf5e5592cd45421bcce0e7e
SHA256 ec9d5056286648b78e548cf06a6e87fae8dc5d23a731b70d742b489487317b17
SHA512 0d0008dd8139a9386b76642a9a34a37f5b9b16d34063a099a20a804e18237a8ebb831450d05231064a71f10b9b33c8b71fdfb21a293404d01ddbaa0b92b2d01b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1270e00c16c20127a329d0aa6f86c27
SHA1 bd4ba8e532ef4446a570755718ecc094fd450542
SHA256 897eef87ac868ede67561c5060b24f333f4c70116a44aed177d461ee1391b8f7
SHA512 ece3afcac5a45b9f671657aeab222f55bdea63612040a726f9bc14eaae5ba888adb33342f29660927f485cbb6baf37a38bc801607d39b290c0a24c1dfacec88a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fea115b83e3811d16d369be168306ac4
SHA1 36210503a6607e00dac1166001138efb96be6d43
SHA256 737f2c2dbf94edfa7e3ff7fecc3e064957de16ffc7c0da1ce4f593ffa9d6c8d5
SHA512 222a94140d4c20591d78f1dcfc0c754e4e07ddc5d949eeb3aee4bb5c8dda22a15f9e1a28d7302371c261072f13868e6047ae37e379e1fd41eeae74a91e5c72e4

C:\Users\Admin\Downloads\Unconfirmed 14454.crdownload

MD5 2212d243eddd4dfafd8ce863c75cae8a
SHA1 fb16ef827657ea2b608f528fb965ec651a179344
SHA256 5192da63404ef6ddb588f75d62e4e658b0dcc9c317cfabbc9cf6da9d99d16182
SHA512 564d0a5bc41fcf22ecf213d2918b71094da9289b1513406294ac00cd5dad9085a1065a97539638d3d2dbf4904e90cf91084b4671e88abdcd15ffe6b60d89633d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8855d4d62f8891f4ba09b82acd188b79
SHA1 e63087a534de1a3e278180a82009782cf1419d0a
SHA256 726063acfbac3132f61ab4c1733893eb1519941938e94acfc8fd79a5317af694
SHA512 2483a6c44d48fe6ca62eaa8fbebdd4308a0551d91d43b2b3941610056ab31b84ef91f602a6b80ec8db3cc71a96cd4d5eb066100b330f778904b84673031c7f2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0ed8198cf49d25b87dcdfae406d391a
SHA1 b3fec11f6fe58c4d75729e8ff4056e9884ac1862
SHA256 eb4c9586d6d6fa285dbd79632f62bc1c58a675657546136235889a489c491e47
SHA512 3a9c72d8bd4d957e365a350f069aa7bf46f9cbafca88891df7f9281a432767041533413d9c436a9863542f6dfa3094093420117878870e120db06781d215c2fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 4b948e8b9fe619a93b0d7c0a3d39dac9
SHA1 465380f3c83b5cb1e350be7941d54bcbaeeaf71e
SHA256 2845ae2d05acf9e86b8f5f1b6b058279f720c85d58f1628a06281d2af6b7871b
SHA512 cc21e7de1d7ced648b15aa2a83071a047b89e38f63b8448feba5b46281b1b2ad9bb3cffd47c43329d6323daab3b1240a6e8d4fe2be3d4857a9e37977f4e0ef7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9fb28eacc8cd5eb65e9f9f177e77f1b0cab86165\634a1f24-3708-4e64-a328-5317aef16966\index-dir\the-real-index

MD5 380e82b062cb4034a7eac2bef9163388
SHA1 757843a5f71f88d59eb551c70ada57b05526df51
SHA256 bd73e39e406782893259a3c89cd1364b1d92870ed2d0fe367447a516a92b8db3
SHA512 40995c3d0c2397570cb599413d3c52e3fb39b96051302f899a00325cbcd092bec6f73fd29f0513ca7eb42fd2810805ea02e971aabd4331f03d3c1a882781e865

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9fb28eacc8cd5eb65e9f9f177e77f1b0cab86165\634a1f24-3708-4e64-a328-5317aef16966\index-dir\the-real-index

MD5 2768f564c245f64e6047b5927ddc3790
SHA1 c4d7708092d367cbac4bed281c8f6fc050bf100a
SHA256 a43b15ae16d483b921b066f28a16ca58402045967d4b6109b1720787a4e936dc
SHA512 20034d516b6875795779bf1b3b002eb474c3c60ac2067e7c7c9b1d70bd406638611752e4404ae251a92fb7e19315b95383aa80ec95fdbd6c7358bbd7ac41493d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9fb28eacc8cd5eb65e9f9f177e77f1b0cab86165\index.txt

MD5 84dcfd3c79b9c77e0f051596063b1593
SHA1 bd9dfe9cfd0460dce0b4a8f7dc583ccb00272208
SHA256 0215b62f58c1e5c623a56ebf9bc60b0be934210e82807e0505b5d60920d1a0d6
SHA512 8f7bdbcc49b7296e2e91de9b0f85724c0c7d9ba4d3f6fd220439f9b0e6235e8b81bc47cf46df7190629c3930b1d1d29d1d44ed1bffb942ca95690333e1f0434a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e22bda9f075e867dcd16ce95b4a834ca
SHA1 e664b18ed21d815fba76471792277b081f4a2232
SHA256 c1485b886cc416ceee034b68b0a44fdc52e8973547987f5ea7e63dffb9eb2974
SHA512 f440704255c0cc3867ab9ee27a528dcc3a8c34a99e8acd0d88c443e527091a1c12869c680513ebb92d374dbf9a55d3223b6fcab3186dff2938e75051b5c83ed4

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 5c0066d73ecebad31759c037a3cc0e61
SHA1 ca3b3b05413068d732b6bb6c8bb5059d971e247b
SHA256 db568686eb34d8e9eda22bb74ff9e0c1aae6759d38f1762cd832ce6cfb4b758d
SHA512 9c6778bac234f63e2ca3c8290c8b8c2d0882cd79e62b0e8a35218d692005006f3b80b67c9e644f7a2bd4809f88fdfec505fd9e07d0a7275eed6eeb85b6574e6e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 94839bf54125d8d5885f36d7dbe58698
SHA1 0c71d69ac48cbe7b5157c4f26cc1c76fc203771b
SHA256 0ed74e9448981aa1bb9cbca81862617c56016538d2943a060b34c1b19be9d79f
SHA512 10a3c0eb7d98614104401b6652daa48a62219fda5efd11d000b591f3f2a3a88dd9c1acbf5b5ee55c6ea33ee64b0807f3c268f15ce6cb41021b0f17a9a1ef6ab8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 de9fe0391fa2c55141bd64fc1ae77cea
SHA1 b1977b96625b0085fe322261ae2cafee7e4fac3e
SHA256 269b92283b045642ff2b4c7965b7b03394b89a45aabf6db4f5ff9c57c76a59cc
SHA512 57dc9da98fbba758ccd87abfc903582fded260b9f01b4f94f75f2137bfefaca578eb17faac4ff0d7222ccbe9d873867f869c1f7db1c1af91594f76a568d13006

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d5c96e58d4bd7a42becfd74e218bb644
SHA1 55e11db07326d8b997b6b3eba48eaab161b2f88c
SHA256 e1b7e18e73ac69035fabe3b4f61ec62af1901f601487db1908fb5013c1dded47
SHA512 43c9b3e951c606276d79ae7c9e8303d14f16e57c4524efa3fd36db53290f3eef360cbeecfe1b00ba026919227d004fe3eaeb46c73a3681a55ce36c760e5f0735

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3aa6e703f20e98aec0278a469e9f2017
SHA1 173d2316c4375c915ed50921807ff1d26815d55f
SHA256 37a4dd39f71289a4de4e8688de73df0ba51bbb5764e8717a60536a82a0a80e9a
SHA512 5d942615e8e51616620f3101164d7d58ab6161051cd42b5fe1ae862656f1af3e8b747490c654a9082b0e31b3d326d294a4bee7d6585d7ba32e1180ac2094d316

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e25b316694372618dc2225f20d4a1e26
SHA1 fa3a6044d9834b7046b95e50be600b2b3a9777ec
SHA256 452f9a490d000bbf702a4260ea7f3eada23cf265a193878068f4cafb09caa124
SHA512 db05c4f78af5cfcdce2572a105fdb3470b8ea7fe8c0a0deccac0fffe50ac23af198adf6ac13f1d822c57d54d4dbb241953b4fb2578a57a7af1b7136048147b2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d13e6d62b2b07c59f076fdfb8b8ba633
SHA1 16ffc0b77bd97f85ac5958a560ee39a323c116b8
SHA256 b9d550d7dab5fad6b65b08bb6e560aefb20592235b43b9eb440d0f2c8266ff44
SHA512 d3caaf75016552c7ad37fdd6a25f5d670b7f3235a4aaed0499c3e499272d29d04ac6698ebcfb526ef35ef875786852247f373c3da27044ec04fe663c06dd4824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ae51174066623cbe5aa3a76c9c8b240
SHA1 7a971df10efec268ca54854bb7e0f229a180f2ff
SHA256 a220ea7324dfd360f350f6625975232b99ca0967b879b8237e908122929a2ef1
SHA512 44aa29dc0a84f6f26ded4be69650e243e4a294828861d33ef40b370e0f029ab54bfbb0c204a256497691f4db5528a6ed70064adec7bad58af0ad9dbb95a8d22d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3115b79322f375a8feb5be322a7e64e1
SHA1 4829d834846975572deccafa33cd834e9a690121
SHA256 998ed236129daf3f027bb9fd243fe98aa6cc32351fb76ba38f91c431efa3efd2
SHA512 eccbf7e0fa50a43dce1009573204391c72d3d6f2ec559f9e2583b20772cba122b5074e52d88227e67af1b880e06e4b81333d69676694f6bac53d988ae2aaeee5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

MD5 7f8637ec760f9d18258fc2d54d7956b0
SHA1 23562a1906ed51ee3238083fcae6ed3d336ecb80
SHA256 74ed165e9f7808f526b9851303180a572b8760d0c07c359e47ed14d0e7fbff7c
SHA512 73b42bd4b2cac55965dcc689736183424456ce8b6f7b20780d73394335c38e17f6727b52d1917afd6b495b605813f606ec551335e4e44430d1bec6d19abaa826

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3ecd982bc1b9caf5bce69ade1b711b5
SHA1 6a5026f17610193c075e436b2d74741839e2003c
SHA256 8deb545e9083388a230d9275083db18392fef68ccc9ac71a40253edba6c90f68
SHA512 ad61dcb2518444937b1f67f2598ac29041a5ef34ab1a026781af838eff02bf8340189fb621d18575e7548917290af877680b7a0484ca3b9c8a059614e17f948a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

MD5 367c5cd92a005251cb5bd831f780e761
SHA1 7ea0de2cd8b71fa9dd156763f504faf14d966372
SHA256 87c272fcc4bcf2b8f5d4b8b437609a235d760fa8084ae0214bab6877342b9f08
SHA512 80fe5d1ec48e8c5d9103592aca7331844f944e8cf550848058a0a1e240402ab1e9a0b6bce8ef76555ae671a5c170f58db6859883130e2cdfe8a13f00da7dff06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b

MD5 5f3c81d09c7b6028fa27eefe5a1511bc
SHA1 b91c0c84ad6de8db8abd24762045c21507c40cd7
SHA256 09b662ebd00a7c8c28abaa3dd5f61e84f2d3ede36b2b716aa5215b307f985d82
SHA512 0a7fb163eec8cb8ea3fed1755d43811c6ab32db5503aa65052dbb7cc1e26ec1fc88f36fab5c1cd6404a0b36901f1b62e7e94902433f39f582ca221678476b2ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

MD5 9f309ce7463cc38ded13626598f9c9ee
SHA1 1fa34958a5346b0fba21f5ee252269d0f5b2e96d
SHA256 16ca01bb60fb7bfe8b387aa353e00f96215ee415be25ad9c89b76cd1b49a3e3a
SHA512 1d198d3783eecf920d7fa23d3412411156f9a84e3c0a5918de2eb0e46d38da86381a81aec7c08bca7c4d81e2cd6e959522ffd717de413d7694295e0e1fa9565e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 877a5190f64550917f8d2507465d5e8a
SHA1 6409dc067cf7483ccda75b5a862b477a61ad2db7
SHA256 44ed8b093e3a6e6d93c17dda07a76fb1eabefb944d83dcac130a7adea5c55659
SHA512 92ac198ba09299c0a16aca157ec46f567c403f3edb952e378f47425b25623332dd93b2f89128f6e5ec21f9168a9746d7ce7a69945fd2b67979e7559198b4afba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 67a119e7118e3bab10ddf7b876b3ae3c
SHA1 f0babc3d85bc56f95cb895cf2735e7d05091eea5
SHA256 17bd01d34b7eef6c7d66ec470c275fc4fca70af8a47e37a776ceadd2717d53a8
SHA512 6c1e808537d9ca09d5ed23667d9a5986e7f663bcd2629c2a5c43192b1fb22cb602269675a83fadbd665a8e525f298c00b01a45d20b5b135b2d2a1cf8f97efe96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eabbbe17e82688f1cf2a591371f90671
SHA1 bb2dcaf94f06ea3c040abef83e11bec79e349bfd
SHA256 5c45c11bdfa46d847eebea4238a92167bfe86ae7fb6264a2deeaa30c7ac10ebd
SHA512 4972f7f88e7e1166788fd24a18679cd0befa3e6a31b84bd670907169e400a44c37d2fec4020b3a3249cdaafe5061bca8d1aad39daddd3c6e9232fb35006cd397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3824fad58c32b9da778bcf80181c2304
SHA1 84a06eb4dabe35470c9af4e199e978c28f607055
SHA256 97d56d6343b29aed37c167286c0b66c9e5848e5af6889817d758c790731d3219
SHA512 9717dfbfb525e1c9af53666a98322103a0f03ba312a18bf9af3e7f5177dc0d41a6b83a8449afbb431decaa4ad79c953ec946c330d6cb13273cd87cb236fe15b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63bc9d34b0d4941a9fb0e83e3a2c0428
SHA1 7ba0356d7588e403c47c691efbf510b5efc0a5ec
SHA256 dc7a5392ce4d28e32173caccd66ff1ca81e7faefb209df866899cc323d57dc9e
SHA512 35352627749dae8552ed14651a635e4ca6a43ca2d02b129b8d777edd54821de159769e5c0ea1bb60a30c3720bae9bf2c29734bc059182e4f884b87aafcabab58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c5754a6df4b8efdc0596f48ae992d41b
SHA1 c52fe12f36a4c7fa5bf8886cda9b2b1588677776
SHA256 ab04766bd3fd026e97c61160be106eeb97c47e5531b8469b1f8b16b5151fc323
SHA512 aa69ff9fd973708064258f970a1ab4f4a07282d8ee25c87d40d6f5ffcebad415e0c9d738ef0f4826cf95f79e0bfaeb9b9476099fb02837407428854a7b8b608e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c12f00e0b2f025812e179d1c02e99e8
SHA1 6f91ae0447870d54b1e2aedecd2af95ea193e33a
SHA256 f162b8131de9a2eb660a58c58546cf5a8d0929a1182bf4b61e75f08810c6121a
SHA512 545061c0bbafc5b3740f925ef805802ae87e9b0151e5484a3e59c317ecf873bbeb9ffdf679800b31cd0085529ac16f48c278295780c08de79c0bfb4e660c49b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cba0b56e26b72e26fb6263334759609b
SHA1 8f95bf859245248083f24e3a1781e4249169d382
SHA256 332367effbf10ea858105a9f8baf9815f56f50e02442637b126573427399696f
SHA512 d1bff4db2cedd54bd3774234984e861e3a04424a76fab4ca38a0a74994c630a19cf004cb5b2b5ddbb9129d8e0281c604d49b984851e9f50889447fe9762c2a7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73e4fd2de412388f96876aebbf60dbab
SHA1 1358f638b0a89b9fc8e22e0deb8a5a7374972e2a
SHA256 8edf79473d042cf27ff9abc7bc779f1764b05d0b2e01e325511fa258d39dbbbb
SHA512 f4b39f44ae51d2ae141037526d438084381c2a798dda9b645198ac61b6ada41b1f5ea79a6e9a04130d0639376a496ba5e2760528dfed1d7055751f10aa1684e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c5cbce774a50dcdde7c403601718dc46
SHA1 fd4fafcbade92b0aa15db4f52850130e53d2c9fa
SHA256 8103884633a150ea7e7fc22f197d8dc61b794ccb5be536b6911a75453071516c
SHA512 53dd2927dc31a9a8251221f3370d5606b2bbe852d974f0f1c4dd48405dc8258b15ad883f1788110ce039e763460d55f6b4521dbc5b53f10190226e18611d2eb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 be3eb4ef02ed121a8079d007bf978934
SHA1 55312a31b04b2483dbdfcb602591965557a872da
SHA256 51178ff0f34c70852b9d30f77184a2473650a528341524685ed17a6520260f6f
SHA512 c36fabba07d3f759dc91b353dce3a9fa4a99045cb3a2453f06ee5f8335699fbfd85a0e6f5b1e11eb9e18ae4fb2a0d80f6a7d74fa992024cd430536b3ca9c4ac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b31b022aaa9ada12e414ad3bf7e63354
SHA1 ae3d62306093617ff81ff355161536b8bcae74c1
SHA256 07e611ab5b36fd5ff4848154812fe3de9155991458f7d5cd68d6b326cf3fac50
SHA512 533fc14d42a3d4186667553a96cd0cb0381505da0fc201eb2d833facca5c68ceefe9fef53b17147e8a8c92bce46ef87eefbab012fe2cbbb1858cb93154e3f8e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ddd3c1c8adc57008a295431f6c23853
SHA1 86e0e61c6d3267236cf755f916b739f15c9d746f
SHA256 949c28633ec3114460c23cd04558851d143ba5c3d112c17af5a69c19a0df8c7a
SHA512 7228a7f9a85f2cd00587a21c409d86066a33a43f0a9a711aa8815e52fb1fe26af361adfa7bbd7606e3964067991a5b2dbb26096b34ec7313b710a4beedc70325

memory/2260-7391-0x00007FFF016B0000-0x00007FFF01ADC000-memory.dmp

memory/2260-7392-0x00007FFF016B0000-0x00007FFF01ADC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e126fb679edbfceabb04f0a2d989b177
SHA1 afde3af6899ef921bb8e473f204fa6b54d47efc0
SHA256 7422c151652499f223ca79140b7fe3d8f305c94abcc04d1f01b9ca1514223a04
SHA512 a3cc91bb43761e7a7cf0cff4116cbdbee382688f4b3eb1d9fc903510fad54254b67fa9a78f31002c31cd17128219faedd55c87c3abe76f7475325a82bca8f093

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2d5f1362e898d281f46c38f0798a80a4
SHA1 c31a300dd22082f72be034e6b735fd67a765bb25
SHA256 687491ed1f976bbab696957ec2087a0fc29434e0b240319c62ad52096a52fa03
SHA512 1156f7f91ffea3eb083164846699950eee7ae846df775815028c4cce9aa597976cf66933553dc0ff1dd4d3ca5b38b050b7a6e885418212b57aeb5fb9334da339

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0d8cd24da33c8e9efecc79b99b98984d
SHA1 d964c4b483478aae5d9b37ae38ab33ee193b4707
SHA256 bcd489b36e622f7dee029846a669713388a8a735bd3c2a61fcb3aeeaee06df06
SHA512 733d8f45b43d54ce9c06e41a4889c48abad9886fb0382691760133f391df600d74f09c499b67eef142d1115a9a5be3d8dcb54a2e368f0607fb82a83b74c8fdc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9deb8d1bdadbd376437c15062df86f64
SHA1 a69f3e8dbca8f0cd452da2c562d11f6d31496c7a
SHA256 cc7e5b2c3ef66be773f48c4bbf3404f8aac0012119abeba9008e236bc1007ea2
SHA512 e763599b6d4e3dece229e0460dc1b6611eda66e3e61e6eee08d430ae7a5378a190a4acff02b8d87323927a9f1e48d48dd2a9e925118043b508c5c6363a8ff4c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e0be7ccee2b0f90beb8f624ecfd2d24
SHA1 ce2fab13d2f80ed17b7740d7a5dd38f540858aa7
SHA256 1a15bff802c4f624b80109c5db0e19f8aa2503a69072f87b716dccb8d1754168
SHA512 e673eda3b9123c66378326a566fe46efb67778245efd4d75a141cfd43582da7a88429b9cd1b137b945ff695573ea846034c5228b4d1e8f656fb50c5f56815ae6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fcebf70face4fdc38b4b9def8d72e19
SHA1 6023fc4eb59e551aeba04fc46dea9873ea8dea7b
SHA256 8c0ac0a958c3c96f6072ca8ae9191135922f9d94ccb91e89ed3a0bbfc85eb6ec
SHA512 5c474f91012c785bd0daaa8e25dcc7302ff74b908e78b6838cf493c6ddb4fb2f4684a4d6530fe587aaa16cd9943f132442d41053f921f43405b0b16dd75e331a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f02f6f48f13d47b6cb417d29e4734388
SHA1 e4af45408e3fbab53bc4713cd7ccaeecb5c374cf
SHA256 e801f013977a20b2a455a4e6023520fea38dfece8e09a3bdb4b0f6b18c6a4e07
SHA512 38e037fc6cf73ae62b860b168db10d0c91a3b3d5ee738375d5db240f244aad3a2d4c7cd0db8daf5ef73dae8b635993585e72ce61166ba6b5a9efab814dcc627f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\71f6627fb4be5c56_0

MD5 f7dc7b1d1046dbf0c0c23d7a5cd8e5e6
SHA1 2a311baf65084b67598ff38c292b1ad51abf4d2a
SHA256 a416c55675e993c5ef1dea11107b7b416f0b4a3227e5ef44f168dd7f3d0abeb4
SHA512 d1f04d4f02047b45c2dd4937bb194f2aa699fcf0491509d8e78e52e54719e6d01510b047828c49694334334a665f928f67eb50d993f32ea9c5dce81827248d83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13c8b04b779ea93b_0

MD5 977794e3da2d072f24adbe99e3ee5e89
SHA1 d7f861dce03bc347ac120478b9842a08a601ae99
SHA256 73dcde72e65ba137e2da6291d16d5934383da6b89189c7d1bcd71a0700670b01
SHA512 cd4798f160ddd7d3e38227370c2ef83edc0b0b6d0f58afb6a83480ddeafb5a423d3f84a787695514b0dbc4465e3ef6684dae364c1c5eae6a98b1069fad55230e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17cffc3dc812454b7bf9dc52051bc656
SHA1 c9c8b3531cfcf0a73d158cdb508a5ac9542708a4
SHA256 625d45d41e7e22580b3f60a0fbe96dab0571b8cc3c5bbb64b3881c2c3ab08234
SHA512 f972e4c038671ebe2ddea468e454799e4c75fddc02f3fda183452fec85a8e1f573f97e4962fe4533f39f27459890c3f9475f2360cf8f51fabec734897b1e83c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 81175db30b157e39a46bce31b6293d5e
SHA1 418af56a38404bbaf06081a9c2cd922789902479
SHA256 890ec0b628643c7d1d7257f9bf38ab761f900dd3b7f4f414ca02f7cc80c9c744
SHA512 fe7e865ff5e7c2fcb0e9908ed8e435169693a284edd626225cda08076b02fab1add3a2184ec6f8f034effe3d9244ecbc4dcf3eb6100a4ee4bf6f2e54b8bcfee6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13bda5c17a5937dd200b260ded2994d8
SHA1 03c0cc852527979892ffb74d96a2be856439e269
SHA256 ccef72412de25352bd0e950ec4a8b587b5d813bf38910af3f9e0fd824686ab78
SHA512 d74fb3aedcc624fb5e12856be867d8132ac9b7796fbbada2cd44ae1cc24931c467e8edd2b720310fbfc50b27615db2fa447debd81a2fabf051f9bcf741862a81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 689f2315df5594d33ece9f928c530fc4
SHA1 79154bad7ccaf675679b754205b60f0faf3395c4
SHA256 bb7d9f3f22010f382eb69f327b4f7cef75c0ba8c04c83b3e427e2e73bc2619fc
SHA512 c45d67803689f7b7f4be3b7de4742d1911a053d9753b26713deb6c4354acb353e42acfc9e4ee7a7a864f46daa0f1dac6080f1857e7e1600fd5a2e574e5afe591

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000005

MD5 abc9baef797132406eb33deba37176d7
SHA1 bd244d2d1d9a25fe901f198d916d391233bec3bd
SHA256 1cd4922dcc88dc33419224b44ae6ca3bae5e9d1bac6d1d97e3fea3d829898294
SHA512 35319c4fbc651f81df3e2f6192ffd02a88bc17eaad3f81b4c76f0f2d10b26a05226a827ed84baa166fb8a5223f2899d7b9a655a4f0c6dfeea9f635bff06f0c0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000006

MD5 f766b04bb4754072b62815f62fcb119f
SHA1 e9cca7c5fef0079ddd98892f411f2f90267d3830
SHA256 8ca3139cc59d16669f92379c3f40bed8d5f65c2312d9017b4a8ad7b9b149a9fc
SHA512 64ca856c87a11241c2c24e779376eb15733faa6c90ea6047dbd6de52fa15b17a6aba72f9efd0d9ed0e100b13e2216a095cc4050d42817444379492b0cc281575

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000001

MD5 16f3e7750379647e6a587965bbab8485
SHA1 113acdef0fdea36cf61534d7fc0d59dc84abc72e
SHA256 5264bb90eebb1c5ef0533e4d728b3a7887796482cfd9a3c5ab1fc3446d793f0a
SHA512 c0844fa0395b7c7130c24d1bbd9e7bf57944555ae3e0d609e78360b8e2601e4c4950fa6202ee7f3dfb9709c4815103f7ff0f2a9dcb696776d4673f537fb0976d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000002

MD5 e0093948466f0e5eaf20288ec0acf509
SHA1 574b8e60080fa466e4072662a9bde946cc8ea692
SHA256 77b5863af37f4830a551075f6d8b7d83cb3d5f19478500e03c7cf4cd99bf81ea
SHA512 512335564f93b420ec2db5369f030314cd6dea4df1192706a643b4cd5cd3315c40e098c37b0fc7658054a93d811ca9c8226b0dec9dc053b61be6d184c464ba78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000003

MD5 135df6b9085d28e17da051c9cacd8189
SHA1 f71607131cc18a15f626ea92f5e8b1bef402beb3
SHA256 fd294581677aa870cf564b2a76cfb0c54dfe43fc2a0a0dac1d03aca583ed31c9
SHA512 41a1e6c55cf3c2adf2c440fae699a66530a084bb2f7a31756dea68373cfdd1e68d42a626e6d2cd00e9e7c5cf3c58ff074f284d8d07e23db5b910a934a320f515

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000007

MD5 e3eece69c822fdaa32704d883f61f9ba
SHA1 c926041d6279e86688591c0709fea56aa0f852fe
SHA256 02908ffb93522a338fb55ba4d602c43697e1021bffc5faab39e591b8bdb32166
SHA512 d948a065beff7fc52eaafe8069ab0bb6a8dd16847495635c5b706e75c31d4e09873cb0a13a7fd23cd7e934b6243e2110287d053c7c0a8187ad8e41a44520c67b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000008

MD5 6c49340ae91a028123a8365299a85bee
SHA1 feab847eacd12bbf9c5fbce88c53ee5a6ef4c3e2
SHA256 2feaab0e9cfdea56cbc9a9c29eb28be3af066f52dab71de75f39346421df3177
SHA512 9be3e079b0c47d53ef36c6ec95470f284a9afeb9bf8c8f437da45da71637281db1f2abd1ed93e4ebb58a22c0249d4ef22d251ac93715f9b4f04d352f136771ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_00000a

MD5 371644ee151d4452b8b1f3c56525106a
SHA1 60127f3d8857ea9437d464ee26aa3acd738ecaec
SHA256 e59f870252c3d8dc1665e1189d943eafc3023b09893387510b944722c9ac21ff
SHA512 6484b1f2eb0a5cbe260fb4467922d1375f6ec446d821817f074e393ff00c04b73e7797bcfe7b803fd0458d79f6bdce3281122664a2093f2806b97ef445efc0ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_00000c

MD5 00c87e15b18df45287488d0d0e1d74e8
SHA1 628d2a552c75163b5d49e1c0d215ade3cfce22f1
SHA256 4f2db01ece0e993231b3a9f1e2471c7512f031413d319c7dc4fef8722620be89
SHA512 35c324fcb5456008b61207ef2a60486653d6153b34168617850679a30e2ab6efcf2dd9f469daf46af770a0446edb21319e14c93a6810f64b4b2f05d76871bea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_00000b

MD5 4cd746a1fe56a3feb50d16d32064f948
SHA1 c693fb1786f8962af5eff6726b2a49a5cd217f82
SHA256 4b9b4e9eed36ea6683b0f75c4f6a285d77a0e2dd2493427c0399a616e12eb963
SHA512 2a720fae9e7dbd97b3e412e473a6d5b4931cf52a6839e7c00130a8ffcf75234238f56521643b0c2d35de14647a0893f74313e1fe2e55d94a665289236d3f18db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\963e31f9-01c7-47a6-9eea-370f768f371e.tmp

MD5 bba0a024f8ef0fa7dcea65ff19f280aa
SHA1 33e0d4f29e273890cb012e1ad444292c4c45917d
SHA256 475657963ba8fc2fdc4a92c98603560fcb8318f715bb1192e1420e67ac9435c1
SHA512 68ed93e325a1c1fc51ba1e841a8aca51de3993ca4373cdd1d3740617b7067dbe186f5d73f985e6c5d0a2a1669042812a007f90abeb5fc73af9de4f2c8dfa2d40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7dbe5e99fd7f3b25d6a214e0f3b2b4fd
SHA1 51c3ab8e382d0a74991614c9ba8fb8aaf2ad6496
SHA256 a2845e5df03459b2b100bb61400be6f448f4eeeb899842bc6331b09db8253db3
SHA512 7c3d2c709013a7cb5d80b1886746fd2e3441cbd20cc7e4b8bee890186a18a64ff4b3566d0d4a785731b18a3b96941998504f9b94cbe3a468c981773de9446d59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c17c0c127002dd42ce06d78d08146e17
SHA1 e400975b66db1c473dd6756204a05c2c0f5f7a05
SHA256 6ea3bcee2f869aec8fc73b6ffc3725f0f460ef14fe9b79e26d305e8305552bdd
SHA512 d8c8dcc5cc52c514ef0abf40c7db0a76b0edb7b1ba6bd2e754ac3c8f4e6c8a3892d2d07109a691143c6e20be161d37aa6b7ad6c28779d1975972899ea276f3bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e4a2444aea587c97d06ebad4a717c75
SHA1 e31200128f0b3ad1f43bbb85e00d55550eb4b93e
SHA256 29bd4290f256490d9524712119d178b5e788acdf8ede2cdb9c45e97d00be9404
SHA512 08ed11eb2b388e34e5c759d5a758b353295a22ca30b8d43a74c77cd6d58c887902e1570b8e470df337ae3159d52fab871dba089ee261fde04a93f33181e35504

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d17ba1c8f770424d_0

MD5 3e4d67dc25d55bb9cc9f7d2258081ae8
SHA1 219984de58fcb12aca0a7533b6b909030328adbe
SHA256 26ed9f34c36659bb39d3ce83ab935d342dedc7da458e1c9cfcdeff12a2055c62
SHA512 a162297bab24580827ba83c481fe716bf72d8425629d0be8ca753d05be2adc976371bf744b909311d4b3c614733d98371c7471f7220ebdfb5edec3068c3eaac1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e6e2f1e65207ef2a_0

MD5 041e34b7a7e183e4b26429d91ce44890
SHA1 8f24cd6fe883bf5c7ad096b9bdbba60425bef243
SHA256 28acd9e5983b2eb11bcbf4d4f7b47f8c29f2f78acfecc7151130d298f03c411d
SHA512 3c564d2b2d7d425cffeb3a6a17c395792d5f0eb28e1b7f8be1e35c0083ff8f21c19c7305bc4ab660f3b485b9e491a88d91ec4a507c4c51f7e14209820891c321

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 14d8aaa5f3a275258c8d7a75e02317a0
SHA1 182401433e8b05988b910fb35ce4b9b7b9ce2ad2
SHA256 db909e79c7b00c33e1c31613beb48a0c7eb9c262eb10c8815dd6be8406fbd4ff
SHA512 363905e27b524ae310dc93ef137136b3da18669994753e2a6bfcb2f8b69a2b66b4bc3e26b91e8072b2aed586984b11578764ea21c677e13c6eeac005424287d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14ea97619e2c562f5f6b5c4f4a3cad83
SHA1 6422ec69236c4c9717f68d9e7711d65498181f5a
SHA256 b5fc5fc050db4406e79bf777e0fd94c02aa6dc1cde6674cef80c92edc1725b0d
SHA512 5a47277c01b560399419b16d05f9c2cd7312d97c62aa2b02007e04ce06e1ea1faa8942a9f46d26eddf3126d01f272122503887d2014e51e940fd0b2a90348332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5154e830151c71563b0e5aaaf94f1b57
SHA1 82dff9b3e4f0bcdad787a8355374c98484a6f285
SHA256 63bf57ee5bcc335119c692d7e5c93df3cbdc89c916824f8150bbe9171b8a63d2
SHA512 26bd4f255753ca6c04a28580ad78d3666b7669f23cdf568f9a5fb3477dfab951526b7a4d037683c379e97f17fcc47d4378adfa3bc81e3eeac44ddc96e63ade3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aaa69c418c3bcc87f5faeb45f3ab9075
SHA1 498ea7db2cc34ec0f20488f3367cefcd3cf4a64e
SHA256 f32ea12fb83e9b1a98abb030b41b8d312f32f9d63ac3126def65ac1226896480
SHA512 7d8a82cef579e617de8a07820fddc5fb5639a3fb3ec08b751c8e9d3536c7047bd0f1815e7497a0550e4fd715e9f6b241e9241c073c5dac1ceb57791fbdd5fc31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1

MD5 69b550731f9a789a39d18eb917e43a4c
SHA1 20721285bcc8dfc47777e43b2d94a224469a0b50
SHA256 230bd4129d0d79dd196efcf6d9e8db962c5e750fa539dfb5b72ba43666485066
SHA512 0de48338b7108eb2b9206c57d382c69703f1424788f7c665f44e4ebf8fbc92da8f11d10416c03f37d62c0d72cf760b902ef52f8e41caeb89ec221f0fac76702b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e2

MD5 82b03f239b58044f1dc310a32f0f0cff
SHA1 58184e5e351719ec9b10bee1693260f4f34e37ee
SHA256 18a1e3a37e5cb38d38d452d2f0ea83b78b915a507ffa9860cac9c33575a3c105
SHA512 884d2835624980f8a8c4eab8da57f93f3b2de8dc4978070d48ce0df355db8a82c291cc8bb7c42703aa55fa11c7180ece5d5bd1877e77ac875fa6155e64576cd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e6

MD5 1ec0ba058c021acf7feaa18081445d63
SHA1 73e7eabf7a8ae9be149a85d196c9f3f26622925b
SHA256 ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
SHA512 16a1b8a067ad4a33dcf4483c8370ca42e32f1385e3c4e717f8d0ce9995ca1f8397b15a63c0cee044c4b0fca96c4b648c850f483eeb1188a20f8b6cbf11d2b208

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23450d1959d88173914d372b31a170a3
SHA1 bb25d211c288af97aab15be73b36ab0021b3fde3
SHA256 cd754e27579db594f288898a8e7859099e1b54957b905d869c498e58a19331d8
SHA512 d333f0d1e95ff65f6ecdf35f9af0959b66d298e51abc9baa847c46c9fefb6aed5629b3c90b545a38f21eea432981beab04946e87a7d8b6b51b49948e2c37fe2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7cbb2b823d24609a1e793202179e7074
SHA1 56f2c852d877a5fcc6fbb445b7dd093ae962ccf2
SHA256 399b12b95f467204386f138924cd25247fe22e4d56e9c999eb26260913c2d385
SHA512 b0f9faed0d6f98e248600fe8bcd405aad5bcb52c52eaec39d0cfcc5f40ccf3fddc3f2750ee57db63ccef1b090d34b25fe3b0f106ad1a01affe4f15321dbdf11c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6413bf68c4a732a9bf9edc4d53b59f81
SHA1 4a2d7ed8f0d385f8a85b00f8392fa05d7dc90c4c
SHA256 299f590368b317ae4ca3973458f90e87043fa7834cf3d754773b7cd5fc9055a8
SHA512 51ff5579d9b15cd0fade58922e1adfaa40826857beecdd33bae3066d80b0c0186ea88a845a5edc00f7500cedfb402df321a70861634c62d8e00cc6ec570caec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 505f9525b127129ab2b1971b25157582
SHA1 65dfa6a62baf4a72375c8fabcb7b1f773f7b15cd
SHA256 bcaa86454583729477a7fbaae474848c794ffd97a1fa3645961eb91ae664043e
SHA512 ddf816dcb1cba3328bee44c90d1982ed1dbdeef001eae345aaa01c3d03a8aee476c66f816a7ff82859cea8559cc8eaffec6a2d97b1a6cccdee13a1291e93e618

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000106

MD5 2abd079be1223e68fdd6f520afe8fab7
SHA1 0f52ef825e632aa99b80724e2fc419fe1413ff39
SHA256 fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75
SHA512 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0f1c5dda417e71fcb78cd64fdd6d0a92
SHA1 b649b5547c642d123c939f3b04b57c791ef3df7c
SHA256 2bcfb319198c0c0ec48ed27683ae62d4a9a396ba6096e520ec031efd11fe7bc6
SHA512 792d82da1ecff14d6f9833e84d7efb2df27d6f6ddda1e13bba00daedad23bead866d6f884e3958a594a47e25ebb231552bbc36770bb9af044ec978978403cd1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22116979391e8044a8f7c85cbb7d907d
SHA1 5915e53a6c5d1eb71df378d6d9bb856b17c19c7e
SHA256 3ff33042d83eda84ac978acbb66d59fb2a2dadfdd663cf5c2124e814d4785cec
SHA512 170d6b79e402c530589adbe88f2eb94357667f1bfa8219cf56296020570977cbf616b41c26d8bf3aaca3e691e57c1884aae3894a01c0f370f7c9e8cfd3c94c7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f3f60197095522a1d7e837d6b6714c8
SHA1 bbb8a5ae932a9b1d61a759a0c7e8a2c1e3d4bca8
SHA256 05056324d3e08c4703daaca5240e966c51e40a45a68f1d882136d199e4f53365
SHA512 4fd68fb5f10e3169c9d1b2ac4e1473d19a2a2c022e114d8c98c198c865487395621c77b1c1000d94bc59ceb1b6def59fc5f8ff36687ab627fd0be07c8258c4b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff

MD5 7f7506069aab811b9562a47936fc59d2
SHA1 adc5def010f25a0bf60a0bb186200b3a2f677dda
SHA256 00053447614f32c0a7f381c7130ad3806f89f9141708fe5793cfb7d3fd61bca0
SHA512 1568965b659642a9fc71f909d5d84c417499d333c4e8c63a66380bef82150d5d74db10811272d3403fc82b5fbe2ba560829924fbe9b17bad70bd5e1d0b01ed15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000105

MD5 dee46781c0389eada0ac9faa177539b6
SHA1 d7641e3d25ac7ac66c2ea72ac7df77b242c909d3
SHA256 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642
SHA512 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e320eda5e01641e16e3286296eda49b2
SHA1 a199352a34432c18c9ca516f39b085cfb714e29d
SHA256 2bcc6cc654df003e0ab0f7d8c4f046fa9690a221b37a77737025fa98c98e4f6e
SHA512 aa965a59049bedaf862ba0a0550c23ce1ce801bb8c4391203000fbf04daf6a9aa6bbccb502a62f79536aca57f2607c4beb856951245a7a14d029de13a3e0470f

C:\Users\Admin\Downloads\Unconfirmed 946510.crdownload

MD5 54daad58cce5003bee58b28a4f465f49
SHA1 162b08b0b11827cc024e6b2eed5887ec86339baa
SHA256 28042dd4a92a0033b8f1d419b9e989c5b8e32d1d2d881f5c8251d58ce35b9063
SHA512 8330de722c8800ff64c6b9ea16a4ff7416915cd883e128650c47e5cb446dd3aaa2a9ba5c4ecda781d243be7fb437b054bbcf942ea714479e6cc3cef932390829

memory/4344-8179-0x0000000000400000-0x000000000042B000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1488ed64b70fbc9073d3d595228977e9
SHA1 d71e3973b8d5dd6b28f048c0a8ec3cb186acd625
SHA256 9c529803fe32b9e12f7f8ed31c570aeeefe1d8ce5d63380e581c09c7d1d2a715
SHA512 c894d025f7f753e9890f4dc334b528f30c6c7d3f5a082eae32bd9e4f27b76700a82be5fa577a5bb7cdcc14b6a50823891616f5ad127f063b2825d854532264a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ea07a8ba60d6dbc09b0ac6270045b39b
SHA1 fd2d518d3ce46ece102b2ea7f70b5617e3479fbc
SHA256 16ed598bf8a82a356026b8c689314885e3c67962bc6791be37cf4d1250f67c21
SHA512 68f5ca2097f5a8810fd6c854eeb6395b04e87ea12a7efe391dd9b4539fc5136fe08ba8ff15f553605405f046ae060ed95bd1e60db3132263b7185389ecbba9ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f6

MD5 6562638796371dbd6688bea929308eed
SHA1 b34e8e1b5fa87b4fffc7d589348f2f1ea07529ec
SHA256 a2c4c7b49ece1e42730cb986355cf2fcd8c6126858b700b89e2a34cd8140cf53
SHA512 ecdb80c0662ffc7db66dd59d1634f25e18802876bf9e4e08576d33c943b5ec03d239d61db0cd2da0977858553c4386361202b4c36cccadd7e723e97a324dd67b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fa

MD5 b82146825d58f2b2b759db2b299a2fc4
SHA1 92ef0ca09b5e637c5971ae8fe0a81a6390380f31
SHA256 78c170e817b5efdb2f5347bc4aaf5fa935e60b62cd69feae0834ee7fa4a45670
SHA512 966906ace2bd6640ecd59ad8fad1299765016b7b7a11d350939dd5de833b3581fb7a9220627dd6857d7897862c8f61d1c9e4312d57ea52a519293c6eada3dd60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fb

MD5 f0abb6c5f6ff2bccece4e6cc0463602f
SHA1 6ff2b93ee7fcd1d9d21f6823395051b48119f939
SHA256 0bd5a07bb692a6cbd40e0037a2d5b937476064daf4ca014e8008a12ff3e79090
SHA512 7d518585bd82c62b3a00cb1215fe314c245c42636197b8a74ab9a999de54751fc6f7daa1a181b9d8aea3eefb79b6c58b39d8395c8e5c02e888ea57c06d5856bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd

MD5 58a1ff616a5d38531fd722b4df61bdfc
SHA1 127a7b39173b556fc61d1cfc56b3eea0b70a6cee
SHA256 f9535db39c9b7244694120ec9d6079cb7e0152c3f53bd92e9ea35ebd356b309b
SHA512 ca65f6f5e7242cbed5c46433419ccee80d40d9d552bdb2fe93118012d67e0ed276cc61ae91963ffc264c299045d201bd410eb9415306534186367c56e59085fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

MD5 99c8b710d08b6c60b4e48011dcdcc0b2
SHA1 12c9a597ebec7b3f9b9276b1a0833077b8fc7a67
SHA256 c7e8d1754570401376f49a4486f428ae9202d08639e7547e5881ef76bc766a82
SHA512 0d286c0521367618a7041e0167c1ff3c974603e9eb836890b90c0bc4974ddc2b08bf21305c5d9535f56d77dcb5fb9e6b067e6f3e8cd8fa734d94ef2fb1dea404

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe

MD5 632616ff15825f030aab3391a58ef042
SHA1 a9435e095b8a17b6058c9d1e0c8ea53805e20d39
SHA256 d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
SHA512 ffcb6cb7713af0499229f6316f762fe119c313e2a3810d8eccda8c005ad664adfc640915970e8d479558e627c875e4fe9e9ccef1a9e2ef3788947657916d1c2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100

MD5 e5e420eec5be1486567e31484c93fd76
SHA1 2c9fcffc43cb1f5474c4708719fd9fee3cbc2849
SHA256 5f75337c332a5b14ea8fa3fc5e59320634c3e1526c566f3d3574cbe60704b78d
SHA512 52d39fd1acbc91889b675a0420cda62a75d89403db09bde3459bd440ec2d7b1f3068fd666553b4603aa662cd6629cc1c7625a3690207407c94f0a35165b2a979

C:\Program Files\Process Hacker 2\ProcessHacker.exe

MD5 b365af317ae730a67c936f21432b9c71
SHA1 a0bdfac3ce1880b32ff9b696458327ce352e3b1d
SHA256 bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4
SHA512 cc3359e16c6fe905a9e176a87acf4c4ed5e22c29bfca11949799caf8442e00ec0d1679b3d8754dbc3e313528d3e8e82c0ec1941e2c3530b48229c1cb337f6b8b

memory/3088-8330-0x0000000000400000-0x00000000004D4000-memory.dmp

memory/4344-8329-0x0000000000400000-0x000000000042B000-memory.dmp

memory/4344-8332-0x0000000000400000-0x000000000042B000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88e9ee849cb88bd1f42f065a79817b6e
SHA1 2b2a6e6380af6308b781d8db24040591a2ecb118
SHA256 8713ee1afef34c7c3b5b688388e79607372a5869a075db2105795982c5d43b9a
SHA512 18a625204a0d1dccff7051b9e8be7cb0c9eaf236cc366cb59218fa1816590ad9506d4bad757f42d1040f3406475f7417a8f709327ae8b142a1eb153a0c127ef7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f3

MD5 344ee6eaad74df6b72dec90b1b888aab
SHA1 490e2d92c7f8f3934c14e6c467d8409194bb2c9a
SHA256 a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196
SHA512 2a9a9162d610376512a8fae2cf9eb7e5146cc44c8ebde7a12e9a3985da1718c62ae517c25b00de7c0269efab61b4850a0becfbf04382a25730dbe9cf59825a62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f5

MD5 5366c57b20a86f1956780da5e26aac90
SHA1 927dca34817d3c42d9647a846854dad3cbcdb533
SHA256 f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa
SHA512 15d7127970436f2510344600f3acecc19c39a05f8e82c8a7950095386382b2e2da55883a5a9faa97b84452e67315b9ac1693b6592274c8c1c35c813dfeb543a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f4

MD5 b968f9e5faab98f27b0dc2a426057a4c
SHA1 987cae3e1b61beeb768563d96a57b9d673306ba5
SHA256 2be7c4562ecb9783cd56aab28bfad2929c4222d095369fd58fa9df08c9673709
SHA512 ff62c87c466aaba5517d737ecdde5bd5031e3cf998281f6966862269e492cd7c910a5784dd857deda53e6df83aeeaccdd12288fe712ebdb8ed2ae5048f659cb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102

MD5 34d5015941e4901485c7974667b85162
SHA1 cf032e42cf197dcc3022001a0bde9d74eb11ac15
SHA256 5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632
SHA512 42cef1d6847f535a6e8afc0469b9f5ef79ce4ab21512ac7eeda8ef9667d5f24bb33b30aba9a29824b3d853d41d4addf6bdee2042cf4fbd0a033b61657c671f0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bad075be0a0704af2eb99ac3bf9f8246
SHA1 1f98158ab303733a231ebf5887edf48b8420cec5
SHA256 8303eb5055cf873dcdd34e41a1dad154f686072f75db0f95c1bb7bddc81bdd22
SHA512 60ded51d91061e45a6e693fe7f243725a7385379399a8d3e92fdcbca0feedfe93a29f2e6c7b04ea5f9163ec45804ea93a9dd844dfacd259fa09f76f1c7bd3f16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6e6044a40a7f19559b62602244afa481
SHA1 b18221689e9d6b97b121c3ca05574a61bd1e768d
SHA256 f156b532e4aa774773170f80f44e5f070c0d523e3c6ba908e083ce3965ca630e
SHA512 75609072163bb9a062fd8a9db2ec057b702b3686b9c27bfcc2d9a5c65a386b57336b033658afb4f27a3a4b5f7f350d95c98273fc785238c9583c30f6e3283ea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37bf5a730b0072be36f89b9e38441e77
SHA1 1bd620b20c4e52484c222d7102974b5eb8e9ae2a
SHA256 71fc9cf2ee2ce88af46a26cb26a585c0d4f3a3674d49a9ff884d651036179139
SHA512 b078b6e7174d9d8f661b83dd9d89eed0ecc7de1404670d5aff5e02097640279158506e1b905e19857acf952258f490def3a41fb3d8de564bcdbfbe466f9402c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ce934f7687c42dc013049ca755f92ae
SHA1 2aaf009c6fc65d2ddf4411779dc52160dcb00c98
SHA256 dc2a9dbdd629e3eb3b65cb02e5d1fb02a085141e61dfc12285b6a4d3690840aa
SHA512 b497c0e5b105fd0f82de47c1acec8f781b7a2b6bc3ce89e18a3454670950d63ea545ea3c512050e8a0f219b5b8249af3722d8938dd99b9020ac48ee13e2bbdf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8faf3da881901efebda1be347524faea
SHA1 328e4973c20382a5068c859d3334f458bb7fb815
SHA256 e3c6fade05caea5bd8c60467a7ffbbec24770735ab69d2227d3570bbbb242fc0
SHA512 aaeffccd06217bb9ba22bdadfcb308f54890b242c25da18e035bb111261475194ba9d04fb4a4fe7952e7497d519f87a94456597a428a9f6d89133835bbec00f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb

MD5 7e9f8c6e0df5f6536b3bdf76c8867e9d
SHA1 a4ae7f60014eca8ee11989e79bd6d0a51a09897a
SHA256 70f859f58f53bdfbc8273e5f9e106465442e7cb02ec3e78f8bccdacffdba673e
SHA512 259c58e139ca0f2775b1446a8ad3e1abcdf9046cac707ce1670af2d14fed8527b0767a7542f4c59632815db3dc8f04c9be0b40dba67b89441836e2b9abefea01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\de87cb1a7e9c1a53_0

MD5 240ad7eb67e86d9bbdd8f1ee93d3da90
SHA1 3ceebbe9f22791cb2597981ce8dbba522abc9a8d
SHA256 7b4569286f1f2c713c7ca024b59b6963e19d712667d6d66d948ad41c904cfeef
SHA512 efd9e214ffea93cf62e8c3160c0902297cab7fb11d9c65fc00cc7d0eb20a2536305615f4319ab38bdc8fe3aff985d853c2fe609750e2c13738c4639bcf3068c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\497513074c3b4a3e_0

MD5 d76be6f74a5b59c87e2191485826f4ce
SHA1 ba6a8588d7ba0474267180672594e8d547563b69
SHA256 460ab57dfee1248cbcf5440cfdd05917129310f392ecc361ba624a2a004dd030
SHA512 aa96378db46b09522ef4fedada8e3c4298621c28d18197db50e3f67593437d9bb928cce528a1329b6b5c95c846b466e63e1b4d2def13519b06002a89bd581a58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

MD5 18a64802714cd620582e3070cfe247b6
SHA1 8b07b5a18b9378816ad4ea50545aae6c28796262
SHA256 c920432f90cdfb91ca4074cf59d22871407e1d2ac429b95c5ca46690ea4314f2
SHA512 f8a66354bf3b6ac887994f48e84d5d35fa38684c0c621f90fc9c846074518ddec7e3f89ca6a924456c1f54f8323ed2d5649893bc2d62061724e281a9a9028ab9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

MD5 eb77bc2800d9fc63ab6d008de39ba433
SHA1 e272c72645ea3f7881411a7447c09d1ce8223c5f
SHA256 4d896cdece4dd4e55114383fa239d45106f2be70ded3a20f7277bcd561737d92
SHA512 8a9e30e8a419b06114fd65c2e550ec3927fc6bafd98849c4ad79f8c3ba19f101d9cba7aa7c8f0bc06e9eeec851b4033917ffb0e906292b4f6bcc7bb4381ab00c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059

MD5 d51156aefe1bb617bea2b80267421bf6
SHA1 21f5fb668da9d0a0b6b71f2c4f4c2b6ceada50d2
SHA256 add2bee75d3c9389bfe4ccafa5f08a9f1d3ab2f644c7ea02255070479d09bc72
SHA512 fdcf53ba59bc5e72954c6f13183e248354fbf6be8a51ee4bb7f4c9d01ca39c27c1eeed184572900caa4f48d279acd2b1c3ae0878285a46832f0724093898d8df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\67594e62-ed6e-42cc-afc7-7ef0f020de5e\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 68685c0823e9a4e9099bfebb0a26c9e1
SHA1 213017b667ef82f6f8d34bca8411dd0db3838b21
SHA256 e5f2e1fca0f5ff3dce6ca2b330d1b26be836e44d72dbcdef9f8b3189546c59dc
SHA512 42cea75f0c13267d969e4871e03293cff4c2f0b826bdc416a20dd9d3148f964128d96e260a7a5b6475a8acfb867e1b68f55852b56633b2e052612b8df1c3ed0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000145

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1a00eaeacaab9238245aae9023bd6ff
SHA1 0ef914b4e3b9a0347276735b7946dfa46dc0e09a
SHA256 aaf77f2f3ce294c3fdaa65fb30fe0ac244a388f6bce84e06c4022523f4809a3a
SHA512 e2776efa8a4639a9832f89fb332077355bbbfc2066b8c644bffecccb1f59ed89694168aa592f648d1c38e3146d0d83bb493efaaaaa4ca1a629a79876a355edd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 beb86492235e59350c8a8dca39380735
SHA1 66e7dbb7d142148fe9306a2581b9dcd1e798a1ad
SHA256 6fdec9431777c0046ab8ac44b4cb1fbf667ad4807d8288c968988dc7f2816c39
SHA512 6f8575de4383fc69c549aefdefaf0780592dc86620133d08b008f11fbe85df3ff2b83996f430bd8db48f2ac364720b7b54f2b760e3d91b2a314abe16e04b0237

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355f3f926750f22617dba344ab8ef54246b4900b\966f0e02-aede-4c00-b6cb-d72fcc7d499d\index-dir\the-real-index

MD5 b95b0636c8554b4885fc802bf5ff735c
SHA1 5b94eb318c9e1c382474f2ef88e1e7484e6ddd5e
SHA256 906000aca4725fa4f928ed71ebf2d7f1dc659817451b695bad575ea838729b88
SHA512 7ddb69169d177933407882151ec04d9512af87a710823b4d133803b6a84317cf384ff1040d591c1b3593075f6f9d06eb90001209e74b2cf75978d9e7f0da0553

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355f3f926750f22617dba344ab8ef54246b4900b\966f0e02-aede-4c00-b6cb-d72fcc7d499d\index-dir\the-real-index~RFe6a2f22.TMP

MD5 88b097bae7921ac9da245b80fbabe712
SHA1 0c69e5a74115c652f3a6bd6a6d552400ec72bca8
SHA256 0920fd3e28c5d1b96014bf846c96e7746cfa2a65548941440e24ff8b190e0891
SHA512 de7318d8309437266814276099af084dd279453943decb122fb9abf6d3879710cc73576f924b54ac7777ffebf04083e0ae946336b28dfbd063277060b75e59d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13375651788807724

MD5 6b953456c96e589aef75cb4879fe0996
SHA1 416293b6bade1a03550495456d2796add2a0cee2
SHA256 8b7520bd5900a282177167220d0d9aeba42db8e23511529bfc88e7ab2190a7b1
SHA512 3d2d6df63397fbb068ea6924ce0cfc0c11a372ff69fe14cbaaaf4301493bfe28bfc6c8bd308a67fa5c6108ade9e5e7df551f2279c086c572b770e0b9e9648484

C:\Users\Admin\Downloads\Unconfirmed 502237.crdownload

MD5 8a928d5b4eaa0d1f25fdde064fce2dd8
SHA1 0dcb10d745c6d43aadaa1ab97b7cce0c1e85f1cb
SHA256 64137fb074ba4603e4c3bae70e3d549f457338e10b69fd01d7d2603c20940ecd
SHA512 0d4936033a79655319697e5511908b1f500ef451c3bd18e862d0526efac219764b99ad1ab1dd73528a460afb18c81fa6150a531c5c3c7b1e64c3fbcc5364caa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcd2cafdf7d468c95fc1664f6bf324b7
SHA1 2dc85c6e6ab2e5d8a7e0c1fca0af26232daf528d
SHA256 62edc3207b00a20b571326161fd3bdd92a36633ce8ec9a20365b221617f3a30d
SHA512 8545c26f3a44dafbb687dc4e5a5b7ecc362daf42447aa1362aab1095b554cd0aae363fadf28b6efc46a4454981fbb4e3552e6ac3f37ae0bd34792b23ba4b254d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c947b14662bc8745088a7b5ca8d6f92
SHA1 cd565841689ce69536ecf84e894288cea68b78ba
SHA256 f6961ebb9cdab90e546c8eb756632257f0665fbc155d7deb1f5bf9eb4ecfc731
SHA512 874b2f79e5348d447c182e4da5ae2a8de9593bacb0af820a439d159e712c6510e1b6c85f33ddbf4b26c2fd276bd141ada6603e1f2a1ee7461e96273c49661456

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355f3f926750f22617dba344ab8ef54246b4900b\index.txt

MD5 8b443db8205c6d7bbe49020d9277ff2a
SHA1 edf6306fab72ed286f9a9bc6be38553a29326219
SHA256 13269536e33681745ee0360a961ec1e9433d090c3e34123ea8dd047a9d22e332
SHA512 d5b0827e356ba62ccdb90fd6e93df812bd43da2067e25b57dfaea340aca0a2cbfd7c06de3f287282417785798b2654ca5b02203ba5adf1ca327d2dcc6680b2a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355f3f926750f22617dba344ab8ef54246b4900b\index.txt~RFe6a6564.TMP

MD5 3ef27c5f534431acdea9bca1b1177e95
SHA1 a6def55fc6a7961a90ec0fa740869cc5a76444b5
SHA256 938b72674770f22cdc106f377f0b8e2cd00fce1f988d48a16dff2b8899c5b5e4
SHA512 bcbc48ce7b451ab894ad28ce02bb32fdc6ab5b7c4f335a0393a08cf58d263f5f6214e541183a4bacc8ff860681ce0bdebe2b59efd6e35572116081f9f35c8893

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9a9d74c93c45cae4dc324f16c7fb7836
SHA1 c3e2c318f281757b8a5be4a2201ea631f9b04a65
SHA256 905112cbdf63362ca633881e5089e2956c32cfa4d3a405da1fcb775e399a7346
SHA512 64ed09dee45c71b1b4cf98d2e18946c642d9b42c56c5509d81e7fc2284e5a7de95a8020c087d003f33cc073ed1752937f4add5e3bea468c916643c8e79d89951

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33ffea0649473c50b7771aaa3152ce1f
SHA1 21de0db5d7bb18358e3f79025e56726a907fa2ec
SHA256 743a56c510d346ddfdb926f5367a46f9080f4e0abca29fac8bc52525db711a41
SHA512 87a272c035f385c6c52c859ff27e0632ccebe80dc7d1a25602e24d6a2b416d945de30bd97dc42716768b141a6b8b63c7f02135368cdf38b385b26a404864ccd9

memory/5384-8981-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8983-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8982-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8989-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8993-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8992-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8991-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8990-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8988-0x0000026285590000-0x0000026285591000-memory.dmp

memory/5384-8987-0x0000026285590000-0x0000026285591000-memory.dmp

C:\Users\Admin\AppData\Local\D3DSCache\a45939543b39e283\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 a7aa8f74e3b1c7a3a990be39aeb0fc9d
SHA1 91727c1a174cf1e32fcad7aecb94b9e75c524973
SHA256 1fbce2033e7c82320578bca07f1a217474fb02389f9ce0e9a066d2faed552a5b
SHA512 63716bcd46d79975686735b9662668f1dec8d4c2a197dc6d64ab1f479a200bb79484bf2d96a46f863d283779f9a7ca30c0d3873cd120e6af683500eccfd09d32

C:\Users\Admin\AppData\Local\D3DSCache\a45939543b39e283\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 5d78c34d8f9268828f09825ae205af6d
SHA1 b8f937f43210274d4015d4bd30094baa747f40b0
SHA256 c2b1150bc277312ed382fef4010a0332c049db414c23a9e5da4b0d0a866995ce
SHA512 c4a14f0cfc8a2a3af182090d85d8bc993983756b8d3ba0c1bdf951c1b99fda875a2685810b83eb58071e1342b0255620e365ec9e326154279e8cb1e4d059fec7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f15d69c211b8c4608025ced02243dff0
SHA1 1b92276306c801b414ec4d8bebf0e34edc967009
SHA256 eb0b7af292f704da308ae032ca4619918ced00d44a96fe2fe136d12804d2a213
SHA512 05bbd602c2a4c42763efdbee2304eff8f568d256aa19fbc775f59b9651d8a5bf98488d0ed65a7b08dc261ccd92e358d130bbecd1ce5fb8d2810d67d588d55d60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000133

MD5 373e0df24e179ea49d3b2eca399d523f
SHA1 4eeae50884f002b448d5a911eba86fa608ae06ea
SHA256 12632a501ccd93af46fb544526474048997f8b9fafaa8e4eea80573dfea926e0
SHA512 3787ccf53dae9cd09c0f81793c85f154147c986519946a288b7a81350ca183b08f58912c6e3c529e9463d5ede96b07a97e222ec99a3430e847c3c8871ac526b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad0dfe3de63011e629e138b618446ed1
SHA1 c82a5d6b5a634e173563386ec99a0fabadde64b8
SHA256 17c879dbd5c21363b491a1681eb97ee47b6d444f73a9eeaa8a732ba29c418a2b
SHA512 9013cb190d7dc6578c06c4e71298c9a84eed9c2c6263f32a3b781e902550359de3f83e69eee74e7f0fcec2d4931266116ffb2f469020cfddf10593233fc22860

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 37e5087d541caa485ec8c8472939ce26
SHA1 d8e12127c01be84b9ba121ce47c2baec544c48ab
SHA256 896145b3ae6696015ea090dcf9d7546f02080953debc0737902430be55aa4725
SHA512 2679a645c07e3fd870d81a31e4e61b8a680506e1716cd32df7162a0ade8635f425b7ba0700230f681592b82bb690620bd04306f4038d970cdc9ad7c419fc7ddf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ab35b281b9ceb481479e68a568c30de
SHA1 4c40c1505c41ed08042424282e5bd2c9c6a2fe9c
SHA256 07edf55c95ceceae2c437de2f390e6d677e27aa8c19e7fd0b0651d1f71eaaf5d
SHA512 1d15920d8e648d73b03c46ce4abac3fb42e99dc3da9afff1ca8b40edb829b64f05297300bffa96a8e4be81df1c66c936571352a67f4f6d7cd6540456d823d4ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ebc0313d4164b3db2618f35b06c72b1d
SHA1 ca39cc8047bbff11623910f1842ffe670c7f93b9
SHA256 f5834674ab0be9529cdb022a3fef088310d939fcdb034e21d0b74122f99a8e92
SHA512 a42e424a14ecb53deb82afc6b009d75a5e9524f522a5376bb226e1af63ee7336d97f0673dde9235a26ec3564feebe9fafb1afde28d44c7c06e502b9d3c269f42

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133756518985280677.txt

MD5 76fb45a273672ce4ee2581601646873c
SHA1 a25ab5f95891faf73cb04e7af960ed4e1798af1c
SHA256 2341f7785353633009189ec79162af9888d095a53f733aa571794e0f69fcaba6
SHA512 ed955801600022a00e26b15697b2789891b06548874e791aab4fe7e3304d9bf80c8c533953e2ff1f44cbd54455f06ecd5ea602f5be9a4b6b6be870448b64cc61

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 f365552e8d9b1095b80d8c8f8eea9c57
SHA1 85b645f7af7b48f85604aa4029af828ac44a2ba9
SHA256 0ad813b2e90313f311ffe441b4c9be843e5d092f912b6bea97b99fc93f95cdad
SHA512 b1ee806e6eef6acf032d2222bbf8b0935d6fb15457a3c16640af41d4fc16e1e962739c190b469e3ba2c20276ac493265a211071777aa1d6ad2f8b79df097c668

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{4e25e471-f74c-4d09-b7ae-69b30aa989a9}\0.0.filtertrie.intermediate.txt

MD5 0d8eb405900c091911b09127adccf9bb
SHA1 25890d33c422ea925385ccf809bd936cc14b2218
SHA256 8df5954139b6b3c6aef1bf1a0e5f4022eec4731bf162714f639c55a16a1add57
SHA512 4f18ffc6979d5a515c6567abec2fbd604f22c89735d1574e6bc179ed928c96faeaabdbc21d3d25ecd91915afee9b2689d0f25720dd84b73cc4b82d4dce58d2ab

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{4e25e471-f74c-4d09-b7ae-69b30aa989a9}\0.2.filtertrie.intermediate.txt

MD5 c204e9faaf8565ad333828beff2d786e
SHA1 7d23864f5e2a12c1a5f93b555d2d3e7c8f78eec1
SHA256 d65b6a3bf11a27a1ced1f7e98082246e40cf01289fd47fe4a5ed46c221f2f73f
SHA512 e72f4f79a4ae2e5e40a41b322bc0408a6dec282f90e01e0a8aaedf9fb9d6f04a60f45a844595727539c1643328e9c1b989b90785271cc30a6550bbda6b1909f8

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{4e25e471-f74c-4d09-b7ae-69b30aa989a9}\0.1.filtertrie.intermediate.txt

MD5 34bd1dfb9f72cf4f86e6df6da0a9e49a
SHA1 5f96d66f33c81c0b10df2128d3860e3cb7e89563
SHA256 8e1e6a3d56796a245d0c7b0849548932fee803bbdb03f6e289495830e017f14c
SHA512 e3787de7c4bc70ca62234d9a4cdc6bd665bffa66debe3851ee3e8e49e7498b9f1cbc01294bf5e9f75de13fb78d05879e82fa4b89ee45623fe5bf7ac7e48eda96

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{4e25e471-f74c-4d09-b7ae-69b30aa989a9}\Apps.index

MD5 d8a83530c0a53c3d1db042d15e8bb6d7
SHA1 4882203cb7f9fdaaafb086d847ce8aaae6b08629
SHA256 54dea270ecd3e3a13feec23783414eda5603b47a0abc9e0149616632c78c3e84
SHA512 89cfed51e56cca6d15617d26faa163d08ad6dcf449c9fe02327ea370b424a7062dd50c772bc52b1b75ae90651e87c117f37ca7940a5227db24b32853b2e05705

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{4e25e471-f74c-4d09-b7ae-69b30aa989a9}\Apps.ft

MD5 a021c9f9ddd24b3c9470d00bed1d2941
SHA1 24a63d78d712ac22138810801b1ef17d7c36ce6f
SHA256 1cfeb56af271de76fbc8078d4cfd909e109dc27f0109f639ca1b3ec4e1009cfa
SHA512 d1cfbf2a231d2862664a994eaed6f40ef1e344f6c182d8fc69b685646ad837dcaf9b6259a24af777179f7d027dcb82da414f00c9031b63926d429aac8a92ae2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b6e4696f30ea2db2c2d1313b8a5aced9
SHA1 e6a1a979fdca12507ee6ff14591ff7811024f2bc
SHA256 e678369be94458c9a2c727abfb61d8663b5cfb88b460c46cf8cf76b2c26486f0
SHA512 f2d0e473cc0fca8e45c8f2c0bc759cff1ea541d4411570f146ac3adb58361cdd2ea1cc169b145fd71705750860fdcf0925dc87602a041e56a8958980d7db29fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce0d023e1e65b26fdf451cace3f7a6ca
SHA1 ca3c347ada8974acbd251664ee90bcbeaad3e39b
SHA256 70e7ee7cbfcbced3756b8bf1b13d9098ffa5e0c5e7d92457c4571f1f4b07c5d0
SHA512 73f82c8a717d311718bd022b19448f3d3d7fc3c6a2e63000752e100270ad6c359e6aef9111d5cac8ace60bcd55f03452ab75ebf4ec7052eb3c57ccaf984ddcdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72eade9556d226515a82767f849a955d
SHA1 d786006e9ec5f42cd90c1a0b4dc76b65cbf104a7
SHA256 223874d5fd4e9da38788529444f93bb43857a1a3d0ea52f0cc773e06ab138261
SHA512 d7215fb5f1a60ed7d85e78eb133ab8537e9271033a7396501b73db6843736880cf2dfe904d8772d14c62353e1c1f0d9bfa4f1408d0568faee4325b4ab896d2de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3cec27a3c36aa22b5cebf547b6dc55cc
SHA1 d2cd17b950d433ac7057705658954a860d8d22a3
SHA256 1a041ff4768e3218adedc9387a83939a6f4924cde0ba75772bb122b899a3189c
SHA512 3aa46732bb2b8bf7cf10eb53f51eddb638a55cf6d5e6deb774c609675f0255c5a688656ef5d859ae6f4d6bc874f9ec3318b2676a873a6d138d122509afa193b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 938e7cd8a92c377c39499d3db981ef0a
SHA1 087cc8f670eaf64c427b98fc4f62be0d17c09d18
SHA256 478c68ea6caf585a8ff0415cc0d07aafce6cfc5250d9acc07335972e76cb8214
SHA512 cfd879e55af79ca45e30b1717e489556b6c9d5f07501768e13c38dab05a1ebf2d7313675bbb9e14c95682427282e8dff76bde3dc5937cd84f3b197f324adda34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8cbd9aad41c6d1f6b461dc743387ca6
SHA1 4db1d2b303672109752f0c1023e0528d2f21ffe8
SHA256 cfb0a1a50d7b23ef91e45ae9d9c5dab8bd7050c25300d4c1526614214378e4af
SHA512 631f7e6f2db4b9fe9746829404bdd454a5917d99aa4b6183745d70790f3c06c7969a5fa4262c8ad2b2a380cb697a772f459aa903b27e5b248e9d9cc5b7afa762

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d6d4708f9bd7499f6cdeb20068645c34
SHA1 999ab793459e5e447e80a11db437114de49e0a0e
SHA256 6ad7798882ad1d985773d83eb294015c69439da478a622c707d493b33d8e483f
SHA512 e8572bfc970c184a2cb2aeb5d4b49ce1b5683f88742b38342f5e8fd17d8e65730540d77a773fbab6dbe9a3d438abd78e1c3dc720b2da53a089a37750eaa6b362

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b05e9c6bbcfd6433_0

MD5 59166c3e6a6ac7daa70fdbee3d3cf942
SHA1 1b4170b3206ac48d5431fbb573c2e6846686fd9f
SHA256 566608bb8096d400857a70f74681dc46903233121c71537ccffe8086bf73ce06
SHA512 6686e43d360963fa542be53b3262caf59c508c7dd1fd9491e1a7d2e443687630a9ddd22cd38dcfe1495b523f3b74cb5284be82200414de0072f8364ddd9cbafa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fb868f91f23a966142f6df0353f864e7
SHA1 ad435b90074e4bf10d71a495e7da8d993831aa97
SHA256 43ce2eb7303202c3254f7d28e4ba83085dc1c922bb1e488148078927671124fa
SHA512 f4add098b7304bfd3cb0a6c10122b87284a20e4e3ccf37f43b2cf9820b0cae2c5404625b3f0f87f6b7a5c85daef5f75a8301a08030e26ef621fe8bb179643cd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e97336ee6d86aee07417985ec30503d3
SHA1 6b41a7bf81ec50c240d963c7a4e16e0795bb8510
SHA256 65fcc1d5766c562b8ac7be639f63bc4d443fec0e606a86eb5e81619c8eb4bc9e
SHA512 2226eba4acd553a7f3a37738a0e45ad90e4c6992bbcac47d5ee7dc4a470f4d59c3550eedcf7292cdf55c4c3c25f883228c82a9cc09732bf0a21c578ac5ffd1f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 013af82abf5949c9c9fbc4135449464c
SHA1 16474839b4ec106a5f54b99c7e659c0e5d19446f
SHA256 28399b9bedd02a92ebbfdc1b16f0a915c8d45b70cbc0109500650ba7870235f6
SHA512 6f32132185413da69058bdf6232fb1a52ea632c211173e602348a4e50bca9cef5955241a76d52750fe691e881a83132500a65be2dfffba3b91b6f661956323ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d4d8eec8294f3a31f3e6993294259d45
SHA1 4085f7c00a06f5c34d41abb76237e5fc489af942
SHA256 6eb4e9127456a1ebae3f119d40ac50ace51e0ca208eef5cb4e7ea5bc5e5cc550
SHA512 fc960f95a22fee71777cf4daac0c515454b37bb9542430a725f411d9e79832e5bd42395c1f548883b3ef8e30d6711528b5718cf9d4dd6e2b25042adb1f27cc88

C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db

MD5 731dc614ededc8d237523073793f01d6
SHA1 ef6a1d9f90646d1b08d7089b408da534b8e65af9
SHA256 fda0c9f45a8cba86e1f04819538365f0c57b3912ce6320d1140132b5dddf26bc
SHA512 909d33e0e2077f65ca257a36e436a830937d171b7fea450006056c1b7988b41509258c97dd2383a01cfdc7e58e88a480aee85f99ab633aa699cdf5eca054dc61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa2eefaa389391bb1f6e9712f99b1609
SHA1 5403e64b676035e3d16b81e8818304f36ec68dca
SHA256 f6c11ecc32d0110b4fa15a421ab69055f1f4cd768d747cb64ed5171118981a56
SHA512 4ee01ffe027206d20299573970bf3f084545dec08b1036e6fd908bf6a8839e85a30f367490873a5429ef615e1b21a3190bca0135b1624cd471f9a58c3346899d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3097bc171b9b884e3eacdf357b8cc2a4
SHA1 4fdae852f45ebe7f1401cd53d85d5754bc14b9c1
SHA256 b8af58350e54bf7816d1c96dfa4d4555970022658e9e3613bbdbda1dc9d0c5fe
SHA512 9d996cb3806d537ca39d946f10052da79b10e583996b87411bb0edbc735246c72dd150c95160f248ad587576379ec9c329da79ff73b8f46d9c028d9a4db9246d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c8b1285cd7dba6e49417a09ff61be34
SHA1 7c5060f62a11a5cf3daa4c864e12cb2daba458cf
SHA256 fb3656948fbb4327ba4d9d0eb613be59b056b50d409bf1c33fd4d7a60d6400d0
SHA512 4493fa61b7f17fb72f61833e991adeb8a13ee122387ea545fd66e4cc20d3f27588a55ae8be58a6052c10490b1d8f26b36a98f6d95645a1c1fe90b3c459c017d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1e71ee6e401289cc973549667026a9e
SHA1 589b54529dae20f2d1d08501829a0ba91db87bff
SHA256 d8abedf417d03008800d481d868caeb6b9a16e60bbf652d4a9e57ca7ad5e77bf
SHA512 97e7067d7c7166b3f45737d04da5af19891fd7eb2a7db2e717a4ff6159de09245db7b50c10ec91089168bed70e9b854fa374114b2374af4b7ec8891ec26076fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db43c8648ec68a32231ea72d530e01d1
SHA1 cac5bb0ac8aaac950e8638c76c183da883c584cc
SHA256 5055f9397b811f7ac2812e47b6ee36bf6187cc601ae06a27cafac602e811c1ee
SHA512 a077427ac10c64795feeb69b257f332b49f2de7038537e4376b4d530e6c84a81bbcb6142022c7a54d7136d50b776825454df39a612785a196eac6efd99287571

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70302d065fe72dbb96ac2b1c603dabfe
SHA1 8e292b8418e2fb2652f44534d4eefbb39b77221f
SHA256 68beda5c2bf18730a361bad16ec2d5a8a897000782b12849ded5456ccf5e311e
SHA512 21dfdb67723512ca2382c5bfe60c06448577331bb4afd0cf629209f8a6fca810148f15d0bfac6cd395d24821942037cd8c0dae19dae17e73ed1f2b74db5cf212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ff19e0c634392ea0a89de2221dbb8b2
SHA1 588f05f5567e89eb07b296d0e27d56e988697057
SHA256 b495fe4fba027c7fdb3c0518c9905f8c6cbc598666935c4b788e616021b84d36
SHA512 40abf3625a857bb12fd44d95d4b0b76b2de85c6ecb8b139ce2c9ef4aed45890af286c5daaa905463cf2c7422a292d7c47c2918d8e20e6dcf93aa5c749561536a

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\1MIIYRO3\www.bing[1].xml

MD5 f06bb1d49b799ec49f4479f58286dd44
SHA1 acaef3882944febd1b7c4e1b69fa668776f8a71a
SHA256 8ca07cab839b1ad13f5cf30ce181b3c71017cf9f901cc482e8592c5d9ec6696a
SHA512 9ea5870941c1685c21fc5e6e444e3dcdb766339998484e7dcb856d5fab16a74ac6f0f40779b90c912289d0abb642c6f7c60389a5cf4864419747f584a85979f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 931344e62832f3dc5099beb9888a2eaf
SHA1 a8a1085c2b6bdf1b138ac80a9ff05624aae929b0
SHA256 ca32647d823957c739364aafe2617c907910c4ce1922e06a200d6ffd038c3f3c
SHA512 1f0baa457a077d6d2615c6b86df72d94ad8a3b18310e1b7f4a6c73699eca90db3eca43299f5b764bf3a1ef452b81419d01baf5cc4f0e38c182c5ca54d90c9b0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c03c9e7875c79435815a1ff5a7faf95
SHA1 0502b9dcee1db7f7e489a8d7194dc73392783994
SHA256 d6e0bdfa2b1ef47d99a42c87331900c886761ea13c8077918e7cddb623f7d5d5
SHA512 4d529749aace7bee23c7cfa3e9f47ed382b411483da688e2f944ee472a132431f11b939a6bc3250dbfc9e5bd24427fe19fa2328e3363f3f625ff1ae1cf747ae0

memory/2796-10373-0x0000026DAD330000-0x0000026DAD368000-memory.dmp

memory/2796-10374-0x0000026DC8C30000-0x0000026DC8C7A000-memory.dmp

memory/2796-10375-0x0000026DC8BE0000-0x0000026DC8BEE000-memory.dmp

memory/2796-10376-0x0000026DC8C80000-0x0000026DC8CB8000-memory.dmp

memory/2796-10381-0x0000026DC8C10000-0x0000026DC8C18000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_fz4qxla4.bda.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/2796-10390-0x0000026DC8FE0000-0x0000026DC9002000-memory.dmp

memory/2796-10391-0x0000026DC8EE0000-0x0000026DC8EE8000-memory.dmp

memory/2796-10392-0x0000026DC8EF0000-0x0000026DC8EF8000-memory.dmp

memory/2796-10394-0x0000026DC9290000-0x0000026DC92B6000-memory.dmp

memory/2796-10393-0x0000026DC90B0000-0x0000026DC90B8000-memory.dmp

memory/624-10410-0x00000219C1E20000-0x00000219C1E66000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f185a2edd0401151e7ee4a51f8b304f6
SHA1 509bf9a8a5ecc7a3b7cc7d935dcc19d6c8c53688
SHA256 c71c5e95ee4b60a3c2a7069604706b6dc0c397a8f504df3c171d904fa1550b37
SHA512 2727216e412c5df18a11fe4d80a603cd97267dbdf9c0d2b5aad0ecd49fec78e98f84cd61e2107716f43e6accfeb7aca9e1757f8ab50ce10703a58a23c67be28e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac3969f23995ad0aa7856d541fb9a608
SHA1 0c9502d0088af68e77b7d67d79d3a5fbd137c8fd
SHA256 90cb89c0cd049a58c4913a037e3e62f73a07a25c1b6442660b8dac60917da8a0
SHA512 7bea75db4064d2ed5291ae5bd4a434cb5fbf4acfd6a41a36bcf7a8d6d26fe042f5ca4d8371074372645271520f15a1796fe12ee91126c61fdbaf2f053175adc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7abf8c7c80096646e69515625a5488fd
SHA1 d995221ee93114c1af73962dd7f7653cb7b6fdbb
SHA256 e1e7ed137d61787c5f9384658ad4cb8cf3ae6637d7ff46e35eff005d876d7211
SHA512 d0e7c6fdc40f7d64b47f716ba43937af0fb9e66dab46207bf32a3632d7793bbbf3c1d47d7b776d5ca2087736f78ff6ebd1af7638679a80ab76b7110dd2a0473e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 363c0f45fbc5a0556ddab826aad86c93
SHA1 1ec6b767d4b0bf6072230ccfbc01e00e4d13644c
SHA256 45c864c6733a988f1cc8c5e735d6e7f5f4ced3d7b622a0000d6e23fb811fb39a
SHA512 7d325c620a25a1141e672061ca796594699555a06826dd791efca1abbe3198b34031c349555187629edde9a47303898ce78252ec88aab3434068c4786d4f27d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a649b68e8659df37ab443489854d8af
SHA1 6f6e29f9792ab0c98db62efcf520894651bf8bcb
SHA256 0b0e1e47e0fa1aa4e0d35c40d2ed3f465b941f7d91167742fd76e8a99031e9a8
SHA512 a69c5834003b88a0be9d6272aa5fa03230979b4fd427561365ffc301f3ed4d46d933e8c90bcd6c105c0ca264c4cf31b9d038dc0abbf1bbadf6fe60614ae366ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 126506b0faedf557b75e5c252f5f448c
SHA1 7659e73b824e5ea33d041bab71c975f3b2ba0228
SHA256 2dc16564d05217452dab82a93be07e494e2c99ff3d22b69bbe8dd7a297e19c70
SHA512 5492833723811a16cf7ce0b3cb6ccbcf2237e4e80c63aeb3512ab5ae26ee10502b64b8d7c61e44578732b68f0ac42055c3a69078c9043846c161cc6aa5f1a334

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be471563977c3c7a69ec524a27b04423
SHA1 7cfac65f32adef1ca00f542e497de2d45b53250e
SHA256 eedd296158baa39c17ec48f3c23f8013ca1001fcf16f9982f43bf705ee78e059
SHA512 09857141cc7822b47da6e59e7609e97e62d7946fda2366965ec6326e8b5c91ca612e9500ae83fa5dd873be8d6d8c274c1ae0eb92fbbc05131bab425ff47b0b7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36156c2d7cfb6f3b4cb93c1e4594be29
SHA1 727668b8d69b5f4b56f121f59eee664a4e8702c6
SHA256 6a685fbc760e72fc55f140af05bc64f72cb3ef721f91b89cd52c5181ed9c5f7e
SHA512 3eda03c94b19746479d911d967f8846718e67af09acd5fb444026fdc7b48166571d1a2809b8230d60ef747312cdb4348e0406dec7d7d1221c71a16038286a3cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce111edfb4da168c7416ceb096ad5893
SHA1 7a71aa19cd8098ae7b991f001c590c8d9bf65d77
SHA256 8be9d7a3f88138985dccad8190444a1320c54d11c482618672ff3f65ea5ae482
SHA512 08eb8ad8011d199d05d01d1caeec539b81f2ce083e8c0ef7f0c69c5dab25968b5ab80f426611ce90854b2d6500b7f6a8c4a1f39487147315bd7541f05da05e58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ff12c9182973a2436a48a20a09c7d50
SHA1 225a8110653cd3005169777e8c993599f4cea68f
SHA256 ff5283dab896c59a6c02c8505839f97b0dc2864fe0741430dcac9ddfaaf3061a
SHA512 378ce12891d5a32e0a796de0af6e910a1a3bc87888d3e74e755977e5d4cba4e3faf3f4a673ee1e1fa85fad36f27e7afc144463948b7e75cb9cdf6c1f3e1c1664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f1001160f76f0622d2119f7b8706421
SHA1 15e001461c76fde2a84832f80195103b0eb5ef56
SHA256 8306217c66310154c05cfc633ab67ee8ae1ddc04dcb0a96dc7c8e14c5420d8c3
SHA512 f9e70d92d20f9863064815709aa07c39d731e09b62626b71c92999c32fc9ec4b5895882304b0bc4285e47cb325ec2cfb4160714edfab826da4eba1b46b6732a6