Malware Analysis Report

2025-01-18 23:51

Sample ID 241115-wzpl6azaqj
Target SteamtoolsSetup.exe
SHA256 c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304
Tags
steam defense_evasion discovery persistence phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304

Threat Level: Likely malicious

The file SteamtoolsSetup.exe was found to be: Likely malicious.

Malicious Activity Summary

steam defense_evasion discovery persistence phishing

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

A potential corporate email address has been identified in the URL: Montserratwght@300

Checks installed software on the system

Adds Run key to start application

Detected potential entity reuse from brand STEAM.

Drops file in Windows directory

Drops file in Program Files directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

Unsigned PE

Checks processor information in registry

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

NTFS ADS

Modifies registry class

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Kills process with taskkill

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-15 18:21

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-15 18:21

Reported

2024-11-15 18:39

Platform

win11-20241007-en

Max time kernel

1050s

Max time network

1050s

Command Line

"C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe"

Signatures

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: Montserratwght@300

phishing

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A
N/A N/A C:\program files (x86)\steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\program files (x86)\steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\program files (x86)\steam\bin\gldriverquery.exe N/A
N/A N/A C:\program files (x86)\steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\program files (x86)\steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\program files (x86)\steam\config\stplug-in\luapacka.exe N/A
N/A N/A C:\program files (x86)\steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\program files (x86)\steam\bin\gldriverquery64.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\program files (x86)\steam\bin\gldriverquery.exe N/A
N/A N/A C:\program files (x86)\steam\bin\vulkandriverquery64.exe N/A
N/A N/A C:\program files (x86)\steam\bin\vulkandriverquery.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" C:\Users\Admin\Downloads\SteamSetup.exe N/A

Checks installed software on the system

discovery

Detected potential entity reuse from brand STEAM.

phishing steam

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_up_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_l_swipe_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\logs\bootstrap_log.txt C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_lfn_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_down_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_button_r_arrow_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_button_a_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_dpad_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\SharedLibraryNotification.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\joyconpair_left_sr.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_lt.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\locales\es-419.pak_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_dpad_up_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller_generic.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\localization\friendsui_swedish-json.js_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_r2_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_rstick_right.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\program files (x86)\steam\userdata\1781191105\config\localconfig.vdf C:\program files (x86)\steam\steam.exe N/A
File opened for modification C:\program files (x86)\steam\config\steamapps.vrmanifest C:\program files (x86)\steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt C:\Users\Admin\Downloads\SteamSetup.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_buttons_n_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\loop_4.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\vgui_swedish.txt_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_button_share_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_mouse_mid_click_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\clienttexture4.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_l_down_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\layout\subpaneloptionscloud.layout_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\repairlibrarydialog.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\231390_header.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0343.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_right_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\ChatPasswordWarningDialog.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\config\loginusers.vdf C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\public\steam_tray.ico_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\gamerecording.js_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steam\cached\icon_button_back_sm.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_touchpad_left_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_capture.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0020.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\icon_warning.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\joyconpair_left_sl.svg_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_lstick_right_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\friends\friendgameinvitedialog.res_ C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\logs\cef_log.txt C:\Program Files (x86)\Steam\steam.exe N/A
File opened for modification C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_050_menu_0100.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_r_left_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_button_view_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_lt_click_lg.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0301.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0335.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\chkUnselFocus.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\rampDown_4.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_dpad_up_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_rtrackpad_right_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_polish.txt.gz_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\steamui\css\library.css_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\appcache\librarycache\1420170_icon.jpg C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\graphics\support_flag_top.tga_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\hp_r4_sm.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_dpad_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A
File created C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_r3_md.png_ C:\Program Files (x86)\Steam\steam.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\_platform_specific\win_x64\widevinecdm.dll.sig C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\_platform_specific\win_x64\widevinecdm.dll C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\_metadata\verified_contents.json C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\LICENSE C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\manifest.json C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\manifest.fingerprint C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\gldriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\SteamSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\bin\gldriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\bin\vulkandriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\bin\gldriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\program files (x86)\steam\bin\vulkandriverquery.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Steam\steam.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\program files (x86)\steam\steam.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\program files (x86)\steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\steam.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\program files (x86)\steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\program files (x86)\steam\steam.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\program files (x86)\steam\steam.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\program files (x86)\steam\steam.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Kills process with taskkill

evasion
Description Indicator Process Target
N/A N/A C:\Windows\system32\taskkill.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133761693186189156" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell\Open\Command C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\URL Protocol C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell\Open\Command C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell\Open C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\DefaultIcon C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\Shell\Open\Command C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\DefaultIcon C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\DefaultIcon\ = "steam.exe" C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steamlink C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" C:\Program Files (x86)\Steam\steam.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\ = "URL:steam protocol" C:\program files (x86)\steam\steam.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\steam C:\program files (x86)\steam\steam.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\DefaultIcon C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam C:\Program Files (x86)\Steam\steam.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\steam\Shell C:\Program Files (x86)\Steam\bin\steamservice.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Program Files (x86)\Steam\config\depotcache\552501_2305856327809668697.manifest\:Zone.Identifier:$DATA C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A
File created C:\Program Files (x86)\Steam\config\depotcache\552502_5424450513997223391.manifest\:Zone.Identifier:$DATA C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 384999.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\552500.zip:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File created C:\Program Files (x86)\Steam\config\depotcache\552503_5265732750496163987.manifest\:Zone.Identifier:$DATA C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\SteamSetup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe N/A
N/A N/A C:\program files (x86)\steam\steam.exe N/A
N/A N/A C:\program files (x86)\steam\steam.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files (x86)\Steam\bin\steamservice.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\steam.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A
N/A N/A C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1004 wrote to memory of 4832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 4832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3352 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1004 wrote to memory of 3032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe

"C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ff8d391cc40,0x7ff8d391cc4c,0x7ff8d391cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1748,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1744 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2036,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2164 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4488,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4276,i,9602685773349638789,9414590440325176822,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8d4003cb8,0x7ff8d4003cc8,0x7ff8d4003cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5012 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1928,1007801279327938952,8015076187270421856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 /prefetch:8

C:\Users\Admin\Downloads\SteamSetup.exe

"C:\Users\Admin\Downloads\SteamSetup.exe"

C:\Program Files (x86)\Steam\bin\steamservice.exe

"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8d4003cb8,0x7ff8d4003cc8,0x7ff8d4003cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2524 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3404 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5148 /prefetch:2

C:\Program Files (x86)\Steam\steam.exe

"C:\Program Files (x86)\Steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=424" "-buildid=1731433018" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x290,0x294,0x298,0x28c,0x29c,0x7ff8c0a5af00,0x7ff8c0a5af0c,0x7ff8c0a5af18

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1564,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1568 --mojo-platform-channel-handle=1556 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2196,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2200 --mojo-platform-channel-handle=2192 /prefetch:11

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004CC

C:\Program Files (x86)\Steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2720,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2724 --mojo-platform-channel-handle=2712 /prefetch:13

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3092 --mojo-platform-channel-handle=3084 /prefetch:1

C:\Program Files (x86)\Steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=3696,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3676 --mojo-platform-channel-handle=3700 /prefetch:14

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3700,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3652 --mojo-platform-channel-handle=3692 /prefetch:10

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3880,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3884 --mojo-platform-channel-handle=3876 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=1924,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3796 --mojo-platform-channel-handle=3760 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4404,i,11961353443656406556,11786813786153096576,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4420 --mojo-platform-channel-handle=4152 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Desktop\SteamtoolsSetup.exe

"C:\Users\Admin\Desktop\SteamtoolsSetup.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c taskkill /IM Steamtools.exe /F >nul 2>&1

C:\Windows\system32\taskkill.exe

taskkill /IM Steamtools.exe /F

C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe

"C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe"

C:\program files (x86)\steam\steam.exe

"C:\program files (x86)\steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=4944" "-buildid=1731433018" "-steamid=0" "-logdir=C:\program files (x86)\steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\program files (x86)\steam\clientui" "-steampath=C:\program files (x86)\steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\program files (x86)\steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x2a4,0x2a8,0x2ac,0x2a0,0x2b0,0x7ff8c0a5af00,0x7ff8c0a5af0c,0x7ff8c0a5af18

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1604,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1608 --mojo-platform-channel-handle=1600 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2248,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2252 --mojo-platform-channel-handle=2236 /prefetch:11

C:\program files (x86)\steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2796,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2800 --mojo-platform-channel-handle=2792 /prefetch:13

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3092 --mojo-platform-channel-handle=3168 /prefetch:1

C:\program files (x86)\steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\program files (x86)\steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\program files (x86)\steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3812,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3816 --mojo-platform-channel-handle=3808 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3780,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3636 --mojo-platform-channel-handle=3992 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4408,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4444 --mojo-platform-channel-handle=3820 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8d391cc40,0x7ff8d391cc4c,0x7ff8d391cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1648,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2096,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3092 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3308,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4380,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4372 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4672,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4680 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4628,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4712,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4564,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4968 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4852,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5048,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4996,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5088,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5304 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4540,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3828,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5264,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4696,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4484,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5104,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5700,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4720 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5900,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4328,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004CC

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3828,i,9029951650862781634,11193170427414613646,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3824 --mojo-platform-channel-handle=3836 /prefetch:10

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5184,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=1236,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5304,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3568 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5916,i,12069835371974862602,13817989517044803552,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5884 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1904,14944282162313150013,5930786010195116184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6480 /prefetch:8

C:\Windows\System32\DataExchangeHost.exe

C:\Windows\System32\DataExchangeHost.exe -Embedding

C:\program files (x86)\steam\config\stplug-in\luapacka.exe

"C:\program files (x86)\steam\config\stplug-in\luapacka.exe" C:/552500.lua "C:\program files (x86)\steam\config\stplug-in\552500.st"

C:\program files (x86)\steam\steam.exe

"C:\program files (x86)\steam\steam.exe"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=5376" "-buildid=1731433018" "-steamid=0" "-logdir=C:\program files (x86)\steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\program files (x86)\steam\clientui" "-steampath=C:\program files (x86)\steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\program files (x86)\steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x2b4,0x2b8,0x2bc,0x2b0,0x2c0,0x7ff8c0a5af00,0x7ff8c0a5af0c,0x7ff8c0a5af18

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1592,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1596 --mojo-platform-channel-handle=1584 /prefetch:2

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2208,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2212 --mojo-platform-channel-handle=2144 /prefetch:11

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\program files (x86)\steam\bin\gldriverquery64.exe

.\bin\gldriverquery64.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2708,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2700 --mojo-platform-channel-handle=2696 /prefetch:13

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3120 --mojo-platform-channel-handle=3112 /prefetch:1

C:\program files (x86)\steam\bin\gldriverquery.exe

.\bin\gldriverquery.exe

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\program files (x86)\steam\bin\vulkandriverquery64.exe

.\bin\vulkandriverquery64.exe

C:\program files (x86)\steam\bin\vulkandriverquery.exe

.\bin\vulkandriverquery.exe

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3560,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3744 --mojo-platform-channel-handle=3556 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3956,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3960 --mojo-platform-channel-handle=3952 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4216,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4252 --mojo-platform-channel-handle=4256 /prefetch:1

C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4452,i,6141160093496263497,3275409286274789494,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4456 --mojo-platform-channel-handle=4128 /prefetch:1

Network

Country Destination Domain Proto
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 2.18.66.81:443 www.bing.com tcp
GB 2.18.66.81:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
GB 2.18.66.89:443 www.bing.com tcp
GB 2.18.66.65:443 r.bing.com tcp
GB 2.18.66.65:443 r.bing.com tcp
GB 2.18.66.89:443 www.bing.com tcp
IE 40.126.31.67:443 login.microsoftonline.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
US 23.192.21.216:443 store.steampowered.com tcp
US 23.192.21.216:443 store.steampowered.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.3.52:443 cdn.steamstatic.com tcp
US 151.101.3.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.67.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 23.192.21.216:443 store.steampowered.com tcp
US 23.192.21.216:443 store.steampowered.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
GB 104.86.110.200:80 r11.o.lencr.org tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
GB 104.86.110.106:443 www.bing.com tcp
GB 104.86.110.106:443 www.bing.com tcp
GB 104.86.110.106:443 www.bing.com tcp
GB 104.86.110.106:443 www.bing.com tcp
GB 2.18.66.42:443 r.bing.com tcp
GB 2.18.66.42:443 r.bing.com tcp
GB 2.18.66.42:443 r.bing.com tcp
GB 104.86.110.115:443 r.bing.com tcp
GB 104.86.110.115:443 r.bing.com tcp
GB 104.86.110.115:443 r.bing.com tcp
US 8.8.8.8:53 115.110.86.104.in-addr.arpa udp
US 8.8.8.8:53 42.66.18.2.in-addr.arpa udp
IE 40.126.31.67:443 login.microsoftonline.com tcp
IE 40.126.31.67:443 login.microsoftonline.com tcp
US 8.8.8.8:53 api.steampowered.com udp
GB 88.221.134.170:80 test.steampowered.com tcp
N/A 127.0.0.1:62946 tcp
N/A 127.0.0.1:62925 tcp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 162.254.196.79:27020 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.80:27020 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.79:443 cmp1-lhr1.steamserver.net tcp
DE 155.133.250.20:27019 cmp2-fra1.steamserver.net tcp
GB 104.86.110.200:80 e5.o.lencr.org tcp
US 8.8.8.8:53 20.250.133.155.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
GB 216.58.212.227:443 tcp
GB 23.214.143.155:443 api.steampowered.com tcp
DE 155.133.250.4:27019 cmp1-fra1.steamserver.net tcp
DE 155.133.250.20:27020 cmp2-fra1.steamserver.net tcp
US 155.133.229.4:27024 cmp1-fra2.steamserver.net tcp
DE 155.133.250.20:27024 cmp2-fra1.steamserver.net tcp
US 8.8.8.8:53 e6.o.lencr.org udp
GB 104.91.71.90:80 e6.o.lencr.org tcp
US 155.133.229.4:443 cmp1-fra2.steamserver.net tcp
US 8.8.8.8:53 cmp2-ams1.steamserver.net udp
NL 155.133.248.43:443 cmp2-ams1.steamserver.net tcp
NL 155.133.248.42:27018 cmp1-ams1.steamserver.net tcp
NL 155.133.248.43:27018 cmp2-ams1.steamserver.net tcp
GB 104.91.71.90:80 e5.o.lencr.org tcp
SE 162.254.198.69:27019 cmp2-sto1.steamserver.net tcp
SE 155.133.252.68:27021 cmp1-sto2.steamserver.net tcp
SE 162.254.198.69:27021 cmp2-sto1.steamserver.net tcp
US 8.8.8.8:53 4.250.133.155.in-addr.arpa udp
US 8.8.8.8:53 4.229.133.155.in-addr.arpa udp
US 8.8.8.8:53 90.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 43.248.133.155.in-addr.arpa udp
US 8.8.8.8:53 42.248.133.155.in-addr.arpa udp
FR 185.25.182.52:27021 ext2-par1.steamserver.net tcp
GB 216.58.212.227:443 udp
US 151.101.3.52:443 client-update.steamstatic.com tcp
GB 104.91.71.94:80 r10.o.lencr.org tcp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 2.18.66.51:443 www.bing.com tcp
BR 155.133.227.34:27033 ext1-gru1.steamserver.net tcp
BR 155.133.227.50:27033 ext2-gru1.steamserver.net tcp
AR 155.133.255.164:27033 ext2-eze1.steamserver.net tcp
AR 155.133.255.100:27030 ext1-eze1.steamserver.net tcp
CL 155.133.249.180:27019 ext1-scl1.steamserver.net tcp
CL 155.133.249.164:27025 ext2-scl1.steamserver.net tcp
AR 155.133.255.164:443 ext2-eze1.steamserver.net tcp
PE 155.133.244.50:27028 ext2-lim1.steamserver.net tcp
US 8.8.8.8:53 100.255.133.155.in-addr.arpa udp
PE 155.133.244.50:27020 ext2-lim1.steamserver.net tcp
CL 155.133.249.164:443 ext2-scl1.steamserver.net tcp
US 162.254.193.103:443 cmp1-ord1.steamserver.net tcp
US 162.254.199.165:27018 cmp1-atl3.steamserver.net tcp
GB 104.91.71.91:80 e6.o.lencr.org tcp
US 8.8.8.8:53 p2p-atl3.discovery.steamserver.net udp
US 8.8.8.8:53 103.193.254.162.in-addr.arpa udp
US 8.8.8.8:53 165.199.254.162.in-addr.arpa udp
US 8.8.8.8:53 91.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 162.254.196.80:27019 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.80:27020 cmp2-lhr1.steamserver.net tcp
GB 162.254.196.79:443 cmp1-lhr1.steamserver.net tcp
US 8.8.8.8:53 ext1-par1.steamserver.net udp
FR 185.25.182.20:27025 ext1-par1.steamserver.net tcp
FR 185.25.182.52:27029 ext2-par1.steamserver.net tcp
NL 155.133.248.42:443 cmp1-ams1.steamserver.net tcp
FR 185.25.182.52:443 ext2-par1.steamserver.net tcp
NL 155.133.248.43:27018 cmp2-ams1.steamserver.net tcp
US 8.8.8.8:53 20.182.25.185.in-addr.arpa udp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
GB 23.214.143.155:443 api.steampowered.com tcp
JP 45.121.184.100:27019 cmp1-tyo3.steamserver.net tcp
JP 45.121.184.101:27018 cmp2-tyo3.steamserver.net tcp
JP 45.121.184.100:443 cmp1-tyo3.steamserver.net tcp
HK 103.28.54.101:27018 cmp2-hkg1.steamserver.net tcp
GB 104.91.71.82:80 e5.o.lencr.org tcp
GB 104.91.71.77:80 e5.o.lencr.org tcp
HK 103.28.54.173:27031 ext7-hkg1.steamserver.net tcp
HK 103.28.54.172:443 ext6-hkg1.steamserver.net tcp
SG 103.10.124.5:27018 cmp2-sgp1.steamserver.net tcp
SG 103.10.124.5:443 cmp2-sgp1.steamserver.net tcp
US 8.8.8.8:53 101.54.28.103.in-addr.arpa udp
US 8.8.8.8:53 101.184.121.45.in-addr.arpa udp
US 8.8.8.8:53 82.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 77.71.91.104.in-addr.arpa udp
SG 103.10.124.5:27020 cmp2-sgp1.steamserver.net tcp
US 162.254.195.69:443 cmp1-lax1.steamserver.net tcp
KR 146.66.152.53:443 cmp2-seo1.steamserver.net tcp
GB 162.254.196.80:27020 cmp2-lhr1.steamserver.net tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:443 dns.google tcp
GB 172.217.169.46:443 tcp
GB 74.125.97.72:443 udp
N/A 10.127.255.255:27036 udp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
US 8.8.8.8:53 202.252.19.2.in-addr.arpa udp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
GB 2.19.252.202:80 clientconfig.akamai.steamstatic.com tcp
US 8.8.8.8:53 shared.steamstatic.com udp
US 8.8.8.8:53 steamstore-a.akamaihd.net udp
US 151.101.195.52:443 shared.steamstatic.com tcp
US 8.8.8.8:53 cdn.steamstatic.com udp
GB 88.221.134.194:443 steamstore-a.akamaihd.net tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
GB 88.221.134.194:443 steamstore-a.akamaihd.net tcp
GB 88.221.134.194:443 steamstore-a.akamaihd.net tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.46.73.140:443 tcp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 104.91.71.82:80 r11.o.lencr.org tcp
US 8.8.8.8:53 194.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 140.73.46.23.in-addr.arpa udp
GB 88.221.134.240:443 tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
GB 23.46.73.140:443 tcp
US 151.101.3.52:443 cdn.steamstatic.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:53 240.134.221.88.in-addr.arpa udp
N/A 127.0.0.1:27060 tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.3.52:443 cdn.steamstatic.com tcp
US 151.101.3.52:443 cdn.steamstatic.com tcp
US 151.101.195.52:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 cdn.steamstatic.com udp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 151.101.131.52:443 cdn.steamstatic.com tcp
US 8.8.8.8:53 r.bing.com udp
GB 2.18.66.42:443 r.bing.com tcp
GB 2.18.66.42:443 r.bing.com tcp
GB 23.46.73.140:443 tcp
GB 23.46.73.140:443 tcp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 steamstore-a.akamaihd.net udp
GB 88.221.134.187:443 steamstore-a.akamaihd.net tcp
GB 88.221.134.187:443 steamstore-a.akamaihd.net tcp
GB 88.221.134.187:443 steamstore-a.akamaihd.net tcp
US 8.8.8.8:53 187.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.143:443 aefd.nelreports.net tcp
US 8.8.8.8:53 143.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 steamclouddub.blob.core.windows.net udp
IE 20.209.160.33:443 steamclouddub.blob.core.windows.net tcp
US 8.8.8.8:53 33.160.209.20.in-addr.arpa udp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
GB 2.19.117.143:443 aefd.nelreports.net udp
US 8.8.8.8:53 update.steamui.com udp
US 172.67.172.248:443 update.steamui.com tcp
US 8.8.8.8:53 cdn.wmpvp.com udp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
GB 174.35.118.63:443 cdn.wmpvp.com tcp
US 8.8.8.8:53 248.172.67.172.in-addr.arpa udp
N/A 127.0.0.1:64440 tcp
N/A 127.0.0.1:64442 tcp
N/A 127.0.0.1:64445 tcp
N/A 127.0.0.1:64447 tcp
US 8.8.8.8:53 63.118.35.174.in-addr.arpa udp
US 8.8.8.8:53 new-service.biliapi.net udp
CN 123.6.2.85:80 new-service.biliapi.net tcp
CN 123.234.2.61:80 new-service.biliapi.net tcp
US 8.8.8.8:53 client-update.fastly.steamstatic.com udp
US 151.101.67.52:443 client-update.fastly.steamstatic.com tcp
N/A 127.0.0.1:62925 tcp
N/A 127.0.0.1:62946 tcp
US 172.67.172.248:443 update.steamui.com tcp
GB 174.35.118.63:443 cdn.wmpvp.com tcp
N/A 127.0.0.1:64611 tcp
N/A 127.0.0.1:64613 tcp
N/A 127.0.0.1:64617 tcp
N/A 127.0.0.1:64619 tcp
N/A 127.0.0.1:64630 tcp
CN 106.14.24.113:80 tcp
CN 106.14.24.113:9999 tcp
N/A 127.0.0.1:64645 tcp
CN 42.177.83.87:80 new-service.biliapi.net tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
CN 106.14.24.113:9000 tcp
N/A 127.0.0.1:64652 tcp
US 8.8.8.8:53 test.steampowered.com udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-udp.steamserver.net udp
GB 88.221.134.170:80 test.steampowered.com tcp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:443 dns.google tcp
GB 23.214.143.155:443 api.steampowered.com tcp
GB 162.254.196.79:27020 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.79:27019 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.79:443 cmp1-lhr1.steamserver.net tcp
FR 185.25.182.52:27031 ext2-par1.steamserver.net tcp
FR 185.25.182.52:443 ext2-par1.steamserver.net tcp
FR 185.25.182.52:27023 ext2-par1.steamserver.net tcp
NL 155.133.248.42:443 cmp1-ams1.steamserver.net tcp
NL 155.133.248.43:27018 cmp2-ams1.steamserver.net tcp
N/A 127.0.0.1:64672 tcp
N/A 127.0.0.1:64670 tcp
US 8.8.8.8:53 p2p-par1.discovery.steamserver.net udp
US 8.8.8.8:53 steamcommunity.com udp
CN 60.13.97.113:80 new-service.biliapi.net tcp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:443 dns.google udp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.46.73.140:443 tcp
GB 23.46.73.140:443 tcp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.138:443 aefd.nelreports.net udp
CN 36.250.243.20:80 new-service.biliapi.net tcp
US 8.8.8.8:53 138.117.19.2.in-addr.arpa udp
US 8.8.4.4:443 dns.google udp
GB 216.58.212.227:443 tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
CN 113.201.158.139:80 new-service.biliapi.net tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 216.58.201.97:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 steamdb.info udp
US 172.67.21.93:443 steamdb.info tcp
US 172.67.21.93:443 steamdb.info tcp
US 172.67.21.93:443 steamdb.info udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 p2p-par1.discovery.steamserver.net udp
US 8.8.8.8:53 93.21.67.172.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 41.94.18.104.in-addr.arpa udp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 104.18.94.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 shared.cloudflare.steamstatic.com udp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 8.8.8.8:53 105.42.18.104.in-addr.arpa udp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 shared.cloudflare.steamstatic.com tcp
CN 122.189.171.106:80 new-service.biliapi.net tcp
US 172.67.21.93:443 steamdb.info udp
US 8.8.8.8:53 vinoland.net udp
US 172.67.158.11:443 vinoland.net tcp
US 172.67.158.11:443 vinoland.net tcp
US 8.8.8.8:53 www.vinoland.net udp
US 8.8.8.8:53 11.158.67.172.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 172.67.158.11:443 www.vinoland.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.200.14:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
GB 142.250.200.14:443 fundingchoicesmessages.google.com udp
GB 142.250.200.14:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 i.imgur.com udp
US 199.232.192.193:443 i.imgur.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 193.192.232.199.in-addr.arpa udp
CN 112.84.131.219:80 new-service.biliapi.net tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 cdn.cloudflare.steamstatic.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 vinn-web-tools-dandys-projects-bb4af0ab.vercel.app udp
US 76.76.21.123:443 vinn-web-tools-dandys-projects-bb4af0ab.vercel.app tcp
US 8.8.8.8:53 123.21.76.76.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 142.250.185.195:443 beacons.gcp.gvt2.com tcp
CN 101.68.219.60:80 new-service.biliapi.net tcp
US 8.8.8.8:53 195.185.250.142.in-addr.arpa udp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 8.8.8.8:53 client-update.fastly.steamstatic.com udp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 8.8.8.8:53 p2p-par1.discovery.steamserver.net udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
CN 61.240.220.6:80 new-service.biliapi.net tcp
GB 2.16.153.206:443 www.bing.com tcp
US 8.8.8.8:53 206.153.16.2.in-addr.arpa udp
CN 116.169.184.177:80 new-service.biliapi.net tcp
US 8.8.8.8:53 vinoland.net udp
US 172.67.158.11:80 vinoland.net tcp
US 172.67.158.11:80 vinoland.net tcp
US 172.67.158.11:443 vinoland.net tcp
US 8.8.8.8:53 www.vinoland.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
GB 142.250.200.14:443 fundingchoicesmessages.google.com tcp
GB 142.250.200.14:443 fundingchoicesmessages.google.com udp
US 199.232.192.193:443 i.imgur.com tcp
US 76.76.21.123:443 vinn-web-tools-dandys-projects-bb4af0ab.vercel.app tcp
US 8.8.8.8:53 tmpfiles.org udp
US 104.21.21.16:443 tmpfiles.org tcp
US 104.21.21.16:443 tmpfiles.org tcp
US 8.8.8.8:53 16.21.21.104.in-addr.arpa udp
DE 142.250.185.195:443 beacons.gcp.gvt2.com udp
CN 119.188.86.134:80 new-service.biliapi.net tcp
US 8.8.8.8:53 p2p-par1.discovery.steamserver.net udp
CN 125.38.214.65:80 new-service.biliapi.net tcp
GB 2.16.153.206:443 www.bing.com tcp
CN 123.6.2.85:80 new-service.biliapi.net tcp
CN 123.234.2.61:80 new-service.biliapi.net tcp
US 8.8.8.8:53 client-update.fastly.steamstatic.com udp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 8.8.8.8:53 update.steamui.com udp
CN 106.14.24.113:80 tcp
US 104.21.30.139:443 update.steamui.com tcp
US 8.8.8.8:53 139.30.21.104.in-addr.arpa udp
CN 106.14.24.113:9999 tcp
N/A 127.0.0.1:50079 tcp
N/A 127.0.0.1:50081 tcp
N/A 127.0.0.1:50088 tcp
N/A 127.0.0.1:50105 tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
CN 106.14.24.113:9000 tcp
N/A 127.0.0.1:50111 tcp
GB 104.86.110.129:443 r.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
GB 2.16.153.198:443 r.bing.com tcp
GB 2.16.153.198:443 r.bing.com tcp
GB 2.16.153.198:443 r.bing.com tcp
GB 2.16.153.198:443 r.bing.com tcp
GB 2.16.153.198:443 r.bing.com tcp
GB 2.16.153.198:443 r.bing.com tcp
US 8.8.8.8:53 198.153.16.2.in-addr.arpa udp
CN 42.177.83.87:80 new-service.biliapi.net tcp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
US 20.189.173.18:443 browser.pipe.aria.microsoft.com tcp
US 8.8.8.8:53 18.173.189.20.in-addr.arpa udp
GB 2.16.153.206:443 www.bing.com tcp
US 8.8.8.8:53 222.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 test.steampowered.com udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:53 ipv6check-udp.steamserver.net udp
GB 88.221.134.234:80 test.steampowered.com tcp
US 8.8.8.8:53 ipv6check-http.steamserver.net udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 api.steampowered.com udp
US 8.8.8.8:443 dns.google tcp
GB 23.214.143.155:443 api.steampowered.com tcp
US 8.8.8.8:53 234.134.221.88.in-addr.arpa udp
GB 162.254.196.79:27020 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.79:27019 cmp1-lhr1.steamserver.net tcp
GB 162.254.196.80:443 cmp2-lhr1.steamserver.net tcp
FR 185.25.182.52:27032 p2p-par1.discovery.steamserver.net tcp
FR 185.25.182.52:27023 p2p-par1.discovery.steamserver.net tcp
NL 155.133.248.42:443 cmp1-ams1.steamserver.net tcp
FR 185.25.182.52:443 p2p-par1.discovery.steamserver.net tcp
US 8.8.8.8:53 cmp1-iad1.steamserver.net udp
US 162.254.192.98:27018 cmp1-iad1.steamserver.net tcp
US 8.8.8.8:53 e5.o.lencr.org udp
GB 104.91.71.91:80 e5.o.lencr.org tcp
US 8.8.8.8:53 98.192.254.162.in-addr.arpa udp
US 8.8.8.8:53 p2p-lhr1.discovery.steamserver.net udp
US 8.8.8.8:53 bx-ring.msedge.net udp
US 150.171.73.254:443 bx-ring.msedge.net tcp
US 8.8.8.8:53 254.73.171.150.in-addr.arpa udp
US 8.8.8.8:53 wac-ring.msedge.net udp
US 52.108.8.254:443 wac-ring.msedge.net tcp
US 8.8.8.8:53 steamcommunity.com udp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 8.8.8.8:443 dns.google udp
GB 23.46.73.140:443 tcp
US 8.8.8.8:53 spo-ring.msedge.net udp
US 13.107.138.254:443 spo-ring.msedge.net tcp
GB 23.46.73.140:443 tcp
GB 23.214.143.155:443 steamcommunity.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
N/A 127.0.0.1:50148 tcp
N/A 127.0.0.1:50147 tcp
US 8.8.8.8:53 254.8.108.52.in-addr.arpa udp
US 8.8.8.8:53 254.138.107.13.in-addr.arpa udp
US 151.101.131.52:443 client-update.fastly.steamstatic.com tcp
US 151.101.3.52:443 client-update.fastly.steamstatic.com tcp
US 151.101.195.52:443 client-update.fastly.steamstatic.com tcp
GB 88.221.134.240:443 tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 151.101.195.52:443 client-update.fastly.steamstatic.com tcp
CN 60.13.97.113:80 new-service.biliapi.net tcp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4f3642f68d846314c60a7c6ef4e3b914
SHA1 1f9f03e070bbb8692c1d61eae0098207efcb9b9b
SHA256 5195a2b8f094ec28f377a77da15e256d00c14fd8373fc026de8a5a890d206906
SHA512 9857a3464608c0176a8e6f3a9fc59c69c991c9e16df9cae20e12b9689a32eb1562640a9832a5e1b1d06edc574b1a38833291b684e70b681030ef3ff3aa29d8bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f130adc0329d94d60f68a869ab8f4207
SHA1 183c570e3c7bb79270b13a727674f4506d24c3e5
SHA256 24dca8e7f6ebed31b97269ef3a53a0e92ddb91fdbcc86bc14cea0c28762bc8af
SHA512 0e4f77d58499b7353b80f4e65b8c4f5f412e0610d1ab75fda7f017503f95ed7826f6f47334327cc9166c246d471dfc3709bd9acb7739e5df5cdebe6c97cf9d01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a0eb260290e44962e16a86620846dd8e
SHA1 04264483abe6b5c44eefbcad1ee0687698368f4c
SHA256 ed0f2522bf99db952652dc5aee75d9547d4120ce4a9ae606336849247f3423db
SHA512 68fa8d0c621677584f5c620746cde50c903478e5289f381e1a28f65f42208362fef5891cf16c4971f299576cc37b7986e806349eda99b02da74ea9524f7da286

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bb8c5d5f2bf6cd31c611aa55e19d820
SHA1 1f5500bd0c9cded7c6197905bb00d62dbf45c2f4
SHA256 8b5b439e6fab55f7926318b06986855e17e532c5bf6cb44afed7db931d1b5fb4
SHA512 c355ab708185146449a9cde517f07867f932a99c4e17594c83e547abf090301752603f748dd5d4ca475405267774dc88a57eeb389f09acea363e6314ba68c8b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 300a20b25e7984eb3fd1b7be2c79b5c6
SHA1 d7e81d4a0c7c4bba6f9e1c6275640b3eac667584
SHA256 bfe3d7e8be535a2bdd5322bf28984237ae443b5bc608cf1917c7d73052e50fa6
SHA512 4bdbb2a96e22646d43154d73ec7dea058c71c977ab2a7bdca7f2e07e4c4c8c30db480d3327c91586b8f572dfe6f9604443aca5a1226be90053fcc38b07620479

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c03d23a8155753f5a936bd7195e475bc
SHA1 cdf47f410a3ec000e84be83a3216b54331679d63
SHA256 6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca
SHA512 6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41

\??\pipe\LOCAL\crashpad_4200_TPYHRAHVMOWOPQTV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3d68c7edc2a288ee58e6629398bb9f7c
SHA1 6c1909dea9321c55cae38b8f16bd9d67822e2e51
SHA256 dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b
SHA512 0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3254a65ab1f37e6a2260fad29d6950b8
SHA1 9548e5b2255c1574fe6b34b177a173a67baa8ac2
SHA256 1a10b67dc33a036eb50849cb088683fc2191edf29a4b74a68aabaef8c7552522
SHA512 b1cd5b2e1022fa20d9f21a02478cd4aa0db048c0a91c186a1588509165292d7dbe2e33b762f94545c7d85c02c045ab1ae037c55336f1b268f2fa8317ee0073ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 33c542b024c3e39ea8dc2c1cf8d10a88
SHA1 957fcc6af587538d0fea7443fdb12b136bb8d216
SHA256 d327f8c1e289615316ddb29149c1238a130b3866e72937a9d31826140593ee52
SHA512 ac8aefec8b3f7995d95aa69a8e3bc7196258054f19c35d437b1e8709a15f424791d9b03b416714dcf5e975207f6da21f2b6872fb8d33f126fe9ac711cc80fe03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 513b1a6226b35323e48886f013604bd0
SHA1 d3a2dd780d8b00555b84fe68c36018055755caaf
SHA256 12d88c857c9a82f3f79a84e2544a44337e1f2261f4e789676c49bc260ac3cf8c
SHA512 968c92711211f3fae1b82fd8233a3807775b9028e5a0907b85cb2e14e3e2755b026ef516641cbde31ed48bb5ce848c88c772037a229916a58a745ab7dc015fad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\Downloads\Unconfirmed 384999.crdownload

MD5 1b54b70beef8eb240db31718e8f7eb5d
SHA1 da5995070737ec655824c92622333c489eb6bce4
SHA256 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb
SHA512 fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 398ea5fe8f352b5fa8917e78ab0a48b1
SHA1 4e265688ae4db0ed6c9352855a095aec33164f05
SHA256 1799dc50bdd8798e4fc5dfeab50fe0d4a1bb09efed90ec83710a596b0389cc49
SHA512 8dd57414a51d6aae043fe891cfaf0e66c9f591cd99f917d1cc6cea9364b91ade94e3ec9263e83ea1f11009d505c728c1701c2fdc7ce9b6846b3ab244a8ac36be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fce7d633c6bf2dbc70f8f3248c0cfa4f
SHA1 c0a5e9aad87b15f1795083b7dbd6d3673641ffd2
SHA256 4d540eeca44c0c0b76e980915ebe4cf993152d321ab68f87c0113ec263ab40d4
SHA512 28d4c36ab88c2963e35438e5965f3b04139c3eabab2bcd74870bd18d29f106dff4ae7818214df533d3b27b7a01c6973857622bd66ead3c7e024351e069e60801

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 73952e74f908c9675aeee08d2ee215ab
SHA1 60226c9cb244355a52b49697a2a1c1cce697cf63
SHA256 84eff62f596535b4113613c653517ffc49d8e3d4850fb9c9334578f288de28ad
SHA512 ec017cde6efd28e59d963e12f3a824171eb974d7833e4bea3a6ca165f06accaf26519dd6e8c2b672516a31985420e33fde31bd08625ad2e393f85d57c89fcddc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5815b6.TMP

MD5 ae836fe5244aa04470a0acf9aae52057
SHA1 0192d4ff3b8b0d2f962677c451fbec244c60ce27
SHA256 b116bd037bff51443d89c0b0006cd2d5f7811f8a00f23efd330094458ea8fe37
SHA512 759eff298ed44c94ee29023b51e68d8cc63706fb4ec4cd88d5f31cd8c0a9dee3ac8ee05254b13530d7621cf494fe53ef89914d346636e0e6c7a635e9b00b841b

C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\System.dll

MD5 a36fbe922ffac9cd85a845d7a813f391
SHA1 f656a613a723cc1b449034d73551b4fcdf0dcf1a
SHA256 fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0
SHA512 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\nsDialogs.dll

MD5 4e5bc4458afa770636f2806ee0a1e999
SHA1 76dcc64af867526f776ab9225e7f4fe076487765
SHA256 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0
SHA512 b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\nsProcess.dll

MD5 08072dc900ca0626e8c079b2c5bcfcf3
SHA1 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37
SHA256 bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8
SHA512 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c

C:\Program Files (x86)\Steam\Steam.exe

MD5 33bcb1c8975a4063a134a72803e0ca16
SHA1 ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65
SHA256 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1
SHA512 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\nsExec.dll

MD5 2095af18c696968208315d4328a2b7fe
SHA1 b1b0e70c03724b2941e92c5098cc1fc0f2b51568
SHA256 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226
SHA512 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5

C:\Program Files (x86)\Steam\bin\SteamService.exe

MD5 ba0ea9249da4ab8f62432617489ae5a6
SHA1 d8873c5dcb6e128c39cf0c423b502821343659a7
SHA256 ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d
SHA512 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b

C:\Program Files (x86)\Steam\public\steambootstrapper_czech.txt

MD5 2158881817b9163bf0fd4724d549aed4
SHA1 c500f2e8f47a11129114ee4f19524aee8fecc502
SHA256 650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7
SHA512 f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28

C:\Program Files (x86)\Steam\public\steambootstrapper_swedish.txt

MD5 b2248784049e1af0c690be2af13a4ef3
SHA1 aec7461fa46b7f6d00ff308aa9d19c39b934c595
SHA256 4bf6b25bf5b18e13b04db6ed2e5ed635eb844fc52baa892f530194d9471f5690
SHA512 f5cee6bba20a4d05473971f7f87a36990e88a44b2855c7655b77f48f223219978d91bcd02d320c7e6c2ec368234e1d0201be85b5626ef4909e047e416e1a066c

C:\Program Files (x86)\Steam\public\steambootstrapper_spanish.txt

MD5 66456d2b1085446a9f2dbd9e4632754b
SHA1 8da6248b57e5c2970d853b8d21373772a34b1c28
SHA256 c4f821a4903c4e7faea2931c7fb1cf261eba06a9840c78fdca689f5c784c06c4
SHA512 196c2282ba13715709ece706c9219fe70c05dd295840082e7d901b9e5592e74b1bb556782181cdbe35bd1ab0d6197fef67258b09491fabc6f27606dbed667d49

C:\Program Files (x86)\Steam\public\steambootstrapper_schinese.txt

MD5 56dcf7b68f70826262a6ffaffe6b1c49
SHA1 12e4272ba0e4eabc610670cdc6941f942da1eb6a
SHA256 948cad1bb27109e008f2457248880c759d3fa98b92c5b4033b94f455cb8ac43f
SHA512 c3fd9caf0bd4c303a7cc300faada9cfe6dd752e82d67625b31f4c0c2c091596508bb477fe19f758fdf79b25b8ac3f5320a8785d2b6705b9bcc28a054a59454e2

C:\Program Files (x86)\Steam\public\steambootstrapper_russian.txt

MD5 e04ad6c236b6c61fc53e2cb57ced87e8
SHA1 e9d4846b7e6cc755ee14a5d3fa45ee7d3bf425a4
SHA256 08c775efa77c2a92d369f794882e467b6e2526e61bc7aa7724f48e174524502e
SHA512 0dfb7e6d811d649103499018f3d115c542fcaba420ceb69124a4d837fe162ce514e7be2040860c5ef5f9c01c961fa6eea8730606b73ec107d87597989b6fd331

C:\Program Files (x86)\Steam\public\steambootstrapper_romanian.txt

MD5 6367f43ea3780c4ee166454f5936b1a8
SHA1 027a2c24c8320458c49cd78053f586cb4d94ee6f
SHA256 f8d1972e75a320344e3c834ba0a3a6a86edb39e20ef706bda9b7965d440d1998
SHA512 31aab33e0d272cb43a8c160b3d37256716a683e5052192fd0e4d3cdaf30a10a9afa9d26d5d14ad216ee455627c32892a711d2bc137ee7a7df9a297f001a19e32

C:\Program Files (x86)\Steam\public\steambootstrapper_portuguese.txt

MD5 eb8926608c5933f05a3f0090e551b15d
SHA1 a1012904d440c0e74dad336eac8793ac110f78f8
SHA256 2ed2b0d654d60e0a82b0968a91d568b775144e9d92f2b077b6da75f85ad12d04
SHA512 9113c42c38836f71ff0cc7019aff8c873845f47fbf1ab97e981cb038f4d8495b6df784402b1ee9666e8e567ae866b0284c81e6a16efb47131d5ef88569c4843a

C:\Program Files (x86)\Steam\public\steambootstrapper_polish.txt

MD5 9b0b0e82f753cc115d87c7199885ad1b
SHA1 5743a4ab58684c1f154f84895d87f000b4e98021
SHA256 0bdeee9fa28d54d384e06ea646fbcfe3f06698a31dfdc1a50703ffe83ad78d32
SHA512 b7780b82fbe705bc8e5a527c011eb685c99ef0b2eb810617b9f82b891341af95ef1c2f46dce9e458c0c4dcc3e7a0d21db6c77f03419cd1c4b521a9b72f9017df

C:\Program Files (x86)\Steam\public\steambootstrapper_norwegian.txt

MD5 58e0fcbee3cca4ef61b97928cfe89535
SHA1 1297e3af3ca9e4fe3cc5db78ebbfa642e8a2c57b
SHA256 c084a68b65d507eb831831aa2ab9afb9536cb99a840d248cc155ff87fad18425
SHA512 99aff0c481e34cd0e4fcbb2af471afb56d91aa11be664462b08e17ae169ca03ef77e7063b4ecd0f38ca7b2f6dc0bf2e316c7b31dffbbcfc763cd8fae27dc78d2

C:\Program Files (x86)\Steam\public\steambootstrapper_latam.txt

MD5 7913f3f33839e3af9e10455df69866c2
SHA1 15fa957d0a6a2717027f5b35f4dbe5e0ab8ece25
SHA256 05bc1f4973c6d36002ac1b37ce46b1f941fcb4338282e0ec1ec83fb558d1a88c
SHA512 534e541757d19ee157a268bf7ea358b48015f400542fcfa49cdb547cd652926160f015fe2cf026d9c4996e56ab90ca3899dfd457997d915bf6bc9d7bb00ba804

C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt

MD5 202b825d0ef72096b82db255c4e747fa
SHA1 3a3265e5bbaa1d1b774195a3858f29cea75c9e75
SHA256 3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314
SHA512 e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566

C:\Program Files (x86)\Steam\public\steambootstrapper_japanese.txt

MD5 7e1d15fc9ba66a868c5c6cb1c2822f83
SHA1 bfe9a25fdc8721d7b76cecb9527a9ba7823dc3d7
SHA256 fc74e26a8baabbe4851109512d85173b75dbf7293d41eb3b92a1957a773c8265
SHA512 0892be14a858cc860766afb1c996b2c355108a7e50971ea3ec00d15069e919a6eb05a61fa839bea3938492c391e274144c5e248f4c204a602bf36adf27e5b406

C:\Program Files (x86)\Steam\public\steambootstrapper_italian.txt

MD5 8958371646901eac40807eeb2f346382
SHA1 55fb07b48a3e354f7556d7edb75144635a850903
SHA256 b01ec64d75fd1fbd00fbeb45a3fb39244911a8b22bb43de4e0c03f205184f585
SHA512 14c5dbb017822336f22bf6779ccd4a66604ddc5f2c3caa24271e96f739fef007754d96844efa422d6682cbcd2d3bc902c36f0f6acb3eb87ed8d7b3f885973554

C:\Program Files (x86)\Steam\public\steambootstrapper_indonesian.txt

MD5 1514d082b672b372cdfb8dd85c3437f1
SHA1 336a01192edb76ae6501d6974b3b6f0c05ea223a
SHA256 3b3c5c615fd82070cc951ab482d3de8cb12df0b3df59fbd11f9d3271fa2fbca4
SHA512 4d41c945ce7c94746875b0dbceb14811d4966de4e97fe047406a304162fde7e1e2a16367fc2e43978e2e5aa66749f036b4444aa2312673c2cc3af296e8b77f55

C:\Program Files (x86)\Steam\public\steambootstrapper_hungarian.txt

MD5 18aaaf5ffcdd21b1b34291e812d83063
SHA1 aa9c7ae8d51e947582db493f0fd1d9941880429f
SHA256 1f45bb7bdfa01424f9237eec60eba35dc7f0dc4e8c2e193fe768fe96d3ff76d5
SHA512 4f3e56d1abe26b56d3f805dc85baaca450c0c7bec57ebcf8a6bb6ebb8588307dad130c83bf792bac76694909a14fd6a4d7d1e9b31e32fba11256343b9fc18154

C:\Program Files (x86)\Steam\public\steambootstrapper_greek.txt

MD5 189ba063d1481528cbd6e0c4afc3abaa
SHA1 40bdd169fcc59928c69eea74fd7e057096b33092
SHA256 c0a7a1df442ac080668762df795c72aa322e9d415c41bd0a4c676a4dc0551695
SHA512 ce59ad9b17bab4de1254e92ce4fe7d8c8242832f62ab382e8f54199a9932cd11b5800cc33895441426373d5210cc74104e0271b721a7e26ed400b716ae4d5903

C:\Program Files (x86)\Steam\public\steambootstrapper_german.txt

MD5 5c026fd6072a7c5cf31c75818cddedec
SHA1 341aa1df1d034e6f0a7dff88d37c9f11a716cae6
SHA256 0828572e4fa00c186dbf1d9072a6154d65cb499c6a37e338f3305f77a2fee382
SHA512 f9d28714b2a05f8d9025f1692e4d7e8baa6daf6176353f65646a38814a242ef2adededa44419edd69f10cf96ffba506dab7cb6e52111457bf69cffef12174b12

C:\Program Files (x86)\Steam\public\steambootstrapper_french.txt

MD5 10c429eb58b4274af6b6ef08f376d46c
SHA1 af1e049ddb9f875c609b0f9a38651fc1867b50d3
SHA256 a1f6ba57ee41e009d904905c0ce5e75a59ee6790e08542561303109e1faafa13
SHA512 d8760f61760bffd8671b727d386ae220e7e6e68829a01553cfd5eb60ef8bd1d7c1b25e7b17a6db5bd17ba6712ef44999726764459318e784843c73bc4facaf46

C:\Program Files (x86)\Steam\public\steambootstrapper_finnish.txt

MD5 9e62fc923c65bfc3f40aaf6ec4fd1010
SHA1 8f76faff18bd64696683c2a7a04d16aac1ef7e61
SHA256 8ff0f3cbdf28102ff037b9cda90590e4b66e1e654b90f9aea2cd5364494d02b7
SHA512 c8ff15373b37e848e6239a82424569e77c82a5fc557d17e7d2ed1d0d2b2f7d026cc1e2bc98cb5ee945c02cfefb82803c23fa6a26f48ff0adcf762f94cd5dd035

C:\Program Files (x86)\Steam\public\steambootstrapper_english.txt

MD5 da6cd2483ad8a21e8356e63d036df55b
SHA1 0e808a400facec559e6fbab960a7bdfaab4c6b04
SHA256 ebececd3f691ac20e5b73e5c81861a01531203df3cf2baa9e1b6d004733a42a6
SHA512 06145861eb4803c9813a88cd715769a4baa0bab0e87b28f59aa242d4369817789f4c85114e8d0ceb502e080ec3ec03400385924ec7537e7b04f724ba7f17b925

C:\Program Files (x86)\Steam\public\steambootstrapper_dutch.txt

MD5 31a29061e51e245f74bb26d103c666ad
SHA1 271e26240db3ba0dcffc10866ccfcfa1c33cf1cc
SHA256 56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192
SHA512 f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8

C:\Program Files (x86)\Steam\public\steambootstrapper_danish.txt

MD5 03b664bd98485425c21cdf83bc358703
SHA1 0a31dcfeb1957e0b00b87c2305400d004a9a5bdb
SHA256 fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115
SHA512 4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d

C:\Program Files (x86)\Steam\public\steambootstrapper_bulgarian.txt

MD5 4c81277a127e3d65fb5065f518ffe9c2
SHA1 253264b9b56e5bac0714d5be6cade09ae74c2a3a
SHA256 76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9
SHA512 be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a

C:\Program Files (x86)\Steam\public\steambootstrapper_brazilian.txt

MD5 0340d1a0bbdb8f3017d2326f4e351e0a
SHA1 90d078e9f732794db5b0ffeb781a1f2ed2966139
SHA256 0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544
SHA512 9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\modern-wizard.bmp

MD5 3614a4be6b610f1daf6c801574f161fe
SHA1 6edee98c0084a94caa1fe0124b4c19f42b4e7de6
SHA256 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b
SHA512 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

C:\Users\Admin\AppData\Local\Temp\nsm248C.tmp\StdUtils.dll

MD5 db11ab4828b429a987e7682e495c1810
SHA1 29c2c2069c4975c90789dc6d3677b4b650196561
SHA256 c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376
SHA512 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9534e876c850ec16a63c52f12bfa1c04
SHA1 92e2852fa576b95b8a21be3b31af70b12615a164
SHA256 1f773aec0c7f246d564ec9e97e1b22704d674eaa4af30af671bafbd3b93f186b
SHA512 b7cc8113a923c968232905da6a9cafd50fe49ece7400207aad3d1cba75ac293e0be93d903f7f5a025bf7e73b2468b268f0c3ee974c96bf0fa3d32afe740a7162

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fa5d720ad6f7c034fcb898f792d2359c
SHA1 bbd80f47ace3cfc715eccdfea3856d157ccfc361
SHA256 a92eb27d24c8088ce9fe01caa4bc1dc72c1e36b9273b6175f68f938b6049f9e7
SHA512 87a65f5b7da9500323f99cd819da7c2cbdabc0a06923beaa6bf48188347f44b1d44ebf1df251434da48e7f2d571d9f08553a1cfe5166a1532ee5d477a48f0d8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e9db29210a8636323c54f4117d40667e
SHA1 07ae4d587f82db79efa7618bcb30a6081ee9dc27
SHA256 1ab3f6b952d7452472fbba74c8400c3ea6e8e3bda05c0dc2f223beb75ce43747
SHA512 51eeef402307e5d44f05ae53caaedea846cddcfee662044837f4d9cc0ce9f42f92761ec74329efe6928d8b198f17089edcf1b90d1576bef23c5dfd7f205a511e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8986c8622dab757b6e77f28b4e69e1d6
SHA1 c1523bd0981417e9e28b8b54687dfa202290f659
SHA256 7b89fb4c93b6ecf92eb8b87b8a5ce930aa8ab0d9f25fc503b6b8dc478c0aa2bc
SHA512 1b60cd185eb8a0229dab7edda2c1c9857dce69916682a3ba4acfbd9a21a5cf6df0fd499912d57726bf703c69bfc8c4b7b95d01852f30b9f44d76d254e8de7f8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 26fb9988bfc4a323a338a3cc5040e713
SHA1 d9648c8a19e82d0bd8af8cdb93adbdbc7b92dbb1
SHA256 f04fa0af0c44964099128af02e023b57d0e07e8ac5176ff6b896bb16c6809932
SHA512 a6d9014105d826db76a79ec91396a7335252ffe1fd53dc843e971ae0bb33f57bb36b65fe338a86b51bb4834e1c397e88492df98e77ab9ebc7e34135c2acefaa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a1514995-16e4-4e6a-aa4c-209727ae696c.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a1b41aff677ea662e9f1365e621aa6b3
SHA1 cb9d069c5d9592c409d961bcf077f76fdf0a9832
SHA256 e7f058ee26cebc510d3991a9e4b23ee44f0a8700b32481cd347deaaf026e7d91
SHA512 78dbb52715af20345d3f7a934d1480a00d3523a9c95cef150d185d86ceeae3c651d3aca949d524a8980bf9881110142b5f750204acc4bd151442212b4b7cdf8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d6af8f5b02c7171f85edddd64f93b852
SHA1 298567e6202601bcabf1276aaf58a7692a24a874
SHA256 daf4cee7865c01e9e8ea85814699c012e1746865ce29cc87c43021cccfa72dfc
SHA512 86770c1ef665fa6a9f40fbbfcbed7cbc6aafb842569b37efc725debfd4a22c5d023162f68a1e3c98d30701d3d0b1ce1b00fa7ba944dbac0df62f621331da57df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e2c9c6ba52d5fc538f61075af66d47fb
SHA1 cb8163aa252172e88cfca27eb54d17bd10ec8cda
SHA256 0ddcb65076b923a8a5c7195e34bdbd74843b695627748394fd38adf52f001a55
SHA512 65b067a95c8304a4d1dca3aa1f1eb3bb99cfd320fde7f835093ae76e6627261d3ae08c726018e4eb881ba41c699364eef9f726e66d44bd736dfbfe630eda2018

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0d798f9155ff66477f76097b097e218a
SHA1 1e517b93263fc79a336259635d0431eb2d3ced50
SHA256 4466f1b1a33592e1d681a4efd5c3e15ae6e886c0e8f33dd2d6901cf58c6040da
SHA512 b362b449c4f4b5aea4752a9e2ed4cd9c056156cd7fa62d65475423f39272f632885533010d5a99cf2818628f112cb61d701f159c963eba62b2e5045ec7f493e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 5da3a84a1587f4178fe947caee009f30
SHA1 b156028dc081adf180e3b1e7e2528e1b74c5bddb
SHA256 b556763a181fb826253bec34fc2c89160777b6dfc70799fdbe6f133d16d63469
SHA512 ea48e5ef9fac76ba9be8c6357537d0af27d062833d59598f48880354d060aca3238e0edf7d5f8101b4189c4fe945479b18f2d6836374e713a6ce29779165aa8f

C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_

MD5 577b7286c7b05cecde9bea0a0d39740e
SHA1 144d97afe83738177a2dbe43994f14ec11e44b53
SHA256 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824
SHA512 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0

C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_

MD5 00bf35778a90f9dfa68ce0d1a032d9b5
SHA1 de6a3d102de9a186e1585be14b49390dcb9605d6
SHA256 cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2
SHA512 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041

C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_

MD5 836dd6b25a8902af48cd52738b675e4b
SHA1 449347c06a872bedf311046bca8d316bfba3830b
SHA256 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64
SHA512 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80

memory/1236-13088-0x0000000000EB0000-0x0000000001362000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\wasm\index-dir\temp-index

MD5 d5eace267fd46785137a6618782456a1
SHA1 1573029e9183e70eaa5c9eb128e92d2176d014ee
SHA256 39b1ae27d72c421330d85f9ec8e2366821a71206c7d0f4c93bbeaed1e8ca014f
SHA512 98e92348e9e0c927942eabc56f8db385739d7b27d73a47559d98466acd84fafb0d31acb10d098ce41415b4140a0c6cff85e32a0e1662b2efe833473248ec04d4

memory/736-13124-0x00007FF8E2440000-0x00007FF8E2441000-memory.dmp

memory/736-13123-0x00007FF8E1950000-0x00007FF8E1951000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Program Files (x86)\Steam\config\config.vdf

MD5 6e6a2b18264504cc084caa3ad0bfc6ae
SHA1 b177d719bd3c1bc547d5c97937a584b8b7d57196
SHA256 f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53
SHA512 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679

C:\Program Files (x86)\Steam\config\config.vdf~RFe5af3b8.TMP

MD5 3cdebc58a05cdd75f14e64fb0d971370
SHA1 edf2d4a8a5fc017e29bf9fb218db7dd8b2be84fe
SHA256 661f122934bbc692266940a1fe2e5e51d4d460efb29d75695b8d5241c6e11da7
SHA512 289c40fae5ec1d3dd8b5b00dd93cf9cada2cb5c12bcfefea8c862ddf0a16dced15d6814dad771af9103b3a5d3016d301ee40058edde3fdea30d9767146d11cd6

C:\Program Files (x86)\Steam\config\config.vdf

MD5 a2ec2e91c3ef8c42e22c4887d032b333
SHA1 e2c738a2e9400535b74e2263c7e7d1ecefe575f2
SHA256 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3
SHA512 b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3

C:\Program Files (x86)\Steam\config\config.vdf

MD5 6d93a8160c0d5691ca25aac3fb68ab41
SHA1 69914cd6ba3f23315556e262cb70332276aa4224
SHA256 876cbb52bb16c7cabde3c59d75be10b724333c5b1ca00b58df49295366cbad2a
SHA512 ff8eea3994d1e418b6f5a9a3b5381e42aee49485e447cf7ec1dbc94636d64422448bb8051aca06659bc2b40bc5dd284aeba35b6111f137ccf85b40d3b2646a7f

memory/424-13225-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/3544-13230-0x000002B9CCEF0000-0x000002B9CCEF9000-memory.dmp

memory/916-13231-0x00000224260F0000-0x00000224260F9000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0f4e4cc0e154a674a9e41a479272fa0d
SHA1 deecf4d56288d7bb302bcf4930bce0d14db451f3
SHA256 5724aba1f552f6888d7a0edacd9137092bedb81ecae129e2e19db2af0d94493b
SHA512 2ea5435f091d31238f2451472a14422876d4e522cc10e7ecc434eedd09213ec58a343e7035c6eaddb821c26d3a5c07ef1153d68f74452c0eadb6f34bdba397e1

memory/424-13254-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 e537461656819ba779d69f626d9f36da
SHA1 5c3eca89cc7e2218e36b2368cd27f93381a3d865
SHA256 8517a7b98d3d84c6736723dd4779d66c8a4074a570d93f672fc4535fe52f772d
SHA512 683a1b8240dfe223eb2ab6604c396ad18b718d20796a5d46aa6321e2d0f1d79b75623a16e4453b27783c0940da6f497c4bd2fa6bef90f476f8c7b7f99ef41d1e

memory/424-13266-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13269-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13272-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13275-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13279-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 846ac81e202b4941ee4238198bddf0d9
SHA1 f5c62c099ea87ee638c067e23278f8273d452850
SHA256 0c9820f5f8e863535b89d40bf1a416c4595172e48e00ab6181241034a0faf651
SHA512 8690130a7259e28b95327cedcfc18430c7168cdb7762aac106f8c66778ae5cd7f58b7cb08d2cfe8d61e4509674db4af0a3bb031d144146bb02812051c5e54119

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5c018e.TMP

MD5 11b5fb9cc5a72c6179896a6d22b3c4b5
SHA1 3c6780271fc46de41c3083bec250024847e1b2ac
SHA256 7845ec2a1ddff7a53231b36462da3a0dd4d151e2c5e553a596dc82e892539c12
SHA512 7fcf933e8f4501a46300986af0b8e63fcfae2c5baad1dfb608414774aa51b3ff73e7ff2a72d9c230c7872622628a4a85c6f2ea814eba7c31ca41a88d429d77b8

C:\Program Files (x86)\Steam\config\config.vdf

MD5 22bde6640b782103476d8a5c7e9107d4
SHA1 304e5e1f1a41b556b7c1ebeb1b52d29916fd4fb9
SHA256 3fce054e8e7ebb325f0f3f3d6f6be6149665abb2c9c64e6c531004bbde55cb8d
SHA512 702fb516393d73a615f5e04f61f4c726d45c44d399558310bda250f0aabceb0e45bd7ea6481c959dc332ebe6132266e85f6e0c7d22a96adead4cd733278849ac

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 ad0ff2d52399f1259d6f80efcebaf8e6
SHA1 e16a17a64caa780cd01f93652fd7dbf87e7c1859
SHA256 5843407f1c9dd0ef90b0a94fe879ac03c23094ac9d17a34d62674f25ee80b3ce
SHA512 52aefb6c1d71e4ab0f5498858732ecf7ac6ac4f3a83f8a7b6da746bc482543af70f1ccd69ac8744e3c8d6484c4eec72b2d4257faf5788156da9c9661e6ab84ac

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5c14f7.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

memory/424-13333-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\manifest.json

MD5 2ff237adbc218a4934a8b361bcd3428e
SHA1 efad279269d9372dcf9c65b8527792e2e9e6ca7d
SHA256 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827
SHA512 bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3544_472142511\LICENSE

MD5 f6719687bed7403612eaed0b191eb4a9
SHA1 dd03919750e45507743bd089a659e8efcefa7af1
SHA256 afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59
SHA512 dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56

memory/424-13373-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 32c3356ecc1f12f1e3e7378e4e25ef85
SHA1 138da6346dfa40e8f4459f505fc321f79ee6f8a7
SHA256 37adc6e805e17db0db7f51bd149bb72856ad45e61377e94d1e07d4788511b05f
SHA512 501a37f10b373966d121104464c75a182f27845af258d81496224da29648862681832dcbec4f8732cd5d0246d995e0e89a4463b6e97ec4ea717889ca429aa018

memory/424-13385-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13388-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/4428-13395-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13394-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13393-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13404-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13405-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/424-13391-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/4428-13400-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13399-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13403-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13402-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/4428-13401-0x000001BC932E0000-0x000001BC932E1000-memory.dmp

memory/424-13414-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13417-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 2868741445a52a736b013852b46504a4
SHA1 63c6a317ffb9c2090fa5c05f665ca118f9525a1f
SHA256 cbda228128a17d4084731b6949cbfd40fed2eff233ab3f74f3b0cf8314686319
SHA512 27e605a6d626e6a8c5f06f9ab80ca1ccb5fd2fd7fadd9d00938018772adaad1d12081baedb8946fab949291d57394f1ffd74c07a176974e4531e64a6f1fbc026

memory/424-13435-0x000000006E4C0000-0x000000006F800000-memory.dmp

memory/424-13438-0x000000006E4C0000-0x000000006F800000-memory.dmp

C:\Program Files (x86)\Steam\config\config.vdf

MD5 65c317eea3bda3194303d2dd613e39f2
SHA1 61e0281663f75502110ce8885c6036241715de05
SHA256 0166b25ae835ea8996586689a0c5b6dcbd505b9825f9135ad762478cb334ff01
SHA512 a9c77c50191ba13685d5d770271529fea5d83caad18936e05da4ef3df0246ba266ccba8aa23cfe9988cea87bac7877249228e84119dd7d3e2641ee5fce8d4b1a

C:\Program Files (x86)\Steam\config\config.vdf

MD5 39dba660c7ddb965bf2cbbd4647bcf7f
SHA1 013a69813e78df4a78a9f235c500e6709fadc0b2
SHA256 2c4e9b49519d984e9502b9941210a780879380fa365107f7c80231bc66e3af0b
SHA512 899a220f8021a5b11af203d49454cc90c3e6b566d4cd6327e62659b9084af83f9f112b7de10de0a9ad01e3f14cd3cdd3e4c6c715aa92f70059d5ad53c99f95e6

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json

MD5 602c49f9246967bdcff45b4f43cf2fb0
SHA1 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d
SHA256 a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114
SHA512 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77

C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5fd6f0.TMP

MD5 68b20851ccb9834d21fb32615e42bd43
SHA1 88fab935f0b9484994097c08f785e9ecb7d68127
SHA256 a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f
SHA512 dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity

MD5 da1fd30e4ce7d767db32d9eb3738cd24
SHA1 c79ba6654666a7f9d60249bcecfbedbb2e654f38
SHA256 d176e30b5152f0ff911c7149cdc5a0a629c3efe3a7513ffc8dfed206191d92f6
SHA512 fae1df6c2cb767320f764581cd2cbe7e75cf4ec52e086363095cb9dc292122c95bb79b5ead4091312676a8b4465a08f8c1331771364bb58bd834f713222b450b

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe5fd77d.TMP

MD5 548b1e980c947f90153b2afc1ec8d4b8
SHA1 948946a87a7370da8d8cc30caf5e6aea7fbe9bb8
SHA256 11e5600ee7548f4423df8af1deee126994eef98339337058250df7b13fe581ac
SHA512 b1b3bb98bf55c6ff5bff66403de818ebd9c2ccf23ad3c6fdf6697635f08b7e2e57296e0018109aa04d3262789217354192d6ca4b51d09516541c4d56b465d416

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 2d6d7082de6dfb4b9bd3e7b601f5bdf7
SHA1 4c457421f3b8d5ab53cd1acc972119f5b82b2b46
SHA256 624b6c405bdc5f71581eabbea23b0e850d4a7e12ad3d89d200f4f35d56a66286
SHA512 c832bb8aaea247b3462f7477b08717c5425a60cf4f534c3da8cc3b40c3f27b3ba73d9fe5c81c80503cdcefc56ecdadc8ccb2b41082ae487e569a6e0d16ac81d5

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf~RFe5ffd06.TMP

MD5 8d0da17c5672293fbb5f61699a32c8a7
SHA1 1496d129d207184bd3bcaa8c77f933a7235bec17
SHA256 465b9eb38c2ce06f7e85eff3039134e1d16b078ed38175d37e9fd70ba5f95f1c
SHA512 9179a44392699d89a03573d59f2a035a8948f2473a2e22625e5e349707b1020803ae8ffb6ac78be118cd8c17539758eec4adfeff9f801d314d229534501d0020

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 bd605bfd3d1b7801d2b0ca17ad117df3
SHA1 1cc59585aeed77f47f1782785713eb283584819a
SHA256 7e500f83de50fc14a92bf9af1dcac995b0e0f0771071b467d533e0fbc68e185b
SHA512 b5715afaacc9fbe626d2878b04079e60c664125765987622ffe4d4e837e3a270ec0949c8afe6690a5f4b0c60a10c6aa0f6f44954cc7d28d408c5873445ae7d1e

C:\Program Files (x86)\Steam\userdata\1781191105\7\remote\sharedconfig.vdf

MD5 ada35405e809b0c843930aed8deb08f1
SHA1 5aae28fddd224b25f0cc7da9c4b539278ec52afd
SHA256 55dd54f9045809eb147de7ef5387305e2f5bc971381fe3cc3fd36ca582c0ffdf
SHA512 9ae095318eff996fe357e2290ca851a41f7357adc0d78fcb15f0c2418de641d6078a9e641bda5dbf79b0dd7ccfa9be99474a7c6da56a7239f58652010cc6a69b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 6e427e1f46c56ae7cc07eab4da8ec22d
SHA1 9519b9ebec9d9daf0c8bd981bc47c3a643abbd42
SHA256 44e4a8d2f7bdfa0ba8481eabb10bb216feac1d7638d98732b9d0b1d2cf918889
SHA512 244a02d895515e48b76308a4503d5b34821d529d602bf45d1ce8166b4d5b0e13f8985c6e396bc4e5a15b41f195a652070c151d00d5e8b389ff83311bb7fabe41

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 b834916dddc5e25c5feb20398e39fd36
SHA1 d58879bd9480bbcbb53ec5f2b7c314d23f4c613e
SHA256 98e4154d137c0e0baae9ba62bf4f2f0f599c24347e0083201f25eee03c230e38
SHA512 85cc40eef1fd9d94c7ed137310b2f6faf149bdd6dbaa8b7d1e10d605d606b1b264562c675804c1fd1e53e573ea092b33936ecdfccb21158783896b933360b0c3

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 f62e534e7e94d58fee11a105722700b9
SHA1 783a84c98da8fd09dfc701d9f1e43493b1c07bdb
SHA256 cd017db9ad89a0fd07d8658b1614cc5400556f83bb8d0db5a7831477e6f7c4da
SHA512 b4dfe8a88c4f51081e37c496d9de834c20981c158b12885f610958b6e21b9b6e0b12b7becdc4cd94b6838298c40b503ee9171226d264fcb8f21aa15c4afbd2c0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 e7aa43dc52c42f3c9610bec0774ac3a8
SHA1 166c811c355fad0b60724fb9c6dd0068960f009c
SHA256 4513c0db86137903c97a2b6f2f48d21a47adbf848910a3fc969db2dd2a39823b
SHA512 f2ce7d22fa39c9380eca7766c11e196d003bd788fb0ed521752f4c4721f4c36eb1df229ce5499148c3dc3df6161a5d84e50254ba5e1d082e8d21cff2c90b473c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 687e2c9a327601f9b89c184ac463f81b
SHA1 fe0a5ab1f64974c5908e400165d1118b82195f09
SHA256 73094af98d9a98eed5e35bd4713a42a55038d5b6f025d4a6cf8aaf3af9d70c68
SHA512 b973264313d9a68334b2a46ceb67c40c04c40ba3c5564414e20c44673caa866f34efdca0d3334d8e21057712d84ae63b4e05e8d9b4ef12d2f71b60bf04701654

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000002

MD5 8f661b8c2dc08d06a2992b1006fbf95d
SHA1 51f7614ee218ca027670a3bb0d7cfe1f23869602
SHA256 8bb39a6f700638d352b26ee0cb86fe5fd1127397dbc18d50a5bf37eb9ef6519a
SHA512 80789cf71769f1c03910535c610c942aa4be684433bcdff360ba309a6c15b3878920a49d1d1303c322de64f200b8e5d316b428b66668d51f9ddffaac0aa5f80f

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000003

MD5 944531387ce01bdf7ad736937b9b13b6
SHA1 df6268ebe74638714887588a1f43506b915e717b
SHA256 d6c997210287cecf290cc7c5cc99c13a46d874786d1747cace5f00713069e2a7
SHA512 25cbff327f7af6013476a5453847a5f0a4354a8efe773a4f7f8e29c4b8c12ba8105ed344109cf0a83ee6fe986468c2318b212d2eddc1dc2a6fb4ad9c7f9fc4c2

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000004

MD5 b63db6116a515c8ec16b58bbb1a0db89
SHA1 c8b53c1566bc23bf614f3faf2dd0e2be49aae50b
SHA256 58cf7a378014be774e0348655722edbf63b5470f6a4e84b19bb46e10349189a1
SHA512 b114bbb09dab653809bc63b9b7ce66be04b4baa50fa4ae938b1cafd86eac94b7742ece421fba8c491ad3b95980960acc9d30dc6f0c5e609f1494571583641ab7

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000b

MD5 a421438ebae11fcb4808982f78536c8e
SHA1 cb3287d6dc2557343cc2e4723f6bb5e5534ab075
SHA256 8d40f05f3d7b0c08cc959534185a4ec52963c06322e7c31dbf90266d9a0c6bfc
SHA512 5f6e88895377f671f867464313290d9cea0ccf4377ed74153c3fa745456ac35f9686fcf0a2e9643316c60f5bb677dfabe1ff408a56318c48e0f7853954abfe1c

C:\Program Files (x86)\Steam\resource\filter_banned_english_cached.txt

MD5 009ca439b8e68dbdb83850d51b07c736
SHA1 b8dd1986d15aef3dcba09c954577c780b549c582
SHA256 4bfbbfd0114ee78d7795835c64aae6dc6b525547748c5dd1150d7d1ff8757c43
SHA512 25e90b8b737b30879ec9073457cc7b30bdc46ed71b8885ce14f9c1946476d65c6bbdd0ddc19bb09c406cd9439837aec5c8ad007dbb5a4378842e1634429b093e

C:\Program Files (x86)\Steam\resource\filter_banned_english_cached_timestamp.txt

MD5 3dbfab45dc5699ad008586e555592bfe
SHA1 75481ecccc3cbe1e04dd6bcb215f8a76907a9e08
SHA256 a668b4e84f298c8b29bef63db15421084a41f7eff163e7812f6a06efe1f706ab
SHA512 2fffabae1674d33d9199f47864b5eb42031ee47ed5bfae4ea57d986fb586572d8d6dd15a567c761e00788ed912e1d58bf3256df3fd73bc117acccfc0a0135a41

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000c

MD5 38aefef2ea44c17d501cbb38cc0c7e54
SHA1 55dc9404f34f790e42508ea8d74d6ac87c8d6a94
SHA256 29f8a8da900ab06670e7e9c437bd27528ac311b4995d50c702972b29440ab194
SHA512 6cd0e45c109d9ef0e0a3419246af71b9dcca214775116bc5c318df53ab906ca33197d831d0b3c05ba004fd31889a5086454eb6e0ef12e594035d3b89f1d1e157

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000e

MD5 487b3b54635e5e78cb40f06019e3d266
SHA1 5f27d3247d223035162688d39b8ca8921d662c38
SHA256 6ee6a4b5156c04085388db04e54cd35f0b77f68902545cdcbda5367503c0979b
SHA512 64cdd50b84d9cc6a8b39c70bf7c442e11af54401a02fa745d72f0a12fb9e72a64b9f2772bb8a98c489ab18a8d5fb6ff753e6c6922e2fe86117eff2fa63efea77

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000d

MD5 0b871b22a9fb5ec24eb0da086ba874e6
SHA1 b180b06bf6e4a95d8c9b536df2824fe5b7133afa
SHA256 c6d86a30917c54a75fa50f6db39a42c852ec80f5382ce4a454dc2d2b85c24d2a
SHA512 3d9cdd361ce2ec22b6dd7d091b8a257cb2764774aba2f5d3e23c254b4bc8353a1767b11982a77dfc6cc92d6f7723d1064a534375e4119be689c6501a3f56fdba

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000f

MD5 757750902210ff3c0d12dee4dc5165c6
SHA1 a3599ca4bd5da9fb9c83e26813ef62327c541566
SHA256 72ff7d67ddc7bd23885cbba07f3889be27b50cb597ba41fd546343416676ba67
SHA512 ef5cb66e561d5f208a872c65b6732bdaa082d421f9815c8a5a439d5e749890e032c2309c1d7ec66d93d1f897941bb5e2c5f860fd9cf8e13adfbf1ab60aeca27b

C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached.txt

MD5 0b8f38d6f219adb6af9a46e34c8b55c5
SHA1 abfb7eea3e2073ef536ef4c020b79dce54028174
SHA256 c6cced2a542c64817209699a48ba5c17f32ad47a5bb799d395d707f665378de8
SHA512 4a4dcd5efb3433f23848b7bcc18a430f05107985e48f280874f0058eac863b3ddac9f849ab55271f619c026a6282387f553f1ec25e16eba7cb68c850f314beea

C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached_timestamp.txt

MD5 9283e8f3984c6c7b87d772f36721a0ad
SHA1 864f9fa32988fb72d919de12b93e7f56942849e8
SHA256 9d8d4f60565654379c5096e62b0930fc9e87cf49259d31af0a9034fb790a7d50
SHA512 9858a8ae89a520eb5ba0126fef080539d7b849498243b1b30f72b915b3b12a48e13712eba8f87e2939630ee44b8c55f894092e38390e6094b756422a784de087

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000005

MD5 31b05e57c066452d73ab005bb42865f7
SHA1 2a8efd5d7753dd756c539ad66831b01f603fb13c
SHA256 84d0be622ddeef6d0793df5d274965d6d13a756979b4b484185dc7a051eb4071
SHA512 f793863cec23493b58311d37720fe7d48e21c92da5cbc9c5d4562e47a046e33be4584d58a1c031513298c55a9c33f5e591fd5ce831c9c33af9c2594bb071c277

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000006

MD5 3e4ece701c7a870cbb5bd42ea916d816
SHA1 26f60d9fc12dff15f9c618001b4cd61a481b86fb
SHA256 9082884d69e4b9a0f1090c330c6b25b19a71a2084cf1eb8cb113105d2b116a6b
SHA512 74f5b0d39505f8da3cac088442d954ae58492e7ef04f2f8c542b1f2065fa044ec427e2912d69f53192ff3025d0256b6b85b770d47500ba7c56d77d4ec177da0b

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000008

MD5 48ffef4fc267c7350a37339001bd1a02
SHA1 9379041d4d542c116b420d014c7ebb68137a008a
SHA256 254467e453cf3cae3c70085b41462cd71b233c247b5e212f444347537b4c4873
SHA512 34b459dde39b3056e2f0a4c593b342d32829c9eebb2b01f146aefa0d54f0b52ecf4954873cf76b424abb25f84370d0b5ac06fdac734b397a7444b4b64b4d52f6

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000007

MD5 4d01e326592ce2f559ff1613a10a00f1
SHA1 fb1c762040ee1e36bcb7c44674638b32040fb74c
SHA256 56c9ff85451fcbe3d0c8a80051d5cc690d9731fbdedb6549b4386c6010519078
SHA512 e8f9cb416f7ef90613812861ac6033d712526dc3fa11ef59a1b5929f649a063c176024d2e3e3cffc5ec33e7f516e5fb3d082947b059ef812f701eabaff17b16e

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000009

MD5 1044a2c8b2a2fbe3768b96eea4febde0
SHA1 d358bb622e287edffd920f3d48d7d81d824729f5
SHA256 263dc1acc920ec09e81d5c67e2edd8e53194a121167e08513410174a3b1e3022
SHA512 6d7f68697c7142060bc25e2e9263525e5e50ac1b2081f7741dda59a15779bb0ce9a29283887ff37d80c438a227494e78ceb648a3677bbfc73f6331b4c9794df3

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000a

MD5 7ba2988724b43c58850ce67b80289d3f
SHA1 441dc568f1ba2b86541a5424a269746b45a8a3a1
SHA256 2d42bac87f38f3b59963c4a149970f96ed871f5b9216e463c9878ff08f056642
SHA512 295e9316083d27821622f83229e5c86699ea9b27f5b5f054e689fa8190d84686127f878569338a830ba9d0e4d5eda8259326fee6f42d8845440100e99436293a

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000015

MD5 57613e143ff3dae10f282e84a066de28
SHA1 88756cc8c6db645b5f20aa17b14feefb4411c25f
SHA256 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
SHA512 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity

MD5 a148151ab8fc31a9f770b2cd0cb92ea8
SHA1 2c9a6bee68cbc14f03b8198f72708d8654be13f2
SHA256 b5445ac4e0b9366bf8aa1c5e22b174f24c5e41db372664c1440fdcd729062216
SHA512 7f36a0d9230c30367502c1f71442828ab37fd664a3e0a07c3c7b2775352953cc906aac8b069f11236c47f7096422422448c7e68115f9529586c0da14fc6f32ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7114561cc4aa26c013051790036fbb5b
SHA1 6f24770dfd6effa8771d3f46b6e90aa8a43f4f0b
SHA256 8a37f779dae9e9e8070f3d2ba1ef39608c0872a13ef0611c0173848e6a973508
SHA512 e80723db185d63d544b6fa1c75c106156ed9381b5ee0dc84b5b3c6e3d3fef7d663959b623b9dc287b253e1d04555869bb9b240028abfe600a06114e29d11ac30

C:\Program Files (x86)\Steam\appcache\librarycache\1113280_icon.jpg

MD5 7ecdaf8a54ec52b20640a88527512903
SHA1 3133a4d748ad3be61fe9db759339cd5de73339b5
SHA256 7bd8b75aec0a4d4a377f3ca3a023fd8b7c5fc7dc6a2a66d17f8cdfe5b731ab0c
SHA512 60ae2031eed0c38264f0d8db22a9b6efeb3f80c791e916e15a1730853162d56e0da014dbd93a5479bae4f3bdd5705ca89be70c90574a524abd1c276ed5c55a2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fa232e3243dd464cd43f10f5ba25e227
SHA1 8d9efc76b504a9005499ef98b0ddfbf1a44a1ed3
SHA256 518f84a68cf93ddcd5c7263af33fdf8815653e14e3b6e91d9d8a8eb56302b173
SHA512 284615bc8069170dadaa9387d3acca090e1ade3a20ca27a1824d14748740b183e203af83e03141bb0cfd0e33cd8f7786c1021837f1a7bf91177451b49fd5c849

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 4c4d0e5337c4cc97d8301e7d974ac93b
SHA1 fe4218dd6495c23808d5433a89f29bfe193b2bae
SHA256 a7cafb311b23717a4a3ee953d7fb7a8530376a831e826d28e17be5db58d5af8b
SHA512 527905cf74bf150896c28e5b7cc3915df45bd24bf5170fdd74158c64221c106e75b9c74780d9e3d585d0fa5f8bb5834a9e1131aa88cc036d36b382c05c06dd1d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 19e720219cc50e4b7ec965138d8d9ace
SHA1 129cb77ae19bdc84102e168227dfabcdbab86a22
SHA256 4d5a6967ad1aa9c84f6cba474698c2daf856d97627cf09dc6889acb41d91411f
SHA512 cec25f5153156146f3d27d9e73d8fb3796395772b0d9741f00ae2fd5faee25f08eb3186bae8058598c0a68daad96530c7903e8fdca4e3a23db384f79402edcae

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000076

MD5 fa10e6c5b03d75cd2384e4c13fb928b5
SHA1 b9d53e5b9b2022cd675614f102c4e837cc44861f
SHA256 1a9b433a4b7fd61fcbe3b188f9c31a2a1b8da94cd17d8b3b482b91a76b116439
SHA512 c90898f9aaaedc16fe2c98b5b5772f2f59af5d48b26cd9f3caba3c9c3b3f95b541801ca23c11f9ab4b16f7002e3ac714204cdb0606a55b05003e36f7e3d94a6d

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000077

MD5 466c5b2051dd16570d77e4cf9ffe4b0c
SHA1 c6f790199d39d549d873ebf712ef7830784d86c0
SHA256 faad9ce59bada6d99ee30d341ea61f5d7d65eab8ad84aeca83e92239a5ad223b
SHA512 73e3c7602b7ea5720b20b124b1cacb36b9a584c5b6411049324984e944b2351b3b37bf0f43729d3163c12e2b3a6ef06cc41a945cdbde3618c7e5fe4ad94dea13

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000078

MD5 86637086da4ed0f8dcf3ecd056b1d45d
SHA1 b633058a7c42511971ed357c6c44892042cf3525
SHA256 b8f4c85913d11722020f04a8111ded8b0d06500d76ee464a1f42716b7bf89b84
SHA512 9023bf41e7d824794a25523be90e4d4e9cf5de3e23af99dc64463369d63c5a08057761a66fde782f6a513432533bdc2210682a1ce53918ed112d64fc72b7a5fd

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000079

MD5 4550f0edc857d121bc30af4bf001a981
SHA1 a7d158c7ee071a8f5cdfcda5fc19908eba271bf6
SHA256 809bd67e52ad5e5e7513da1178a3a3009f9a2a295fccbaf0c4b25917cda09402
SHA512 d24ad7ba3a44b930d07ee515c38a5300e829c5f101f3bc1bdd3f8c91e2ca9e0abce44c65bf215999a752a823aabfb3719b18faff3099c4b5ada8787d7ba631a4

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00007a

MD5 78eba2ea86a7b7eec670e67ff6b87ab8
SHA1 07f21d744f9711bac5c820e9cd51f4772514fcd4
SHA256 87f6a4082390919d4dcddd2f1d3720086e97b944de76bc762fa4736c78ae061c
SHA512 a45cd0bdff8a94b6161043cbcc5c4f4360296e19f057f8cad6ebb3903dc5514e8ef123bcfa299d83069c0c9bce8dadab6772479e90c3a69e73280c5ed147a961

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 320da476347bbe17c7108734202dab76
SHA1 23c12b6fe71e02c2ff598593559a25e4cce47bca
SHA256 68d32ff7554f9639d3794953c51c9d37c0dee93cbcef35ff0b91b897875bfdef
SHA512 935addcbaec35a9e29ffca2ae337f654b365c6535eeafacdd83bb087a6ba5c132695b8467819962a193efeebe5978f4e0044f0640375e552888af8a71b19c388

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 67772aaf478eb2c97cda6cf2bde462d3
SHA1 6421c7cf74351bd560056883feb590b4afa243d5
SHA256 f0ea3b15ad31f7249211f930e66c470236763406d1b297afa2084300214216d2
SHA512 297cf398a81904e9c253f352552742f304b56ab6be57408cea8bcbc5cd1dc027b8264ff09a4de0005537d2f88a60379a8374d8d9612c07898798bc71389aa469

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ac8daf2709d773bfaee7015fe9edf436
SHA1 02cec689fe4d12b60fee15f83474a7c280ae2dc9
SHA256 81cfd7aadb17704c0b60919d7c7600dec4c67c46bf359d291753a89ada412697
SHA512 8c59dbeb0169fee82e94382ea9916726b951f5a3e9eea9b24ee57eaaa7e0c9dcfe7114432798fb018889c5207fb41158e1110f6d2873f5d1abe4c4c7703d9ff4

C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe

MD5 1a475aa5000d3958df447de17e0dc14b
SHA1 8a45a8a2b38a524633a99abc7994aa0ac46c03ce
SHA256 1208c4d240918ab0b4767bc6a5c0cbe83ee7f21408fb0c5ea68769ebea759b3e
SHA512 e86be352a5732d18db772f3fc80a70ebb223d68148057663ed18aab5c2221fe6d1cb48d4f4e22940419e9144aeacdc03ea05739352f86aed7ce967afd7e80911

C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00001e

MD5 6fbaf1869a8b812ce7f6aa189ca6e31c
SHA1 00ad9909ce7dd7a87c2154fe705cb53d0ff05782
SHA256 18bd4868d8164d18874b791fe2a88ab0a57105a726182786183d76a239c6056b
SHA512 19204f4ae6c5dad6a733fb0cd6275c1affaa56c88828d68c2139dd579a7824c749a5b530a573904753ab2b3366eb962d4af424ac2ad393285a9a473ddab72659

C:\Program Files (x86)\Steam\logs\cef_log.txt

MD5 90728152962056fd5427935d330b057a
SHA1 b1485173c829a06d18cb5921bd440a651c5a37bc
SHA256 7502671e89e85aeb21213a5c4524fed73d284e0caadfc7cad73f5cb9f3725116
SHA512 71ac59da18a0a2ca8a1194646845283f69a083290f9a9c979c5cb035590dee173f5acdb302103b6983e4d729090dd328b97ba0bfbca60f6a75d403982f265275

C:\Program Files (x86)\Steam\bin\diversion.dll

MD5 fb59f7262848e6c9413d76494d88e1c0
SHA1 9fcb582deb9e69b8b8f36522a859d206633010cd
SHA256 32dda887447b7b5fe74d7745cb6c2d28c677ba479435b4e4bdd8b7ac36379866
SHA512 1d2960b7549d4ce63041dd8e20f73a860d8ba32d7a70671a9ded5d539d364a68c621c6f95fe3c00b586cc2ec397d25211f832b5a72414d70c08b6cf6bf644776

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2c537e3131e4ce313be5245d563a3609
SHA1 e11244b85eee4da636740ee07afa1649a44046c7
SHA256 fd3598e32e25fd785273410f9e5fd2a9d1f4b065fe97cda15bf11a9fc5c9aaf3
SHA512 a42f2159981ada4c4c65fe92837ee6d61686fdf52c7eef3addd1be8e6f4489bfe779edf0c16114a66e16ae27413c4bfdf7c61dbc1563cae71db340de8d461094

C:\Program Files (x86)\Steam\steamapps\libraryfolders.vdf

MD5 de41d10aca2cf9ae2d58ea928fd43187
SHA1 b32b783ff3c1514d11ff218c1c7939a6c9b3590e
SHA256 28952eec97b873a5a92a70ddeb02031ff8883e81c5141d5ba2d57c7934dd318d
SHA512 5897663cf9d7d1e40d1abc9b04632cf543f9189f0c08841340629db7b50903d1603041ffafc51068b38dd22c7f27cbf704bd9b4f320c978c305aee36d7cadf74

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 1c8224b92ba998b707c38a87a3752949
SHA1 5adecde7695036960ff13c0757f2d3c37533d945
SHA256 472ae2129fae1e73490c01baa14ebbeeb8a2ec6abf944c473b8fba89c74d092d
SHA512 dc0cddd2da93faa4ce2865cdc5bf0c64d5ac5bba2aa753a45f47dc13ce92e64c86ac244c201de00eba38439819c6191544fe610142f4e3703e3373b73b3c02a6

C:\Program Files (x86)\Steam\userdata\1781191105\config\licensecache.async4944.tmp

MD5 609d9c801b8c7edd838ab2a169b367e8
SHA1 ceec43a2596e2f7d8ec8c93356423425e8d78f21
SHA256 2a8dd38845316d36bf6f1b504e065b0abff607533f92d0c4facfa059c4a7df69
SHA512 a30c5511b4ecf395fff6897b75d55ba1b482ed30b0a7b5b9af4ca62e901bda9f24785278112ed95e157cd5cc94aacd7648fb7012c7125bca8bd3253dfa7c3664

C:\Program Files (x86)\Steam\config\config.vdf

MD5 0f9b94d8278a13486646acb125a5b63c
SHA1 a3e46802e47f79c7bb55fb09ddb68ea1e901c241
SHA256 d247c76170ca5b2f0ca72b27b5294d2c10fca83c90fdc6a770e9720baf10cbd5
SHA512 399abef9ae00c61d9bab560018abb40197c131985084cff348e68e9cfab86cacbe166825040eb943c30be439a9617b2995b282aed93a85a70ca34f064a27fb21

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 cb1f58180ca3a0ed2f9fbe06fb1da982
SHA1 710df79d4c5ce87d128239cc18df4755064778e1
SHA256 4d11bc80a43c61d631c1ba92694100e0dc675361273d22b7cde00f9e4aa94532
SHA512 8fd16961d2d303134c738b168fcb1d3072530d505401ed0ea164579081a41f5f0c325e725c6e708cb0612d9f0dc42d7c7e49abe28827f258f51378e12d7a895f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 31dd08de58061df17c199860230ee673
SHA1 7939978aae99478ca087497a96e59f3c89a52c36
SHA256 278b4bd9ff2d723404dc2931beab6578be6e7e3720773ac9d7aafd44ea3d12cc
SHA512 8e2a8c6c12d656ce9ee4ff5e98fbb839fc7955ac7d668ac29118dffd21e346061b58fd733df9f33d1e6dfd5fdc0c84804091d6e9ec0a03fe695e5776f2e9997c

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 944c47da60059914ce75d21a7651110c
SHA1 79c9c774fe153146975ff322e113c3b33f755475
SHA256 a74b37d119de9e05cc322ed69f559e0bc741c0b785606dc24b1ef3303cf2b1b7
SHA512 791573f61f6b84c9894e3b9126f77f275b63a358e03d6a9580eb927481ab86525e8c7d47699903d8ab476c979d3379d9926477e00df2ade0c00199bff759879c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 b72d66a2e854ce9087af83dc245e5325
SHA1 586912ac15ff13f5c70495eabeee9b8efd771d8f
SHA256 83e6762a3d9d30cee9dd28283d24fa124af4493a5edaa274b9c26c362aafc26b
SHA512 74305c04645bfc508a6651fe0e270124f2f41423ddbdb79ddaf9923e4f335ed2b3371b4aca681047abac948b94b4f95c9cf27291116dc62a22940bf3edd9fb79

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 68282c4e3baa26feeda934b40ad855d6
SHA1 db50ff7fa7b61e6c692484a10790cec554944128
SHA256 4efbb99c09d00fea2d9a3ec108b6b1d23413009b9871978c1d633c0599843c94
SHA512 4d3998410c2cc4a5110012f082fc057116faa045fe857838f11516f7a8cd0f05e1d938aa151a840b056aff65497938a7c009ddc9bfdf683664c45996372204db

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity

MD5 cc5f880dc0550d05a99d9f0f9d221bf9
SHA1 6e290d3e3623f09415cfb20e467926a1f89e2a42
SHA256 372bb3a7ff0cab6a81909a83369723da82272e4e8092ae9f0e45d16ae9e45b12
SHA512 8010c717d9b869cd48ed597aaa95617c8494b3913c5ee9528a777f6add166694aa373bc7231016ec7d00e9442b85ff3c89c047d4529304e2f9331187734aefe9

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 6517ae70e1b604c027b99f77d5238027
SHA1 63a99893868105e7b344feb6821dd81b4e479d4c
SHA256 89c1c50915c9044eb5b6e8d2efd9800835cd012e74702f329b02ff92bdfac7d5
SHA512 9dead94c01d990fb03d7c1084840e86c6e7f16fd5ae76479e85aa22cc7919991269544904e8eeb51487be707690fefda8222cfc136bef6a83fc7463ddd949a50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 46b257e2db3a3cab4fe4e8b36a53c612
SHA1 2327a773bca75530bc9bd7c74ef0ec3acbf99adf
SHA256 e7c310337da9c0b11f73414f116c230092a508f82fe7a57d2fb80a16d1d0973f
SHA512 6c9cdbac647aa323073edce54767cff14c7d54ae4b41034980833ccf8567d05985fb9a148772241f9a070622951af71e0cd943dddc1bbf445dc1c217393855e2

C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json

MD5 1b491b4b5ad9e7c0b7baf4594f4f7225
SHA1 5f2e6d4d7a3a0ddd82b9386fdbf326393f53ad60
SHA256 27aca5a6cd513fcf78d9eaefb0902ed8b9ba8766989b0d9099a4d41cfb5395c7
SHA512 d1bc0dee227ac346b3d0f7e05fa6c78d84c8717f190c511373f5895753b6c638a49b18450ddeab4fc5d674f4d3b9e8081ad7ed1be30319c6c1077e5574a798ad

C:\Users\Admin\AppData\Local\Temp\scoped_dir4920_961053638\b2a9fa40-585d-4c83-b69d-667410d17b63.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir4920_961053638\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 456cffc9b6c0a154866563a4e6192d17
SHA1 43ba78e554f02f3061962641f6d4679a7ddd1186
SHA256 6bccf000b51883d707a007f31dccf54f02f12e7affa71b6e1e82cc4ed2a6c297
SHA512 2d4a8d0bcc1cf4fbe628dd563a0883d7b6c84937396b0c34ee9b8361df359b2aae4701a9ad2325edb1798b47da7c6e184b50c2a096d98cf2629e266e323f9c07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\fb52d6a0-29fd-4632-93f9-3d2b4649d6b5.tmp

MD5 852d52d8e52689435da883bd17fd4745
SHA1 64d026ae87757d3d09f00131d076856a22bc4cbf
SHA256 bf03899eea4e7dd467acb623970972053a612463d0f4b2225c19499379d922db
SHA512 1969972a78d819ff0a0cdf0e91b083f3400b7bfd11dafd280ea4dbf91104fd780162f160d22c8048d7631a287989da0cf37c5b0694742036f76e3f4147501316

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53babd91d80090fe2c1f8a4b9dedfa67
SHA1 47d04dbbabe853c6b0cb539495d3d5a7e875c647
SHA256 a36b55cba7c56cc9e67be639997214f839204686d9e0292a49e91481bad08e50
SHA512 7c1c9fa7ded0436510084a26572ca9a0327cf7349d9c32f5025f546d7dab057d071c675795a4e8b6b9401e28c9e8881df005d20613f26f51740593999334e9b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9829cd9f9f1739f6688f43b3f7ccc374
SHA1 bfdb6395ba7f1f743a80bec159b149d382d69cd8
SHA256 f6d02537c9e34d4323a845e73bf4e04ddb09a4e95738945a889bcd2427b16b7a
SHA512 6c67bfc65e6b5338a627a3959f661183ae29ae002dbf38683ef001cdfab966d8be76549ccc15c0afebdd5372e3c2d170a77289266a30b4eb3f1985dd02258aa8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 b75036fc973c0af2899d86b1e93362eb
SHA1 b79adce756b7c5db9f02bb92df3f7fef8b2b9120
SHA256 4fe6ce632e21635c14378bc1ee34133c2fc2f840ede5fa06cfb6ceca509b62a1
SHA512 e32fd5b13b8272c4fef3ed521522ca0797f515026fe46a0560029dc0cb18d852198d2fda81500f57b5fbf271cb8df1d6b3fa5a3b8bc9def9cb09a02fbc0f9e40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79b6b6cd0d582c08d143d25f701ee535
SHA1 30cdf2abcb6254a474c282a611dbd931ff57aa11
SHA256 6f3dca9939ea413054219951580f6eb4e0f50ecb077e82bb5f378848255951a3
SHA512 b52a04bf6010fee4785fd47d649bfd8d1579d93c8c9fcd8d691afc0ef941af5c27a738925f2a183bbf197c83e70bc0489b189031b4c69538b20b9fee945bd71d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e2f229435dd77c228dbaf735e166d6a
SHA1 88da3836046befc215095edd9e32942321addbe9
SHA256 4d6649023cd6795fb6891181cf1c3aeb2b47c14c081390071a2c1de4c7a98a30
SHA512 d120ce186ce7f3b558340eec05b77c6f6d4ae8360f476d9d15cf32583404de352e4615aef614dd3ed8170e0658c08dca5b035e858855b19bd0276b9ee74701cc

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State

MD5 324a0d5a8cf38f865ee2046483acd59e
SHA1 90104f743d59be370816c57c0fb7aa153e7a2c2f
SHA256 eadde7a88ca13b46219b92f8c96f845c5b953fff8fb442fa76f6a6d66bee12f5
SHA512 a5ebdcba27b60efaca1a6ebc5e2eaca860357d1f0df30bb15cb6adb2677b1beda5ad2162dc49d92a518a9f1226224764be527d01eb73619c54d8213696b2c140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3807afbc946ff24e241caebc0aa8fef7
SHA1 4e59e34007279ae7f261021e460d060f93a03a9d
SHA256 242c6c7b2608bac66fa36c5416aa8303aa45d9baefa3eb33d1fa41c8418b2430
SHA512 b477af755baa9c49dc7b02864dae4f1482d0296f4a1dc634fffd030c6b4fc47d5ff290ad0b0186798389ab6b950d08aabb5fc760375af67a12ed36f101ead7de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1b8d47daea1f08f78b3cf36f89a2b21f
SHA1 8a4d6f0506987dfffe3ae0bab390efeaabfef3b3
SHA256 be594bf1050bf94893c2f5ccbe96285681758e28cc0b1c94cb578f5f95b3054a
SHA512 961466615fa51d863cf4d8da4124eb760362c726f1be747820ea5c35af81b548d68fb5a6a9998e890ba4550fd8333f1a221be0ddb4e5344b158171493dd7fcea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1f8c4efc450eaa599be16514a5d1a1f
SHA1 94cc60c5eb6724223672ec88f08ffad94052120b
SHA256 96d14e5d6f77a9dfe20714710a7b4de8ae43b13c89d45791e76716f9f2107e2a
SHA512 faa1195ef47668dc6a764fd6ee8229ef8c3b1e3d53d39f797edd60de90007b67888bb7025ecaff3bce3aba5bbede3df7b66ba1d3387818317bfd58d21a7b00b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d53ad98fb986c4d2c780a9ef44e30d13
SHA1 def9b74952c716eae14497584def1abde1a14d88
SHA256 b249cca0dd72240515d26618eb9900075ad40cfc8e059e7102a52e34c75a55de
SHA512 5c3bdfb66e1257291c2c708255f33af8d117a5667f1d2a4c3576bafe34adefaf97ef252fcc84c91bee3275797f8e3c212f06e5472960bad7d97272f60c63c27e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fae11f7278ce4429510fa535bc29b7a
SHA1 20c3ed4b90467012ec33ac001cf094d2297768ca
SHA256 6a52e3b2abf9e39c2b23e4523eb755258585373cf6eef669188d491a44ffe675
SHA512 1b1df6555ab9c9a5d8eaf4d95dac4be63ac6d03caaa8f5a5c5380c9f00fb2dc3dd16df6e274d04531f4a6194779d71f90c6aabdfbd231ad8c76094d81cdea8d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 62de821d00058bb5304e3f3936699b9a
SHA1 605f3fe02932cf1332435c97f5c588013ab0b31a
SHA256 fce3b2141c8b614a99fe72045bc3febd7e44417d9c7521684e008005800bd30e
SHA512 94bef97a8ba7ca448644b234e78ef3d921dca3021df4328d5925cd7ac5d198f97230c1a4cd660791c37c95c1301b3bcb243b416c8b619bcc19a7929fe655701b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fd7e77a31e355dcbe2bed8c42c40bd3
SHA1 fd31bdacaf089b4140b4cafe36349a7f354e7f79
SHA256 b2704e93352d7c404c88ddaab75a1561d7099d537c22ed8c6900ea35705a1390
SHA512 7a9331297dfd23d2793248d89f2c31ce5ef2c5c8110aa566c868ab83a776412ca4ca09b4c97b32bf489da36341670edb95258ed1bda13b198013c709f4784b9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 3b0e6433ad6958e78d0b13a118aeace3
SHA1 65c721c4a496b670f9956c9b8f752cf495f2130a
SHA256 70403c13bd7acfafd9d222f305f68e17108505d51f25a8be9cd5f5c523c45229
SHA512 4d946288f933982b1055cc5a1a9274d3aee2f5653715199f5b5b206dfa1292047665ea2d3f85b085813e490ff3931cbd6d8d709e7dd42a853680ee9d4865fea7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 8944f8c2a3dd2373bd6351e19e699d23
SHA1 d496ce92e5215cac64aad11f7a15ab89c4096894
SHA256 708b7baa59a80d80465229b74f1dcb599d3ee76515a93d304337b92efb964afe
SHA512 a82f224a0cf562af49902cee3d20dfdfb0b5a53d32750b0bd0cd6ca53453fa0387e18864def75b6d00c035456acbd057e0a3aca06fc72924fab76b63ad29157f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 46a1550a4bbaccd13a8eb46a359a9f89
SHA1 237befb8851c19fe6a0adce50bfe9d155384b5c4
SHA256 b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
SHA512 33b787e9d21b30c9884624b15fd5a3fb95e5f758cc08ba06fea2f097d84e0957d4acecba6c12403a95ccc3009df59e59f7d9edd856437f5688c38fcbeba5dfd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 279e5a64038565325a5fda8f14a9b9ec
SHA1 00211a6168ac64860cfedd40304560b213e0041c
SHA256 220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b
SHA512 1e97a2f0249fbb2a6624148c8206b22aa8bd2acd02630541b1267ee467120cedc5efbfd788eff4b02b2a01cc28862e002ad04caed525cf216e6cffdab63d56bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 65376e116aca056049cffe3684e797bc
SHA1 25003f0ab42f67724231f2a9f30ac22587272602
SHA256 bf1f205190887e8479860de545c28701549aa2416eb1bd29b0f2ac79c52d18ef
SHA512 9f546ffcbf3e21ed7be2836648d6e10bd721e7c2466fd7c32485e9c683c45a8123a4a8560407be6ac946d0e8e3235a75d5ff580b12d42b9ddff32cfa9e2afa67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 17890d2e19129fbeb3a9fbc4ebbab1fb
SHA1 a968e40b72f24c7b02339555ddc1abc6d903511b
SHA256 9dbe4a5daf9459b8ede6cf34ca63cf14711fa5857f5dcd3ccaec6a04421c6912
SHA512 3ee6f476484673555b99760e2af22eb6b4e8cc2f772d1309449c91d7b4dcd60d0e3e87d9625555ddc7bc5fce5bfb890ac47dbf6a16c4aed3db439722e14daad7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 c9d87abec3cd1f9f484a221d961b4166
SHA1 6b3a719d9c03df2a8a66905c786f41e2ca632866
SHA256 e37ef9084f6d833a672995c56a8e7775627d8e47803bdc8775fc61578726fd1a
SHA512 87fb1b2d231b7b2bdca56ea474f6d611f7e7c8d750f5aee248d32d863ebeb262d19e6b468c61ab606a9342030afa94cd4d810d786179da2c592efd3442c23c56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ada22a21-179c-4c02-8fb9-66138362393b.tmp

MD5 d6983c198f0151e1e7d1b5f312b9637c
SHA1 36168ee2ba098529bacd4510d8b949a3edbc46df
SHA256 9eb7d5f530e0066481add859d01f5cf275668106a019e984a18543a043c64154
SHA512 6f6a38a45ed1ed68a680a08f63815918e52f74bbf72c3ec5d2d8cb3433f588956e0d66715205a6ec5cf3de2dedfa428c11401c0ba1c3f6dae9b366a33609ea27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e38cdafd48bf3663c6471e89abacf6eb
SHA1 73b36e144a07d30f7e0175cd14f2a764a65702eb
SHA256 4791f206f9b495abcd015300bd50a2b0413d944f0cdaecafeff974de49c6453f
SHA512 0a76ab6c21c25d3bddce650953d4434f286ad0c223950e7bffc5bf0381f455b2bc17b357643b8626525914740d2b7aeb585fb357c489b80d6614fe70d2714262

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1b14b43bcac98f16a21093c35860ba59
SHA1 c29276721460b1befa43bea8da154e967e74928a
SHA256 4c24964d5859fb890ed716afc8ae2cb971de58d0d82303cfbc736927356feb68
SHA512 f7911725af414da2324a3ad183bedf3642a60f5f0da6e982a772e6febe7b8a0d7b537e56d64cf2db235768070cfb88cfa1b5d3cdf3302274f4ff7a81ff7c5bfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7bbed776400a5cf88a5f9834e566e816
SHA1 4b5bcafcb38cad7f56de8fba4924f787959080fa
SHA256 ab0d396808e08479a342fee7a1a233cf5d660056fb1b1200135333455e175d3f
SHA512 f787a4f9022c8590cb6da81fa8976bbf6b66452ed395b0d07c3686d6b75018f9d6b2f35bebeaedd0e34422352aa9621b3bde3ccfdb2b80ff65aa3b0944105a98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b318e34e635abd617710a2be08e172b3
SHA1 993490edb059b5e47661a0278eb621c19f74854a
SHA256 f4bcc993c217c71e9d6451f00c5f9901e4ce2f402c2b1feaa24922497e978e3a
SHA512 943ceb64f23a1c15ee38abc01b7c4758f864ae91b445245f45eac887d3817be6ccfa722b140a74376120a455d2dd31b436bd374473199099ceb4a7faa228f9f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8bf66ef04494d83593a7b1bddbdc8272
SHA1 0cfc92ce266a4a5f7afac6f5e1c9e38267f6312a
SHA256 db4aa7ace23503be652f37c2794b43af928367a9efbf95f3238b40b972142faa
SHA512 8be28a2c3f1a1215292a9aa44cb6f84b79a9228e84526bcbc4c32153069f675f2a65ab4bd35943aed445c59d8427ee54a73f0686c7e3e564d5d1ac4f627dae67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 cec1051b5824a796ab2f91112a9aeb9c
SHA1 9a521220c95c667eaf3b72de66b969aea1a5f910
SHA256 809d1fab6afda4f94f9da3e088720f8b80a312d0f852cee6aca461f2f1d25690
SHA512 53963f622192651f4a4e57c4100e1345bcd96d9a06e2082db0401765490d933907d7a2791ebf5ccaf94161df84cd896f2a575cb5203c2c327aef23e6088a8f02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 16472f2acbacb7740ad5512cf76e916d
SHA1 74e2e346431a3c8d7e5e0dccb3b2b26025417422
SHA256 5657c8b7ae88916dc7f2600476aecdcc5652d96676b4917cb50f410a080dff62
SHA512 1d56fcf1f5c0b23b1ea85d0c03c5fd7198f65f88f8546e64baea270916cce387335801bedb29d7e997a0c1ee48f321897059c9b82fb3b89edbe5e406cf657b4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47ca7700948b114d_0

MD5 fa717f7341cc4cbaa1bf5f2f8e05edbc
SHA1 aede1b5dca6473338b24facf8202c202622b31a3
SHA256 21410eb75a30247906863eb70e1127540b5f92b0c9f4acaa6ea02dfe963625e2
SHA512 efdeaacd6e5ab3702bb0a0158e0aeb7d554c0baace122eb97b456b3d7801b6a51b1f0d132c0c3b79c80edf1afa20ea16ae7d0aac21f5a93daac98ef23d235f0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\06ca7fc66ab027b2_0

MD5 e0b8922311295dbcfad248ce301bdf33
SHA1 199cd5a11dd13aad99093fdc548270e6ce94ed2a
SHA256 a6d6401e03b4499d44234f67129bbbaab95de932f2a77bd01b5ebd4c3e4e4318
SHA512 96dd61adae0fe9eccc43ae8d8ff9c2e26f4455bf863741ddc978b19bfbe0250bd2e484bb75274fe885084fe48355322720a5991772976fdad260d6d042ccd51b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13a73759697c286a6f97d5bc03784867
SHA1 5deabf591fa319b942f1425e644951f0394ba5b9
SHA256 554da0788cf493f169ae4cf68672d326898e18d09da5f368e8119be57a40d6b1
SHA512 5d037ddf240e502fa37a085766c3910b0f702a7eac7397cc1faa077ba51e788627daeb1aed03da40119ad53cacd289dfff228bc655cafb32d8f954cbd014d155

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef08dc5c17695d27f26d9c9b8e3e0f50
SHA1 4a27198ead5ac098889cac7bb557664aa2035264
SHA256 d9d5eebe04b022fa41a1a05924321f2d0317977c03f45b8132d13a70f3e6e883
SHA512 a49d025143ab8e1dba8553b670bb61d0c3423101f95ea2be13f2bc1e221897ba6d011a17ef728dc74d7058c6a31a263cedf93593297bf7d089c536fe20a5140d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b9bc156b4e0235228461031e8b6360e6
SHA1 614ad625f859d0acd33c7a409ab8d38b0061c80c
SHA256 0d63438ed2afc20fc55844f762cb9378ce196c21780b5395902fc3882dfaeab2
SHA512 9e5d424f673741abdc49d5f4e43f6ffad7147c9d4c4f93ca1eb600061c83d6baa2bc1ab4ab503fdabbb52124e2fa66195e7f6b989ff35415b394380b37583ed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 afe2a078601421abc23b9492d8d8a74b
SHA1 2160a6803b814d6db72aba5f5a847646164de2e3
SHA256 2f9431eeaa4bc821f3e05c8089511509054e4d5f87e1f27825b99e33a854865f
SHA512 a5028609f1502f1fa44a8677b03fa710744b7983d870b73bdc8b93a288b01877e24951ec51a8be8407d6a920e2991b9aad1e74e441cd2c7a9ebe81111ed52cf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 715be33e3fdc582f7826c2bf9646fbba
SHA1 5bbed8c12a977a1420ed6c342b09a5d07b19993c
SHA256 ea1e6b89fb95469a6264b13d95ca5f727123f0ea19f1d1a069310e74f14caca9
SHA512 b28d48285fb57ff1c1fd6b46c01dcce85334bc459c3014ead8a5ad53565f6b12e126acd8bc5715350f3a46b728d26c8705ba544b57b796f351c713309521c3b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 061cafaa40011f89332a5360ffadeed2
SHA1 ac1790d621cd5179a0c1aaa90756f6262ddd49c4
SHA256 a35035e7d9cd009c479e74d5ad356f7cbcc7ca240cb30929dc8afc8b2d9e2ba4
SHA512 eec58386eb5133114d80b2c232fef944812afd280a363cd20b0f7383ed97baf4699a5b373cf152895cfb5d388c7afc536aa8353778b17b30900b3fa3ee1000cc

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\Downloads\552500.zip

MD5 4ce96391c38cb26f753b762442341960
SHA1 ccabf06cc47809ae98433d2dad6405b069314cec
SHA256 5e89d2def3053b787fe10b468d65d48d104ef34ba6c4c5b90d50e79967327ccc
SHA512 4b94b6b23e420fef7a5670ac865759ba0d6cdc76ba964eb632501c58205ffac52f1de9539d0fb624a31950610bffaabc6d4b2994e9b60c3662570935b9703422

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c6100c82f41048428dd18029a19fca93
SHA1 d0590db7b5e611107ba41762100de1008217516b
SHA256 388200b80da07c95cf2fa5f3bb1b18d6b5f0469f57188c070f7c6c7417295296
SHA512 1ce5b35c58d82f957ad7117635c0091aefcb5f3adf33aba1e72eca33515da3e449518e292576f89286469f72317be8880af59516b72e1214876cbbcd1be9ea8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa0b501133dee09e515eab101467163e
SHA1 7892381aded2b10ed20b6434a2be6c0146ac48c1
SHA256 7764a2774e60c350a62a7f2acf8c6d71744c7293f93f30f9901a5c9296ab62b7
SHA512 61b305e1b433ad5843376e9944a8847b067a919e0efd6d03166c469f421322d6fc9f7f8f2d1610fefc4852c3ae1e8afde71d1ddf4943c81ecd0912fde71f1a63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 922e0c130c598db7dc18aca406edb9b7
SHA1 877adacc598f70d0828db403dd4393efa82ec0c4
SHA256 2a8b3f98945f852939dc0e8f18c84f945e23865903a4e962f5d438b418b27cef
SHA512 27e7e7b9b839980ddce3c433591a7a92bcd0fd740ad12949f8a7ba51f91eb5dbda9b82d80167788ede5ae9b0d06dd15975f2988072e41cbb7966b49887a4fdf5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9760bccc869f51f33d5fd17ad94c5b65
SHA1 9ead88d3264dc6e13550d136997465a9c45dee09
SHA256 f6f3d7acad4f55cbcf152ae49d55560cf965c5481a6dd06d2f84b8c64ea9934d
SHA512 ae6010203138e025d0f44e873ac1869005268acd8dda2d1de8a2083357b1858c1d52b9d3ebed646a014b1eeb23f209199759dfd05e27cf1b53b735410b5a0a4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5ff57da59ec6f95560c07cea93f9cd52
SHA1 206a7b9c9758bf3ef37bcb1cbbbb4c97e4ead8de
SHA256 5f7da1508ba0dbe1b3d7e0af741701e8ba1408f3f3f5a4f56bbc23e0ce079f16
SHA512 626992ebf20f49f35fa69d643e9a98fbbb088fba3377aea65cfbe5cd854b8dd7d81f3292a3e58173ac9a258d78d2c753c9a5f446045eeb281c83df9e3137e747

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85ddd4d220830590f5c572eba981ca4f
SHA1 fe8715a6b21ec6b348aee02916742002cbf53edf
SHA256 fdcdd7f6da41c0d10045af0fb8f0d4a8e9b267257d3a8aae0b86e325b4ebc61a
SHA512 b015513dae463312e7dbf17db30f66acf79b9077408ca1be18247e5df247b306dd46da86f87dce15e415d7bfc60d4aacd464ade6486d0e25f32033cde8bd5ccb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c64c3beab215d35bf07285c07f633977
SHA1 9ff2b40139d87ab66483a6bd36f6c28d259024d6
SHA256 943a292a2c80212b1e2b6c45f7f52be57a6de441671435ed0490a0c1b778693c
SHA512 a3601bb2a8ad88f6ee2d6fe3ab6a8b11d8f273d10219a17173486432826f7b3e2d3952cfe8823d0c6b258c05c2a1cecb655ce17367010d0cff50d9d09bc87767

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1db84cb94c4696c9cb362b20dacb4831
SHA1 bbb85d0da09d6d0e3b82199e4521a21e1da9d81d
SHA256 d22d259e0967bce66a79ab43a5407fa540cf628a931dfdcff5b0e72db7b79495
SHA512 ea5eb0077a7a4a11b959d569dba7c738b9afad5c3cb8312479a9553df469a49d75662548aa1bed642a5f3d699a7d0a57dc7f4b165d40d13a156d5ac74facfb10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d3e145b19a8b9022027d1f196cd44aa2
SHA1 5c7dc51d898678d8e877c2bcd43df07930f21baa
SHA256 a2e2d334c68cf2c801443e504d2be9ac579bd8c45585f90af41e182e61982d00
SHA512 2c8573710a8a852bdef84e50749ec874dbfe7de639d2bc3af24be2dd351b3f2ebb19eb04bae2f09fe5d7153f46fed5b7d8492adc12fc720ee49f349c3537300b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6535ccac5f9864ce5d555b7ac6677beb
SHA1 2e784fd70bb8b36fcb65ecc3eca69b3566936db4
SHA256 edb73bc95bf74f7e7f09716f11a603fb733a9f7aaca1a8cf5619307c64b0646a
SHA512 152b98afa4e3cf32687cf98adaea98f64e470601f430a2f39a58e35192c0aaf2ad5bc4088610e78637c7f5261251817cbfa8c4d4a181c8540d9296ae91476b2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 03fa3855793aba08078255b95a97db78
SHA1 b499aeef6f95caf99332d1072328b51d8ecbd0a6
SHA256 9c83e0c88940c6289cdf62ef2e5119fdb529f1cd219751fa9f101d294e42211f
SHA512 762681f7703287dbb844e2f8133b6c00f822cadba137dfba9417eb102980a4e2d5a0e3ffe35c3a86382e967ac2669d793daea5628d464f1cdd38a3b851839bfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15b592b3e834a0dc5feff1cc991332fb
SHA1 ba0ad95ff94778de360ab5160772a8c57edb21f8
SHA256 923940ad4b5290830bf454c0a13da27680df6891c3b666db385a7ca4d4f4c0a8
SHA512 b17b506325515cdab0a4c6ebb6504b4f9b6b9eb31322a62010956b1152740852ab72a0cc61604b0063370de3bc8684bd4bffc1db322dd84e31588708bd800c3a

C:\Program Files (x86)\Steam\logs\cef_log.txt

MD5 da98778b098c6ab1303b9a1c793304d0
SHA1 de84e04944d93e8bd4554a6b0b61d20e49ab606f
SHA256 e3e2596447150e2908814914c0946d4410872ba41282599eca93c149343bd489
SHA512 35abce38343669cd264afd06906ceb9848f1b27f70a88f57aadf935c98f314d986ef2d99a5a5766d885051a2bcb7fc2ba381214b44cdedfe6cc7236685f856da

C:\Program Files (x86)\Steam\dumps\settings.dat

MD5 7038d97780534579fb850faa74631653
SHA1 4a86460ac39e5562aa718e9e0376d557427b7551
SHA256 730df7482ce3ca9d3a86e069569c3e54f0962d4695ab306ec4ae15d80b4fb899
SHA512 47c53ba5608794a8ca0a7de42769f5506b9b82a22ddc4b730efc5c6ab12cbf850cd72fb4c623093022b4fc92c2eff59e733dab788d2943e3067db7669e1a161c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e931bb0e5c1cb6450688e6354cf2eee3
SHA1 21f43dcba5cbe80829b3e319a4781cce2269c0fc
SHA256 c8cbbfb6b811f82fd56be02dfca7327c3f52286b4f1cd88e2dc7364ce0d101c1
SHA512 1de8bb1a87b1ac22769ebf45d3d6978f25b2fdbe888f616ea82bc8c17e80c1bc6c189f3e64d8d16be2d397f3d96ef88a36d97168e5d63b7469c4f5db9c8ca3e4

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\827f4c64-0e0f-45c7-a908-9875e6a45a1d.down_data

MD5 5683c0028832cae4ef93ca39c8ac5029
SHA1 248755e4e1db552e0b6f8651b04ca6d1b31a86fb
SHA256 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e
SHA512 aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

C:\Program Files (x86)\Steam\userdata\1781191105\7\remotecache.vdf

MD5 4aeec4a436c3af4351dc3d65330be4e2
SHA1 2b28397b128fb1bc68070c6bedfff4e0ad3ae77c
SHA256 d09400e2d0f2ded7f18a3460d337adc402011cca036edc91d500b4e476c2f1ae
SHA512 93d946110bf7342bad9911a2310cfbacde7a173736d183eca4ccf0d246f5abebe650652b733300d0c8737d561895af6602339f3d72d6f8ac00216c84e98cb045

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 5b1bd6851edf24578f623e409ef39dd2
SHA1 2a8982673e9192798ec5f73bfb31d306215ab840
SHA256 3856e9ff2cbf19883b3c0cc18f8a086b985adbe106c8bfb8959677d0d11a9579
SHA512 ce9a8000206c25c17321a3e3b6cf9d8e32311755bb2b1bd6897163e7548250071e1c97133ea34e13fec3a56e4c9860623ad82568a8d393c24d8d8da2d2b10287

C:\Program Files (x86)\Steam\config\config.vdf

MD5 253189ae7db47e1f5805dc3d8ced8e77
SHA1 90f5260cccbc52befef894b320fcba23fd265f63
SHA256 4b2353f0217c0919692186504735baf9247e41401e58d5b7c2b92a47e982f9e6
SHA512 407b74cbe1611502d0182a8b7c76163134fbbfc98ef8584627eb2a322794b65ce7eeed61f91f73e679039ef03a36da1a56755867c242a0b1ddcb59c57cade631

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 8dcd06ee06dcb7fde5335930fa573c0d
SHA1 5db875bc0ab712c579e37d8cc70d4567c210aac0
SHA256 a7d5777bdcfb7e2671527ccc85ec134e3ff5d3f8ca27a5598520ac84419a9343
SHA512 4acf7572480215e9aaa20dd69eab95ada284e94b30639a61bbbb0bfacdd1f550a1de4a30bef327a1e30e9c3c2f694d8c866b27221a5e0cb9fd5847b68e205bf9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 5ad7d4f86c162cbc513d0a35b941d623
SHA1 73acb605b5b042695dba5a75d7cb17a15eb550af
SHA256 964af4a34fbdfe903727a19e0824e98e783e842a82b91957c06fdf31706aface
SHA512 89502fef42aac6978145001f50083632ca91d6ff40603e17790e95d7acefd58140af33840fd52d40ae704057905aab737258287df205233c6c0859b8c2a0b263

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61e52987bd9074482d711740c77a4266
SHA1 2e9ced714b96437684f4d300cae53573fc859619
SHA256 21a533d1e6df2590ebf0e2cadec97cdacc57cd5edf2442be9eea07275663057c
SHA512 d674d8a9ee805a1a50dfee615e76686f2e5c6d0b7eaf6f42529d528f06c1f782d825a8bc24df5dee3333a7b998bbf45f42ae348d5b7a9155463878b740138d4d

C:\Program Files (x86)\Steam\userdata\1781191105\config\localconfig.vdf

MD5 d72f6cf01c00d47b2788561a9a256db4
SHA1 bc3350bba45ba071e173897566b258022f8757a8
SHA256 c3d14dccfc0c262126aefa99a5e265300124aef526ed590a91d90ce04f322a06
SHA512 2e08e8400016b60382c7525c55a924b65b77b97e2a037fe7497d64e6e14c9b6e4a672a7a60b90fb912255923d77e72db9a7a6bbc8bd411801ec798f5ef0c4f0e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms

MD5 45f599f3a718b3cfc48113877be81357
SHA1 ca6a844b209164ad815fe2d7f7d22c20c0d87290
SHA256 9fa16088964b8426a4f627a349a6ae8d82806153e8b3264f64ab6b0465c0b927
SHA512 f6e5644cbf1bccc32456c0f658b8870b86adc5d1d8965045d08d9a5f7a52df43fbf2efd2f4f6e8c763b9850daebe242ff2d0aceee2c2b51a7381ec486d4ba3e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bc9c01c527118b079a7770006612468f
SHA1 2718fefc29ec0b875a30c78297bc55f7c517f653
SHA256 6723330e6f76373f5a5d2d73b75ccc4a854524d7b6749bd34e23e5d8e8705c7f
SHA512 c797169cf5a242403a484ebd196e1b5df9bc1e1cbd1ac315a618cf7c7b5a8d1463db85585a271222304441e43ed8188156be2cc4abfc44bee33dff2e21a34a3f

C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity

MD5 5d9d37ff9afe41e250ce601e4caab3ce
SHA1 fe0af6580fa0dff26a1bfb11e49e03968ee4faf1
SHA256 bda9565ae24dc7977414efa357fe5244f3f19a032659e34a767c55a49b3ae029
SHA512 1650f6cc5232895486afb275e001c2dbb6f0b5b118fb396964782691397caa9fd1617498655b128d048ae20642b16e762ef29739b4e1def891c98154b608fb05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17f8f5597ff1ef8d8df2b0b5194864eb
SHA1 3fb8da20a660fd02012fdf7484429fb745eb19da
SHA256 fad25e7fb795ec4128df31c1ea164cf6c1ded447b443019c68e7bee7c920cf80
SHA512 9176189c51aab772a694af6d751fa39f20ba46d90421609657fbc545e15b7a3407213af2a0b880d7aa730ec82ddabb8d22adc52c915239c570c97fa675045952

C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index

MD5 f6af96740c6338f826708bd6a70d2c99
SHA1 c9fed67fdf3a2f3ecb73f3cbc53261e822c4e950
SHA256 54363ffd1d69e46bad437150360a8dc508b6366f4ab592012ce5c3c327dd8d01
SHA512 dcbc2b0f301fbcd94a4237e5cbcff6b6394a18c78e18567836feb1c66f2e8a2fcbad9a860f752b3bb9ea0277bbaa76a81d770b280acab931c6d913cee0b2bb2c