Analysis Overview
SHA256
7f09d605a5c4176485a354602c1c8d02a01e90871dcb67aa05b0e924a73c7939
Threat Level: Likely malicious
The file 1306737952763809904 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
A potential corporate email address has been identified in the URL: httpsdiscord.comchannels@me12569028740849337141306737952763809904claPastebin.com
Executes dropped EXE
A potential corporate email address has been identified in the URL: currency-file@1
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
Checks installed software on the system
Detected potential entity reuse from brand STEAM.
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Drops file in Program Files directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Suspicious behavior: AddClipboardFormatListener
Kills process with taskkill
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-15 19:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-15 19:47
Reported
2024-11-15 19:58
Platform
win11-20241007-en
Max time kernel
519s
Max time network
521s
Command Line
Signatures
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: currency-file@1
A potential corporate email address has been identified in the URL: httpsdiscord.comchannels@me12569028740849337141306737952763809904claPastebin.com
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | dpaste.org | N/A | N/A |
| N/A | dpaste.org | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | dpaste.org | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_koreana-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\friends\trackerui_japanese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\gamespage_details_news_item.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\program files (x86)\steam\appcache\librarycache\1070910_library_hero.jpg | C:\program files (x86)\steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_button_capture_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\movies\oled-suspend-animation-from-throbber.webm_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_fullscreen_disabled.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\userdata\1214517055\7\remote\sharedconfig.vdf.stmp | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_color_outlined_button_x_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rg_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\offline_turkish.html_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\hp_m2-1.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_r1_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_rb_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_outlined_button_a_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_rt_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\settingssubstreaming_advanced_host.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\mss32.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steamui_dutch-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_click.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\locales\sk.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\gridview_shadow.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_touchpad_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_mouse_5_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_mouse_r_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_button_options_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_lstick_click.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_touchpad_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_ltrackpad_up.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_touchpad_down.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_030_inv_0326.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0315.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_l_touch.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\program files (x86)\steam\appcache\librarycache\42300_icon.jpg | C:\program files (x86)\steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_020_ammo_020.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0328.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_100_target_0160.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_rstick_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0010.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\platform_koreana.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_button_menu_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\steamapps\libraryfolders.vdf.async16952.tmp | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\xbox_p2_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_rstick_click.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\Receipt_PreorderCancelled.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0342.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_color_button_a_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_lstick_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\hp_l4.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\libx264-142.dll.md5_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_polish.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_010_wpn_0527.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\flag_right.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_touchpad_edge_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_left.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_r1_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steamui_pirate.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_button_menu_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_110_social_0305.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_button_options_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_left_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\LICENSE | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\_metadata\verified_contents.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\manifest.fingerprint | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\_platform_specific\win_x64\widevinecdm.dll | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\manifest.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamtoolsSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\program files (x86)\steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\program files (x86)\steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\program files (x86)\steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\program files (x86)\steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\program files (x86)\steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\program files (x86)\steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\program files (x86)\steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Vid = "{137E7700-3573-11CF-AE69-08002B2E1262}" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\URL Protocol | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2584844841-1405471295-1760131749-1000\{AC240318-20D4-48B4-B17F-7EF2CEF0C2AB} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\URL Protocol | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\NodeSlot = "4" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\DefaultIcon | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WFlags = "0" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\program files (x86)\\steam\\steam.exe\" -- \"%1\"" | C:\program files (x86)\steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\program files (x86)\steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamtoolsSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 229697.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\1222140.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files (x86)\Steam\config\depotcache\1222141_7324084008489949045.manifest\:Zone.Identifier:$DATA | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 458290.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\program files (x86)\steam\steam.exe | N/A |
| N/A | N/A | C:\program files (x86)\steam\steam.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe | N/A |
| N/A | N/A | C:\program files (x86)\steam\steam.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\program files (x86)\steam\steam.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\1306737952763809904.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffefa833cb8,0x7ffefa833cc8,0x7ffefa833cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6984 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7848 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1896,3550395560818686660,11679500438800530806,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3264 /prefetch:8
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=16952" "-buildid=1731433018" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x298,0x29c,0x2a0,0x294,0x2a4,0x7ffee747af00,0x7ffee747af0c,0x7ffee747af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1540,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1544 --mojo-platform-channel-handle=1532 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2144,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2148 --mojo-platform-channel-handle=2140 /prefetch:11
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004EC
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2740,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2748 --mojo-platform-channel-handle=2736 /prefetch:13
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3108,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3112 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=3652,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3656 --mojo-platform-channel-handle=3644 /prefetch:12
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3996,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4036 --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4292,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4296 --mojo-platform-channel-handle=4288 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4420,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4424 --mojo-platform-channel-handle=4304 /prefetch:1
C:\Users\Admin\Downloads\SteamtoolsSetup.exe
"C:\Users\Admin\Downloads\SteamtoolsSetup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c taskkill /IM Steamtools.exe /F >nul 2>&1
C:\Windows\system32\taskkill.exe
taskkill /IM Steamtools.exe /F
C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe
"C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe"
C:\program files (x86)\steam\config\stplug-in\luapacka.exe
"C:\program files (x86)\steam\config\stplug-in\luapacka.exe" C:/Users/Admin/Downloads/1222140/1222140.lua "C:\program files (x86)\steam\config\stplug-in\1222140.st"
C:\program files (x86)\steam\config\stplug-in\luapacka.exe
"C:\program files (x86)\steam\config\stplug-in\luapacka.exe" "C:\program files (x86)\steam\config\stplug-in\Steamtools.lua" "C:\program files (x86)\steam\config\stplug-in\Steamtools.st"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=4412,i,2775494321036483503,14440429823881003823,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3936 --mojo-platform-channel-handle=4348 /prefetch:14
C:\program files (x86)\steam\steam.exe
"C:\program files (x86)\steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=9036" "-buildid=1731433018" "-steamid=0" "-logdir=C:\program files (x86)\steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\program files (x86)\steam\clientui" "-steampath=C:\program files (x86)\steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\program files (x86)\steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x2b4,0x2b8,0x2bc,0x2b0,0x2c0,0x7ffee747af00,0x7ffee747af0c,0x7ffee747af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1600,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1604 --mojo-platform-channel-handle=1592 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2312,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2316 --mojo-platform-channel-handle=2308 /prefetch:11
C:\program files (x86)\steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2704,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2348 --mojo-platform-channel-handle=2692 /prefetch:13
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3148 --mojo-platform-channel-handle=3140 /prefetch:1
C:\program files (x86)\steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\program files (x86)\steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\program files (x86)\steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3780,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3784 --mojo-platform-channel-handle=3776 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3988,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3992 --mojo-platform-channel-handle=3984 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4188,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3708 --mojo-platform-channel-handle=4364 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4476,i,13106762613760704314,15542096512788479490,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4480 --mojo-platform-channel-handle=4472 /prefetch:1
C:\Windows\explorer.exe
explorer.exe "C:\program files (x86)\steam\depotcache"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\program files (x86)\steam\config\stplug-in\luapacka.exe
"C:\program files (x86)\steam\config\stplug-in\luapacka.exe" C:/Users/Admin/Downloads/1222140/1222140.lua "C:\program files (x86)\steam\config\stplug-in\1222140.st"
C:\program files (x86)\steam\config\stplug-in\luapacka.exe
"C:\program files (x86)\steam\config\stplug-in\luapacka.exe" "C:\program files (x86)\steam\config\stplug-in\Steamtools.lua" "C:\program files (x86)\steam\config\stplug-in\Steamtools.st"
C:\program files (x86)\steam\steam.exe
"C:\program files (x86)\steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=13224" "-buildid=1731433018" "-steamid=0" "-logdir=C:\program files (x86)\steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\program files (x86)\steam\clientui" "-steampath=C:\program files (x86)\steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\program files (x86)\steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1731433018 --initial-client-data=0x2a8,0x2ac,0x2b0,0x2a0,0x2b4,0x7ffee747af00,0x7ffee747af0c,0x7ffee747af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1624,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1632 --mojo-platform-channel-handle=1608 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2188,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2192 --mojo-platform-channel-handle=1740 /prefetch:11
C:\program files (x86)\steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\SuspendHide.vbe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --field-trial-handle=2724,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2728 --mojo-platform-channel-handle=2716 /prefetch:13
C:\program files (x86)\steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3204 --mojo-platform-channel-handle=3196 /prefetch:1
C:\program files (x86)\steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\program files (x86)\steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3820,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3824 --mojo-platform-channel-handle=3816 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4008,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4012 --mojo-platform-channel-handle=4004 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4384,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4388 --mojo-platform-channel-handle=4380 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1731433018 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4520,i,5805974004202752191,6433476904813956321,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4524 --mojo-platform-channel-handle=4516 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 88.221.135.40:443 | www.bing.com | tcp |
| GB | 88.221.135.40:443 | www.bing.com | tcp |
| US | 104.22.24.238:80 | dpaste.org | tcp |
| US | 104.22.24.238:80 | dpaste.org | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.22.24.238:80 | dpaste.org | tcp |
| US | 104.22.24.238:443 | dpaste.org | tcp |
| US | 104.22.24.238:443 | dpaste.org | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.19.24:80 | pastebin.com | tcp |
| US | 172.67.19.24:80 | pastebin.com | tcp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| US | 104.22.58.199:443 | s3.vlitag.com | tcp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.22.58.199:443 | dsp.vlitag.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| FR | 18.245.175.102:443 | cmp.inmobi.com | tcp |
| GB | 216.58.204.74:443 | imasdk.googleapis.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| FR | 52.84.174.40:443 | config.aps.amazon-adsystem.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 141.101.120.11:443 | px.vliplatform.com | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| DE | 18.159.167.99:443 | api.cmp.inmobi.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | 99.167.159.18.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | ddc195436eb7cbed20ba997a540a7367.safeframe.googlesyndication.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 35.81.219.226:443 | ids4.ad.gt | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| IE | 63.32.172.26:443 | ad.360yield.com | tcp |
| NL | 81.17.55.173:443 | sync.smartadserver.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 104.18.29.101:443 | cdn-ima.33across.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| US | 104.26.14.167:443 | adsystem.pocpoc.io | tcp |
| GB | 172.217.16.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.219.81.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| FR | 18.155.129.34:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.4.69:443 | pixels.ad.gt | tcp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | tcp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| IE | 34.252.147.51:443 | bcp.crwdcntrl.net | tcp |
| US | 151.101.66.132:443 | odb.outbrain.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.147.252.34.in-addr.arpa | udp |
| US | 23.192.21.236:443 | widgets.outbrain.com | tcp |
| US | 23.192.21.236:443 | widgets.outbrain.com | tcp |
| US | 50.31.142.255:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 50.31.142.95:443 | log.outbrainimg.com | tcp |
| GB | 95.100.245.166:443 | images.outbrainimg.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 172.67.19.24:80 | pastebin.com | tcp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.167.156:443 | stats.g.doubleclick.net | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 104.18.26.193:443 | ssum-sec.casalemedia.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 54.229.166.30:443 | dpm.demdex.net | tcp |
| GB | 142.250.179.227:443 | www.google.co.uk | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.166.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 52.49.174.234:443 | ap.lijit.com | tcp |
| IE | 52.49.174.234:443 | ap.lijit.com | tcp |
| IE | 52.49.174.234:443 | ap.lijit.com | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | udp |
| FR | 3.164.163.31:443 | cdn.mediago.io | tcp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| GB | 2.23.92.157:443 | cdn.adnxs.com | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| FR | 3.164.163.31:443 | cdn.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| GB | 88.221.135.25:443 | r.bing.com | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| US | 50.31.142.95:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.255:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 34.111.60.239:443 | images.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| IE | 52.49.33.63:443 | ce.lijit.com | tcp |
| GB | 216.58.212.226:443 | ep1.adtrafficquality.google | udp |
| GB | 88.221.135.34:443 | th.bing.com | tcp |
| GB | 95.101.143.195:443 | r.bing.com | tcp |
| GB | 95.101.143.195:443 | r.bing.com | tcp |
| GB | 88.221.135.34:443 | th.bing.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| NL | 20.190.160.20:443 | login.microsoftonline.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| GB | 2.18.190.73:80 | r11.o.lencr.org | tcp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| NL | 185.89.211.116:443 | ams3-ib.adnxs.com | tcp |
| US | 104.22.73.111:443 | steamdb.info | tcp |
| US | 104.22.73.111:443 | steamdb.info | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.22.73.111:443 | steamdb.info | tcp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| US | 172.67.158.11:443 | www.vinoland.net | tcp |
| US | 172.67.158.11:443 | www.vinoland.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | udp |
| DE | 51.89.64.92:443 | 94he6yatei-dsn.algolia.net | tcp |
| US | 76.76.21.98:443 | vinn-web-tools-dandys-projects-bb4af0ab.vercel.app | tcp |
| US | 172.67.195.247:443 | tmpfiles.org | tcp |
| US | 172.67.195.247:443 | tmpfiles.org | tcp |
| US | 172.67.195.247:443 | tmpfiles.org | tcp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 88.221.134.234:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | 234.134.221.88.in-addr.arpa | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| JP | 45.121.184.100:27018 | cmp1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.101:27020 | cmp2-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| HK | 103.28.54.101:27018 | cmp2-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:27019 | cmp3-hkg1.steamserver.net | tcp |
| GB | 2.18.190.73:80 | e6.o.lencr.org | tcp |
| GB | 2.18.190.80:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 102.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| HK | 103.28.54.101:443 | cmp2-hkg1.steamserver.net | tcp |
| JP | 45.121.184.101:443 | cmp2-tyo3.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| AU | 103.10.125.148:27023 | ext1-syd1.steamserver.net | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-lax1.discovery.steamserver.net | udp |
| N/A | 127.0.0.1:63610 | tcp | |
| N/A | 127.0.0.1:63609 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 172.217.169.46:443 | tcp | |
| GB | 74.125.97.72:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| GB | 216.58.212.227:443 | tcp | |
| N/A | 10.127.255.255:27036 | udp | |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.252.19.2.in-addr.arpa | udp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.252.202:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.3.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.3.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.3.52:443 | avatars.steamstatic.com | tcp |
| GB | 2.18.190.80:80 | r11.o.lencr.org | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 151.101.195.52:80 | avatars.steamstatic.com | tcp |
| US | 151.101.195.52:80 | avatars.steamstatic.com | tcp |
| US | 151.101.195.52:80 | avatars.steamstatic.com | tcp |
| GB | 88.221.134.240:443 | tcp | |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 151.101.3.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 8.8.8.8:53 | update.steamui.com | udp |
| US | 172.67.172.248:443 | update.steamui.com | tcp |
| US | 8.8.8.8:53 | cdn.wmpvp.com | udp |
| GB | 174.35.118.62:443 | cdn.wmpvp.com | tcp |
| US | 8.8.8.8:53 | 248.172.67.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.8.8.8:53 | new-service.biliapi.net | udp |
| CN | 116.169.184.177:80 | new-service.biliapi.net | tcp |
| N/A | 127.0.0.1:64305 | tcp | |
| N/A | 127.0.0.1:64307 | tcp | |
| N/A | 127.0.0.1:64310 | tcp | |
| N/A | 127.0.0.1:64312 | tcp | |
| US | 8.8.8.8:53 | steamstore-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | shared.steamstatic.com | udp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| GB | 216.58.212.227:443 | udp | |
| US | 151.101.67.52:443 | client-update.fastly.steamstatic.com | tcp |
| N/A | 127.0.0.1:63609 | tcp | |
| N/A | 127.0.0.1:63610 | tcp | |
| GB | 2.18.190.73:80 | e5.o.lencr.org | tcp |
| US | 172.67.172.248:443 | update.steamui.com | tcp |
| GB | 174.35.118.62:443 | cdn.wmpvp.com | tcp |
| CN | 60.13.97.113:80 | new-service.biliapi.net | tcp |
| N/A | 127.0.0.1:64679 | tcp | |
| N/A | 127.0.0.1:64681 | tcp | |
| N/A | 127.0.0.1:64684 | tcp | |
| N/A | 127.0.0.1:64687 | tcp | |
| N/A | 127.0.0.1:64699 | tcp | |
| CN | 106.14.24.113:80 | tcp | |
| CN | 106.14.24.113:9999 | tcp | |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| N/A | 127.0.0.1:64713 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| CN | 106.14.24.113:9000 | tcp | |
| N/A | 127.0.0.1:64720 | tcp | |
| CN | 123.6.2.85:80 | new-service.biliapi.net | tcp |
| GB | 88.221.134.170:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| GB | 162.254.196.79:27020 | cmp1-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:443 | cmp2-lhr1.steamserver.net | tcp |
| FR | 185.25.182.20:27034 | ext1-par1.steamserver.net | tcp |
| GB | 2.18.190.80:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | p2p-lhr1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 80.196.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.182.25.185.in-addr.arpa | udp |
| US | 151.101.3.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.3.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.194:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.67.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 151.101.195.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | client-update.fastly.steamstatic.com | tcp |
| N/A | 127.0.0.1:64729 | tcp | |
| N/A | 127.0.0.1:64726 | tcp | |
| US | 151.101.67.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | client-update.fastly.steamstatic.com | tcp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | client-update.fastly.steamstatic.com | tcp |
| CN | 42.177.83.115:80 | new-service.biliapi.net | tcp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.131.52:443 | cdn.steamstatic.com | tcp |
| NL | 185.89.210.46:443 | ams3-ib.adnxs.com | tcp |
| CN | 106.14.24.113:80 | tcp | |
| US | 172.67.172.248:443 | update.steamui.com | tcp |
| CN | 106.14.24.113:9999 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| N/A | 127.0.0.1:65325 | tcp | |
| N/A | 127.0.0.1:65327 | tcp | |
| N/A | 127.0.0.1:65334 | tcp | |
| N/A | 127.0.0.1:65348 | tcp | |
| CN | 211.97.81.63:80 | new-service.biliapi.net | tcp |
| CN | 106.14.24.113:9000 | tcp | |
| N/A | 127.0.0.1:65358 | tcp | |
| GB | 88.221.134.170:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:27019 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.79:443 | cmp1-lhr1.steamserver.net | tcp |
| FR | 185.25.182.52:27033 | ext2-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 52.182.25.185.in-addr.arpa | udp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| GB | 88.221.134.187:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| N/A | 127.0.0.1:65366 | tcp | |
| N/A | 127.0.0.1:65363 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | shared.steamstatic.com | udp |
| US | 151.101.67.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.steamstatic.com | tcp |
| CN | 125.38.214.65:80 | new-service.biliapi.net | tcp |
| US | 151.101.67.52:443 | shared.steamstatic.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 151.101.195.52:443 | shared.steamstatic.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 02a4b762e84a74f9ee8a7d8ddd34fedb |
| SHA1 | 4a870e3bd7fd56235062789d780610f95e3b8785 |
| SHA256 | 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da |
| SHA512 | 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f |
\??\pipe\LOCAL\crashpad_4144_IZSWZNZQWMFIMYKU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 826c7cac03e3ae47bfe2a7e50281605e |
| SHA1 | 100fbea3e078edec43db48c3312fbbf83f11fca0 |
| SHA256 | 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab |
| SHA512 | a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 515c0615258225c82c59041e4f4ce7b9 |
| SHA1 | 37973378fd3b3ab53895a6cbddef34821da5797f |
| SHA256 | bdfc1135015865a7d16da66991c14f6064e5adf5d7261ea536bdbc7ceb4114f3 |
| SHA512 | d505eb7703d7b9430374c6dad795f6d892d188b06187d3408662f83bed8ab2cef36a43d0c72a48cc34f56e3852da24f5882b758c61f26f6ea94c36a9ae63de15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 78fea6dc88af22953c1bdedf0421e06a |
| SHA1 | 22d0f2c6a0998af5b841f4c6ec1fa76fe6ee7664 |
| SHA256 | 701964287e409a94e00623e31ec1b3d763528b56e5c397088d96b898206501f5 |
| SHA512 | 34884701117c240033c021c43c85b4270d19daecddc98d7be5dd0fa8448cdf56c15b26a5c740e0b720b0766749b4fd425962111b679641b9f3a61d09e8e82cc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c316c2d695267c3d8995a9c7c1d2c149 |
| SHA1 | dea158e5dc311c0310519caa476bfa5eb138feca |
| SHA256 | 2cc8d2fbd7cc3cef977b6c1ce187fc6f953858fa1a7f903e3fe77c10ea724809 |
| SHA512 | 4ecd1fdb824e8a3c342acc9e0e273077f1def7e0e159b2bf04f3030c0ba57a8b1eac04bde2b804264c3801043a64e5eb707ffba5e9f6cf7acb892c4327c1ad82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c073fd1fa9851dd01c3928ec453bd511 |
| SHA1 | 5a8eae3b8cfa869ca0797260799676bf35646d24 |
| SHA256 | 9c6543509f96300c32b381f324b42a229bc2ca768c2fc133be0e0bd493d552ee |
| SHA512 | 13c2b004f3618276571b9d799c38c3ece6069e7dd68fb4b674c1394a6c18b3bab262269472c8c92e890d1a6a7c1b219a5e95a1ac13f5b41155b841e57a53725f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d52dde104b8ef0c330dfc22b78d4d68e |
| SHA1 | 099b580f6cd3d5816f5a5bc9e7f3481f6dc0f0f4 |
| SHA256 | 1f63dc8bb4205de77042b8d4a79d0599a200fe2cb90641218d1115dbf4482507 |
| SHA512 | 9046130f8e43c72910ac83937b62797317aa60e1c6613c0d36eb4648ed0aff38133131c2e3a834acd6f0549f9e849a7b9b91246fcf448d514a098ba1fc18952f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bd140ea9f460c811e8e6783470f1bda7 |
| SHA1 | acda4584c2010d67a2b92e44e1b0eb4cda90f275 |
| SHA256 | 542c1f838608e512095fa414d0886e484b61c1a9cc89507fca6b2b502f6df045 |
| SHA512 | bd3e70f183b77b153a88c6f856cc4dc6d4eb8033cbde8e3ce966dc2955ee43afd1f8c00bac3cf3f65ff3bce520a21b85bae9bb7fd8a10b87f7af9a066e6c106d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b054844dfed290b4b399dbf030630c9 |
| SHA1 | 6f1cc99167a25dec9ecd4720d183684b0c0d810d |
| SHA256 | 2f90c10f8da30ce4c8250fe03a895f14b267af4810014a650d457c380c7bead6 |
| SHA512 | 81098c03f491eeaae5c65bbbf5b00b096f36cbe59ed019edb04a0d04e421e0b2660b7f95943ddf6cb2785959b783e626f72287a747051aa12a25ce76f5393fe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d9c0caf6c1817185e676d424fae26b4b |
| SHA1 | 14e6adbafa2a777fff9ef62e9c2b1cb15dcf854a |
| SHA256 | 65ec28f721e5e5a79d701406f761185f25a68eb3f30f5cdf854148254b98f08e |
| SHA512 | e154e7771d57709fab84f69617aa3fc14f88cfd24b3a79b6f0359bcbdcafbdd480259e164ab0220afd253ed5bdb0a89f37aa1771b95a45422dbc7736cabd5431 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59e4a9.TMP
| MD5 | 7d0a49d5660c1cb32526c1b38d2068e8 |
| SHA1 | f4258c4c6ee0f74469c4d64a2d09766190070c9e |
| SHA256 | 68aa698155b92f831a4e2d7c934052cb477237ce65eec6bce59b35f03ec59ceb |
| SHA512 | 7f42d54a912186d36a50186a608ab29680cf94cafb77c76e9883b955f99066ba1cf9cb0981e490d1e67990d07f99089d58fb5b5b5b6a7be4a4ca98011cffabf8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c3626f93747f035d76fecf0ebe1c2979 |
| SHA1 | d6d00d2e57ab94f4a6289dfaace1224f8dd68d93 |
| SHA256 | e33d7abb89e0712f8834973020419b609ffda12bec675e88e1c00cc5d987a076 |
| SHA512 | 32a0b4ce1a5d1de6a7f6ca5c17ee8554fcdd385c8ab1b90c3b1e87637cfe383982a5167a572d85c14834374dd509e28f7677b939588b00c4fc4fbc432738f69f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e5bae39d40c085e8b10791cc91be63a2 |
| SHA1 | 8f25ba451a42ab321e1523f3dcfa41b2d5158a26 |
| SHA256 | 9bc2d284e909a608385e35eeb9fa6680096ea5c0cb6647b95b9f1258774a4576 |
| SHA512 | 361dc353e12cad0e4ab8d9529c5d73a30f8637e406f6b3eb4606643f6ff050e3ca55a453d7515d3e6513cefd317ed1ff5a02893a66ec0fd734c026023f1610fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a8f9e855fb09e57926f093727d98f14a |
| SHA1 | 1e977c73e7d93e1df66255fcec16ba3ce5072453 |
| SHA256 | f32df1ac1a6ff4db8a3750ffd854c9b50af0ddb66b45001ecdab01f9976de3f6 |
| SHA512 | 05e8916d2b3aa8b2de108ecc9de3608480c77ae4f64a80a68902d6607e8b813cf17956b0510c857929f4c0cdfc0d6543f468e85d47f86c43e5006e660289c324 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 86dfa3911317707bae8676cc430a8b9f |
| SHA1 | 8a24cce9caad3801b2e3d523e8af64821b3f3d54 |
| SHA256 | b73a45f35f9e059e44a6d6cc75b19594fae3ffbee2f69f6cd29cbc3e4411c445 |
| SHA512 | ee6ee12047ed9db2c5f67951f3ef12592492af6a0862d01a20ceb0f5cff62c2f189afc6e823f4bbfd5170fc92ec56ac5b7965353055e6278b3d63183d01025d3 |
C:\Users\Admin\Downloads\Unconfirmed 458290.crdownload
| MD5 | bbf15e65d4e3c3580fc54adf1be95201 |
| SHA1 | 79091be8f7f7a6e66669b6a38e494cf7a62b5117 |
| SHA256 | c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304 |
| SHA512 | 9bb261b4ed84af846e07ffb6352960687e59428fd497faa0a37d70b57a1a7430d48ac350fbb0c3f0f11e4231a98ebca4d6923deba0949fdd7a247a3c02737355 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 41eb03b53e9308abf335d685227850e7 |
| SHA1 | 0f2db38ead8e4af72e27fb9880088ecb30873c6b |
| SHA256 | 643a68fbb857006119649789faebe6a4b7d5066ed48b94fcfff9715d469091aa |
| SHA512 | a562b67de915a033bf2285a14315e235452b87d5067370225043bdd7e030ca8a7a64897cd8988d71f74e787067028c708c730007016a133ef5625a831df8c450 |
C:\Users\Admin\Downloads\SteamtoolsSetup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ea6b1f4fb596aab3ef1e0753cf4d29c5 |
| SHA1 | 29d1cd66a95963f40d1483aa1ab9eb43434191cd |
| SHA256 | 3a73739e400bb81a7cb72e4a12294aeba0b061fab3fe6d6a82837f9ea193df90 |
| SHA512 | f440c1f3e6cac74ec7e96e4d172bf9af89b0d1515e65bf7bf117dde168aacd1b89221c918043625be1691cacea5007cbcefc733f84d7b011d0f3f31c9fe90023 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 6d15e276539f95c5adb97590a4eca258 |
| SHA1 | dff990813f2dc3f5b95c799148988e11ccce2ef9 |
| SHA256 | e771920b5164d1792c82910785b4502bd685f553e7dfad0bfe69b8d275f22a05 |
| SHA512 | f6aa482bfb570afcd576a7892c5317fc2367780a7d4c6b35560b61cb1438277590244c6618b1b266c7962885a93fb2745d7031786268fec2a081dfaa7510dfab |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 09fb0b2bcf261762bc3456bc97ca184e |
| SHA1 | 9f7066bf676574245e4a994a62e22a7b0c8eed5a |
| SHA256 | fb47dfae7a71a8341cdfc16e6ffa3b66c53337b7fd6a40b7652eaef36f5df6b4 |
| SHA512 | 242b5956bb387d5f8b578744ebcfde6a43d5b1e6865f7edab0fd7ef6bb5db38eb0effcc232240dd6e9b0e9248d42ce1fc62cfa329aad4ca52dce238010d5ac92 |
C:\Users\Admin\Downloads\Unconfirmed 229697.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a54a0c3021847853621e42cae3e68999 |
| SHA1 | d18c7f7d95f76047389e8e2ff24dcccf2eeacfd5 |
| SHA256 | c76f85c715e908df19e44996970213ced64d5bb13cfbf2eb9bdcd00b2b690ba9 |
| SHA512 | 9b08cfe0806933ce75a6db1343d9bba1f41a365802ca08b9a418b683152d9a9c44bc2971a9218ef4dae63c20d5c39bc0b0f04ca0d4378a13cedcfa97d6ca8a19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c0e17ce8bdaaa9f993921d982c74fd2b |
| SHA1 | 9c125cbf877086e8398ef6df719dd8f546b2d619 |
| SHA256 | 17b7a031bfa3afd8ff383648941359852aa86f9073b904b00f60044d588ebd0e |
| SHA512 | d4e8d183d6a9a6c6c6c61c27b1aa8f9baf1d69a2220c83b424e7fd8c27c848152f59fd51456f201194aa01e484a34c4bada2beda139e0601e040a28c585d8823 |
C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier
| MD5 | 75893359e269074f05562f12c3e0d376 |
| SHA1 | e5d7ed64495dada6a0b41742692352087a74a951 |
| SHA256 | 435d3ec89839125cf974c8e1a15fe188acaa1e76239758145cf74a726680421c |
| SHA512 | 13e5220d5f8eaf32f30bf78c75665c0548774edf6a5a56086721586fa2ba5513a7eb0c151e6ca18dd61830952c1a38e25ca37c6c71136b29b9dbb190ad1d479d |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d6865077e9e58921776602ec058aa08 |
| SHA1 | de17f0d3765ba8afd4b1b463253a2bceb2dfb18d |
| SHA256 | e53a0f5f480f5584c76c27365a1e2ab2da0d684261feb219f70d6b9a8e1d5709 |
| SHA512 | 9b47c8d9355d27f5f0a7bb27e985f6cbad684aba1a00e8b2d15f0b9f7ae6e98cf386744ad7754c83be133e91a7136b1f8d1ab3740c9e223b24dbc528c2a85c70 |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Program Files (x86)\Steam\bin\SteamService.exe
| MD5 | ba0ea9249da4ab8f62432617489ae5a6 |
| SHA1 | d8873c5dcb6e128c39cf0c423b502821343659a7 |
| SHA256 | ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d |
| SHA512 | 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b |
C:\Program Files (x86)\Steam\public\steambootstrapper_brazilian.txt
| MD5 | 0340d1a0bbdb8f3017d2326f4e351e0a |
| SHA1 | 90d078e9f732794db5b0ffeb781a1f2ed2966139 |
| SHA256 | 0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544 |
| SHA512 | 9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93 |
C:\Program Files (x86)\Steam\public\steambootstrapper_dutch.txt
| MD5 | 31a29061e51e245f74bb26d103c666ad |
| SHA1 | 271e26240db3ba0dcffc10866ccfcfa1c33cf1cc |
| SHA256 | 56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192 |
| SHA512 | f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8 |
C:\Program Files (x86)\Steam\public\steambootstrapper_danish.txt
| MD5 | 03b664bd98485425c21cdf83bc358703 |
| SHA1 | 0a31dcfeb1957e0b00b87c2305400d004a9a5bdb |
| SHA256 | fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115 |
| SHA512 | 4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d |
C:\Program Files (x86)\Steam\public\steambootstrapper_czech.txt
| MD5 | 2158881817b9163bf0fd4724d549aed4 |
| SHA1 | c500f2e8f47a11129114ee4f19524aee8fecc502 |
| SHA256 | 650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7 |
| SHA512 | f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28 |
C:\Program Files (x86)\Steam\public\steambootstrapper_bulgarian.txt
| MD5 | 4c81277a127e3d65fb5065f518ffe9c2 |
| SHA1 | 253264b9b56e5bac0714d5be6cade09ae74c2a3a |
| SHA256 | 76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9 |
| SHA512 | be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bfa6c7e171405710540144f245279890 |
| SHA1 | 8308392d2f73ebe75a36a40070d73932faa7c0a9 |
| SHA256 | c03df3e9f79592e7e77bc4b49d71727b098f0f51840295ca14ba454bc278bea0 |
| SHA512 | 297c677e2b88e8aee07157c2634df459d207743cfb3f27e426abeb75b915c3fb288402106d6bcd9ca19129304a5aad5ac24d7ed1b849ec8dd0571201a31cf344 |
C:\Users\Admin\AppData\Local\Temp\nsbD053.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dc4269e7bfa369f72c72e2d196e77f57 |
| SHA1 | b089f941914b63b75b41d9e7d624144710c318eb |
| SHA256 | 57d50986dfa066a08b3162ddf39ab15024250c330e2a00f3cfad95ddc3bfecf2 |
| SHA512 | 2ecef94896006c5b6d0dcc7487492be32e9f852adaa22e977b68657c5f78834df355babd9507eb2675e6883e1d43753e066c08444ecc2ef1722e43187022b0a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c86ff04d8be3ba722323175e45bddb1 |
| SHA1 | 08439f3640d0737cfe44b8acf35de9af4ed0808e |
| SHA256 | 4ec32bd024baa7668a2ef1941ead78a49b9929285c90bd80c3bf79dd05623a2a |
| SHA512 | e60225911e3a24260c3eb068c7397de455a88f1acfb5f9a98187650a1463b09ffd7a3eaece4ea84a468eac0c20de212ee6b9741bb1366bafd0677f6219c70c13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f7c75ec9e9030eaa7411cb377131ec6f |
| SHA1 | b425ca25f93e9155a346abf40e5e328747be447d |
| SHA256 | 995e19ee366c9e2775a63deeeacae4227f85201fab26d11597de7d6650f99f96 |
| SHA512 | c1ab962cc2038afd71abc62f2ac68d0082bf1b7fd71fddb28fe5157c71110476d072054a2f23e83226856b2538a5dad4f13ce9607f6cd9c0485cb116bb6c5aba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c45f847ce9faada88b6d86186096254c |
| SHA1 | faa02f4b42a58f52acef78276e34f5ad24253c36 |
| SHA256 | 50bfd284095cf1a33265857b61b17accd709f11a104fc9aedadbcfc59bd514ed |
| SHA512 | b7ad1de5199289cd2b236536b8c87f982da5033e30313dbbfa54f3ed75cf4a473cc6c711251b7ef2f555d28e6d3ebd398c906ed411562c8d8ef4e1275ba95506 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bcd47d65b1cbedf03411a0a7c1967431 |
| SHA1 | 2a90038d0e3c4aeb0ee045f0bb9abf091ef16cd9 |
| SHA256 | 5c06022df6bff1add8a2968b3c601aa957ef19d7213959faf746373255db8028 |
| SHA512 | b8d8b1e1f10db0f2cb629b2d33882692aa29ddaf652bc1f45a1ae14c238a309a76f1f6a9fdedab96bf3596ab278b73c1715ae536e56b47d253e868085b233758 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | fd320f285b1aa1c350d11dda4e279e03 |
| SHA1 | 21ac5e83111533abbebead73b43f32e006c7e425 |
| SHA256 | f6f153618d1effc6524a63eafdab70c7d0726524b92ec93d028feda54bb67010 |
| SHA512 | 6cba4c2afec0c4a837b27ce86550a4aae4996153cda35e9e7dda9b02f1064b7a80b152e50873955ebe887334b121ff844ac7a2f23f3045f4bcfe0c9ef6642f6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b9518.TMP
| MD5 | 71dae6c6601bd4049a270f21f6fec638 |
| SHA1 | d9e96a8f357eb55079d4164a8b30953d2b8d6935 |
| SHA256 | d0e35e074350ca05c0552975bc88383dd107ddca3dc17cf7f174bc588564a4fd |
| SHA512 | c76911ddf4b0bfd5175669838023f96dab94fe02cfbf80c503bc28065990ed9e5ac2b49f7f5646d0ca988929be2729385d738cdd11f2a0f74afbb7b69199b272 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1cbdb01f386c037bd8ee162316ec6c97 |
| SHA1 | e1cb57a564983e633bd43ec25aea17ca2bb221d8 |
| SHA256 | 989944aec9a928fe1d2bee8f5ec2c507acdbc4600cfb83bd4910c5d19fd79f05 |
| SHA512 | 3bfcf2b226aa3a551d7d5a83ef0d943e9fc052bd5cc1fb2882619e70af2db86442ad2c1913c003794558e8b2b4c2dc275abb5fce52fbf29c54d289b6291b14b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1903fccdb831f2c63b44a1e75e6ee038 |
| SHA1 | 6afcb52a0bdd9c128070f86b62bdf8375dee1a39 |
| SHA256 | b72dc65cff6f14ed5e9fbd61e34d0f7574e0b2e79f9d37d7d1c90a146059abe5 |
| SHA512 | 1be44e600485aa852060660d7a9688e5f03cd8253e408bcc12c0fe3eaf61f066bef39f93809a37c15cb9ec397122fe54739227388f8ec861e880cc6bb6585075 |
C:\Users\Admin\Downloads\1222140.zip
| MD5 | f98fca1058a717e5c6b10af4ca2d2082 |
| SHA1 | 8788f80a55bc81131d24bf1422db581444f787fe |
| SHA256 | e2028cd17c948cb33dae90f7728854401fdf158c0a09fb66c5e894f33dc4d365 |
| SHA512 | f69119598d0ae7156f2e67cfe076ec09c0c0cdf7210658e3c8d79d0f0af724be855a93635d56da2366195f03eaeb736de8db76b4650c3efedb54ddc67ba45773 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fa3a6a692184b54b737a7d62fd4c0bcb |
| SHA1 | faa6857f4ee8195a414cd6f0113ef978374d0f62 |
| SHA256 | 0e954bd72817ba6c04ce13c162cb5cc25571b289330eb49ce6639576212fc725 |
| SHA512 | 855b064b006a119ac85a999bb0095bfb7abf0d6a9450c4148958f7ce1c3667236c8a3b5bc8e8d0779ac8b5285950fe211d2fc8915682a22e4a24785fd80f6ae0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 88fb494b7366f7e1fdce1941677d9d75 |
| SHA1 | 61f1ace94b135267c5f717e6b317bb479f2094cf |
| SHA256 | 7737cb961e552eb4a9e5ef1b73fe14043dbe0f4f63fdca28fe1bcc657b43e041 |
| SHA512 | 3a9437d97f0e97f063d1e2cc8f446f554dd5c498cbfc1ba986002583193dc34336aff773a469fe87034dd3ee68580f67e6c856f3a13d9d617d6140c2c2ee3ca6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 35209342f768fa2d38d17938e1b0b61e |
| SHA1 | 7fdcd3afbdd2abece88867eeeb0d29e8f9b57198 |
| SHA256 | 7eec1733f7beb5f17eb35b843974e82c69fd8409f6f43e0fc79d799f288e88fb |
| SHA512 | 1b9ee166342501cad98e8432f160ad06e2da0a4bcc8d14e868adaefb6a53dcb24d063b61e21dbc9ede5cd7bf80ce2bc48c47ddcba835114ee1f22c4fc4d603e8 |
memory/1344-13602-0x0000000000550000-0x0000000000A02000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\wasm\index-dir\temp-index
| MD5 | 14d9e7bcd397a3393d982542a304f077 |
| SHA1 | ce4bb1821b9b872bd640d9f73c2b9975adaf7148 |
| SHA256 | 7f2b0777bae4bd60059abe918573ffcbd9f27be2c5fccb62209467d119edbc6e |
| SHA512 | 6e0e0e6fa4e0030eae2413be27d9300bf8aedc631b429bd1f214d63f7bf95dd7f524642376b2f17b89f513f62a1f988b0340fb5c51137c6fe667a42783ab7290 |
memory/17824-13652-0x00007FFF08C20000-0x00007FFF08C21000-memory.dmp
memory/17824-13653-0x00007FFF08EB0000-0x00007FFF08EB1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf~RFe5c5471.TMP
| MD5 | 3cdebc58a05cdd75f14e64fb0d971370 |
| SHA1 | edf2d4a8a5fc017e29bf9fb218db7dd8b2be84fe |
| SHA256 | 661f122934bbc692266940a1fe2e5e51d4d460efb29d75695b8d5241c6e11da7 |
| SHA512 | 289c40fae5ec1d3dd8b5b00dd93cf9cada2cb5c12bcfefea8c862ddf0a16dced15d6814dad771af9103b3a5d3016d301ee40058edde3fdea30d9767146d11cd6 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
memory/16952-13757-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 2d2bdd4f294831d80bd53d05f461a618 |
| SHA1 | 2c65f2c57d22eaf68fd97b18bf5a7ed13dae7a68 |
| SHA256 | f4756a75893904012692f95d54d2149a6f89cfcca165e52d8e04e2a19fa72708 |
| SHA512 | fa0fa634dd7011477eff3e10639ac8f2cbcffac6741b833c71c15d254480efa7e223951059aebaf44f23f637853a65174add9583ec67916891c8faaed091792d |
memory/17824-13786-0x000002207F470000-0x000002207F4A1000-memory.dmp
memory/17752-13788-0x0000022384B60000-0x0000022384B91000-memory.dmp
memory/17752-13787-0x0000022384A80000-0x0000022384B56000-memory.dmp
memory/17824-13785-0x000002207F390000-0x000002207F466000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | da27ccc0ec13e109a195a432c60d2eef |
| SHA1 | 0466bac582f86d667437b9cefc3aa31cb69fe576 |
| SHA256 | 7bf3041639e2292e871c63b599b0162a206096ef45021417917eccdca43ac1e4 |
| SHA512 | fc82bc70efcb2b829aa74d90f94751e865cdb8d16fcbb4cfdc0ab82fa53baf0f9e479ab09ae0e77e8731ce718ac6272abf81e662784b4f61943d961be06e96d3 |
memory/16952-13809-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | c228c0ade59055a7e6d142a3f5e37cfe |
| SHA1 | 3605018a095a8d4c9d5623d92a3876224d139b85 |
| SHA256 | 13738509830ffe88aa75265b93c447d67e519b7654c5bb7e8cf9f26804005b4a |
| SHA512 | 467ceca95ce16c65babf049b824883a4a6b692b34c2b9606df4e25377c1718d9c90734843e9a21481148ff630ba6eb927bc8136e1692649ef8f0680d4218cb78 |
memory/16952-13823-0x000000006E660000-0x000000006F9A0000-memory.dmp
memory/16952-13828-0x000000006E660000-0x000000006F9A0000-memory.dmp
memory/16952-13833-0x000000006E660000-0x000000006F9A0000-memory.dmp
memory/16952-13839-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf~RFe5d4ebf.TMP
| MD5 | 7ce96f31457ea509bd34623cc6815361 |
| SHA1 | 48fa93bf3c79542aad5714b9253d52a8fdfce041 |
| SHA256 | d90fd4c944b773fb2739354c035c3b4348c966728a3dd4d3d0ff005fb5c0acc1 |
| SHA512 | 7bb87bf013a2508b275650db8e21ced145f5b74c9def3b500ed9e91799bc22e82f411c93837aca0f19ea80ac0f7080be66e117e47b4933a2c40a47f6ceed1152 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 9dad73171a9369ba8a710e2f933477a7 |
| SHA1 | 73bebbe42fa7e4f505da114b11063ee00db1f0fe |
| SHA256 | e52041ca579b5135a54893d37eb3bd6cbaab63247e1d2e3244d44bea7293b0ff |
| SHA512 | 0a0cbc01e6f14760084ab6d4de7b513d45b3461d55d9d949272da0ee2934be8c62fe10eb627b24d0e8265fc7dbaec6940333d84aeebf02726a0ca9710edc22e5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 09bbfcfb126d42d6c7f663835a568cc9 |
| SHA1 | a06bbec7801eec2dcb1c363e32981c2b96c1c107 |
| SHA256 | 9888ab8d2a8a18084a93d5f82e452d84fe7253fb741c223a33a9c55654a1ade1 |
| SHA512 | 8da23449d7525ca69f1c182630cbf9aa1ed014e2f0de8fd3e0168efd755b48a6253e134e1f25969dfccc3cc4d513f10471f6ef2a71e8d7c06745deecb20599f4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 559a87819113c6dc5b3d1b336d010d90 |
| SHA1 | 783d0e869fff58f957b3a2d8568529c9ebec8b6e |
| SHA256 | f84bf667dc16eba7aa9601a2d030105dd6238ac18724a9d8df1870eb784e7cf9 |
| SHA512 | e13e8b79e245179deabd07abef47e98631ca4bdae9ba0f9f32b2b849f1b65323bb9e2d8393b8271af55d16aa8b3d67a8b0225d2db22d3ac27e4eeb1414ab6132 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | f4ba17d0f11f23d465e46b1fc0a4603c |
| SHA1 | 0eedc121f61811bbb178d651fcda0de3a2fcd8cf |
| SHA256 | 0cefef5b042d6b099fa42ada99271ce2b088918b420a41741c0e5093293008f9 |
| SHA512 | 6585806fbf9f4f77bcc6cce3431b44d91de260f03507748b49e8e1beffdf0269f77d77c1c0621020016907adba4ccd2560227c96b7ba1d554bf7f5ddbee18c26 |
memory/16952-13919-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Program Files (x86)\Steam\userdata\1214517055\7\remote\sharedconfig.vdf
| MD5 | fa1befbc47f05f7067043849df33b888 |
| SHA1 | 9052de89c1a2f0deb5a36330b2722d16ade52ccb |
| SHA256 | daa3fa3ec27ccfd56539149180a99f570cd306f584884ee1c962a6f6f4df8368 |
| SHA512 | dabca2f5b8fe8a67412df26efbf5840d3c7c5e069532904677f389b19e18e32356b12a59522d99520c868d7af00afb651dbb0e75de44cd8664dcb0a58d31482f |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json
| MD5 | 602c49f9246967bdcff45b4f43cf2fb0 |
| SHA1 | 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d |
| SHA256 | a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114 |
| SHA512 | 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5d5d17.TMP
| MD5 | 68b20851ccb9834d21fb32615e42bd43 |
| SHA1 | 88fab935f0b9484994097c08f785e9ecb7d68127 |
| SHA256 | a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f |
| SHA512 | dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | d29f32762d702e5d164440a185c733c2 |
| SHA1 | 3c757ba7958fcfdc1cd3a9c90e168d5199fd3bec |
| SHA256 | 620aeb8617859e8e10b38ccd2112ddae2dd10f153d0780bf5e3f117831a7ad13 |
| SHA512 | 783d4bec52225adbd2fc87ee4e7d4afd16a9b537748a252dc8e9da0559b867b645b2eb11f7d3efbc9c1e6d7db10d163c130acf4ac9c28fb85ae45c2f6fb41058 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | c95ecb4bc0c48676a5d4c0096a7ff02e |
| SHA1 | 6d919cddd2617f10930847d57bc51376b3e0d28b |
| SHA256 | fd4e9192de6699cbb976d5c69dfd8140a3735ddec68f21fc6ddd4a2c726c686e |
| SHA512 | 9e6362abb458f8f57932f6aecf96968298a6c5136e09e82c69142e1a277c0c40144f00bc71783d99c07b5e3502c2d99a368d791505cbd95aa840ed49682284d4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 067c035bd59e201dd92b384667e07641 |
| SHA1 | 68561e24fdf4a04a16021f4bc4f8a3850cacc279 |
| SHA256 | f36f7335acb3b3787024285691e02cd0d18f0ab865cc550f4027de7f5484739b |
| SHA512 | 6e876300842d3995d9cd1d37efdde4d39c46b4aa29a3f6846e80b63e5158e71c4987bdf739d2273743ac683b25e9137de7a2770df722200921c1facadbbe4acd |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 7359475ba88191eca5cde48b968002ea |
| SHA1 | 5c0de56f262cbb68b67b831454484e20a817a6ad |
| SHA256 | 4358370e3826f2ddc4d20ef015ba67c61a245e6f635c5dd58a5df329da74a5fc |
| SHA512 | 0e593b9373d3cbd28874061efe3f085779276b23833541915a0366fa1a80b10b3e630c46a4947e056d2288a642b94091fb0a79965a23517d1c32b57c3521118e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5d6091.TMP
| MD5 | 1e70e17e8b935c6bbabbe3359f9089cc |
| SHA1 | 2dc42f2475db6de1388c19d8390782b3a2b89ff3 |
| SHA256 | d6e8628e721c5ab43f74aab4b8f27e64cd3bec555d83295d50553b0c3965d179 |
| SHA512 | c7ea40423f0195c868757691fce785cd62517c66c7214b23949106135b4067111fba2858637fb3cd439e1ad36ca24760c67173df758854e25b68c7e68c6e19b0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 6c718afd9616eb43480ddf85d94fb1aa |
| SHA1 | a368831e0194d695ffbf3c2364459ac27016c5a1 |
| SHA256 | 46fbaeaf4d931c0198811b3ea1c262e1ff4dd0bcf79aee268285dde986829d35 |
| SHA512 | ad8c2cc99fbe8c6d009765db443ee3505dde3be2be4983cb41b8b03a1bc9a0f409a8cab92b3b744b40aa60a2e18ae1174827be6b5bf6b686aedee86ed2674177 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 39e95217198a6e16407b9f9b3fad7334 |
| SHA1 | fcdc4e74a349a066491ddfded8bd7b87bdc45244 |
| SHA256 | b500f8dd51943d797dc263000300d54f6fee088aaa96f535d7c684cbbcc393b9 |
| SHA512 | e27753111c51e45d90d7f7ac936ed99daf028affc7ce37a1e8d3ec91be907cd514fb8b70241b692fb100302e9c8780991ebe48b7ef0a2f3ca82d351a0d3b89c8 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | fc096a804a04e219eed472554a228b37 |
| SHA1 | e3409517dd7cb190f004d3b5ea3287c29f708902 |
| SHA256 | aab7f86ad27e4e326cd5f936f0019c51089fb4729a413fef63ad312ca348e52b |
| SHA512 | a51a40cf3f63060a097780d92370eabec10cc7d06399bef5381b0a47ef6aed463b2acfb0cc7611568dfdeb8be50a6f582f10f7bc51a63929559366bf113aa3bb |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe5d670a.TMP
| MD5 | fc94d83f5844bd01f74a6ab461f8c708 |
| SHA1 | 7b6eeca615d30558a58a0fe4ce899a93454fe52e |
| SHA256 | 55fc8aa56d546524bb5c73976e313944473ab93d5605a6e1bb3c20608716f9de |
| SHA512 | 15dc08c23ce21aa21c4ce8e5c32314258e8a61a30b4714efe50dc5cdf6550772ce6a16effd10416c52548a30f6e39d9b80b07123ea70c7d51b95d0f6bcc8cc48 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 9500e8068972ff90bb8d774855a0bc1f |
| SHA1 | 27d998fa2f52cf8c0d9c0234ed66eab7cd06f365 |
| SHA256 | 27df474c8f9f2b7b1f3471539bde296fe5153e31d982df90192546445a81ff52 |
| SHA512 | 4466b4827cf5b1f692794366c2bb68ff019f8c29411c24f489c4aee6be489c7a7596b20a81bc0e9917f3cbad17a304d7106664f366bd22c8576e44330770e857 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 66c0c0cf1b264c3e979e896a4c8ac14f |
| SHA1 | fb0cfa848e7d2c97907f730878b08cbb6b5819f2 |
| SHA256 | fb3bbee3b6522b100ca216b682941d41bfcf27b6b482a3ae931ee482b249f453 |
| SHA512 | 162fc44bc305ff671ce14982c6a5a23b9e844b56c729db081a8c5d3e96bdc9c69d308589d3671700fcf6b2716b98a6be4247fdfc8bdb09f73517be4a28e053d3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | c978e8a5d696e0d931ce05aaab328878 |
| SHA1 | 9b56e712aadf8584427f10f2a38b60d9489ba5c7 |
| SHA256 | 4c9674de4267d2a8387ce438796f7483db19695aa1df62e98937e0ea00b1bb20 |
| SHA512 | c435f8ca82bc99d18e3d11673a225d91fe1db2e6b157559214b26b0cdfcd5d5c4af4df3e540b3292fb0c57451e9f3118aa55e8969472e95cbd8b462255bb71a1 |
C:\Program Files (x86)\Steam\userdata\1214517055\7\remote\sharedconfig.vdf
| MD5 | 2a81a729a8603ac5c4f0011543d689b8 |
| SHA1 | e15d0f21effd43a485cc64b663885a03743d7eba |
| SHA256 | 046124f01dc65f5f9e1de97c0674cc35c3fe05be9620afba1f14d1bdcb06c2fb |
| SHA512 | 49ef3ec8091bc1f01e10aaecb156ca8ed49053dfe7c655c8b39ddbf0257a00f8e48037696be26178b22fec64575f2fd7b7bc0eb2677bc3f8e121256bebc6637f |
memory/5576-14189-0x000001E53F600000-0x000001E53F6D6000-memory.dmp
memory/5576-14190-0x000001E53F6E0000-0x000001E53F711000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 55ac4b73be4ee1bcc2419fed4ba40a42 |
| SHA1 | 77ef7a8f3dcea770d5b7a45d1ae85cc2da467250 |
| SHA256 | be488bfa49ba029215d4328dcf97de3a5b06ec0d082f5ba54327050349c52970 |
| SHA512 | b6711e6f9a1a1ded12d6f4a8f41c24f43a8ba408fb6f43c353e99027ae9d8ab6f14a5736be35bddcc5f1f4c6688f17be56a34c87987ad64319b30cf1001139b1 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5d7cc4.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Dictionaries\en-US-10-1.bdic
| MD5 | 4604e676a0a7d18770853919e24ec465 |
| SHA1 | 415ef3b2ca0851e00ebaf0d6c9f6213c561ac98f |
| SHA256 | a075b01d9b015c616511a9e87da77da3d9881621db32f584e4606ddabf1c1100 |
| SHA512 | 3d89c21f20772a8bebdb70b29c42fca2f6bffcda49dff9d5644f3f3910b7c710a5c20154a7af5134c9c7a8624a1251b5e56ced9351d87463f31bed8188eb0774 |
memory/16952-14204-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 838f0dc6a42cbae7647def3b16b7f8cf |
| SHA1 | 82f75511a0d4f4154d8ce054b363996eb4ceffa5 |
| SHA256 | 705b992824e53171a40fb8bcdd744d954fff8d8628ab020d2a52459756655a6a |
| SHA512 | ce2a09fb18053659afccf05125e61c2f056a831a18f6e9616c2b2287c910878c8d2968342d8e3bd1146b8121e655e4ad9776ed445d5a64b29499edf425d8290e |
memory/4828-14284-0x000002D54E6D0000-0x000002D54E701000-memory.dmp
memory/4828-14283-0x000002D54E800000-0x000002D54E8D6000-memory.dmp
memory/16952-14288-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Program Files (x86)\Steam\config\stUI\Steamtools.exe
| MD5 | 1a475aa5000d3958df447de17e0dc14b |
| SHA1 | 8a45a8a2b38a524633a99abc7994aa0ac46c03ce |
| SHA256 | 1208c4d240918ab0b4767bc6a5c0cbe83ee7f21408fb0c5ea68769ebea759b3e |
| SHA512 | e86be352a5732d18db772f3fc80a70ebb223d68148057663ed18aab5c2221fe6d1cb48d4f4e22940419e9144aeacdc03ea05739352f86aed7ce967afd7e80911 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 8c5d484c24a3d8e13019f33a4f41d472 |
| SHA1 | f4f153de35658ef9e91b584d7a7da33990729bf4 |
| SHA256 | d3c2a82984f49bc58efdf011159d4da2f6cc8a14b7dfb022c7116ec12f4e7e19 |
| SHA512 | a17501df212259145f561eefa40a5ea4950b6800510e5604e4b0bb79b4f2094cb2c8e1108f372efbac14b99e6666b502596b0dc73c5cba868dc64353d0f19a9c |
C:\Program Files (x86)\Steam\appcache\librarycache\1161040_icon.jpg
| MD5 | 7ecdaf8a54ec52b20640a88527512903 |
| SHA1 | 3133a4d748ad3be61fe9db759339cd5de73339b5 |
| SHA256 | 7bd8b75aec0a4d4a377f3ca3a023fd8b7c5fc7dc6a2a66d17f8cdfe5b731ab0c |
| SHA512 | 60ae2031eed0c38264f0d8db22a9b6efeb3f80c791e916e15a1730853162d56e0da014dbd93a5479bae4f3bdd5705ca89be70c90574a524abd1c276ed5c55a2d |
memory/16952-14397-0x000000006E660000-0x000000006F9A0000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping16896_132340909\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | d1c4357c2a3d8e1c0938c6058e7ad429 |
| SHA1 | b58728c436cc228c341949e284dafb7dbb3a3f90 |
| SHA256 | 500c3287d8c972f93cfdae7f81c414c26be0f69487fa4cccab337771d1591bdc |
| SHA512 | be0e999a9749236454cb5ecceed5a2ba9dd46f61cd9884352c35e676b3416e05d1b21fa646e8db870c2371cd54a30d069600240d5bdbff333bbdfe69f316d51e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 670e408614e9cf695a42e86bab71cdd5 |
| SHA1 | 668e135247f7f4a93766095a7d9549598cbcea9b |
| SHA256 | 5d495dc927dbe777314339d53911339b3c2f379c298f9713f7c687d2e10a6941 |
| SHA512 | c02f4ad4082d0608db4043c1bcabf1d012f554c2ee6aebac0b447a2328140c145e87d1869b8feb68370df30688cd8db9d0219244b563218eac44346a84cef453 |
C:\Program Files (x86)\Steam\logs\cef_log.txt
| MD5 | b231a64a898ef7a14f9bbdf993e147aa |
| SHA1 | da95861b4c72ea22a7176aa02ba0f78baba37699 |
| SHA256 | 9d58c9b6da8f645c8da731439218094ca7557e64ae01e06fedd1ba0177f135b6 |
| SHA512 | 63e6fcd4840a5111b6f1b8da3612b64ce95bd02ed289b153901f8a3a2265757553c1841e494732346da98dfbce76d0a2449e0c210cc7437c2a2d485e88ef72f9 |
C:\Program Files (x86)\Steam\bin\diversion.dll
| MD5 | fb59f7262848e6c9413d76494d88e1c0 |
| SHA1 | 9fcb582deb9e69b8b8f36522a859d206633010cd |
| SHA256 | 32dda887447b7b5fe74d7745cb6c2d28c677ba479435b4e4bdd8b7ac36379866 |
| SHA512 | 1d2960b7549d4ce63041dd8e20f73a860d8ba32d7a70671a9ded5d539d364a68c621c6f95fe3c00b586cc2ec397d25211f832b5a72414d70c08b6cf6bf644776 |
C:\Program Files (x86)\Steam\steamapps\libraryfolders.vdf
| MD5 | d24a25a518956641a8603eac1c5a16d1 |
| SHA1 | 1475d4e12dba46f55f22924e7230575a85e147c4 |
| SHA256 | 54e1a2f71299960baac3be025d7247c3e0d0e64832151dc549aad1722f4dc83d |
| SHA512 | 33748b7b1b1ace7290d3bb9c5b9310e6c50a64d39c8a0acf0f7478acd09c456c3718f6c1b0f8bbafcf6ef6d0bf12d6f0b4f44e516b10339823f7e8f0f7cbd2dd |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\a3284f4b-90ea-4a0b-81ae-1d9636bf8e60.tmp
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 8851259a3f7165027420868e1e2bd9a2 |
| SHA1 | 5e5dc5384ceadec946bb21e4da606498c0f28886 |
| SHA256 | b51d9edb787adb212eec01833574ca96a559f0dc66efecd1bcc76eb68785a107 |
| SHA512 | 6564fd0a736e9665ff089c38c6c71675fe8b967413b1a566ff881b592ace42f2be4a1bc3c1d53b34cb3ff00822b3f55de74f790cc2c2dc0167ea6205163fe92d |
C:\Program Files (x86)\Steam\userdata\1214517055\config\licensecache.async9036.tmp
| MD5 | ad0cf131f633ed40c27d118f0a7c8db6 |
| SHA1 | 91d3d0a6203ad8c444b4b7b4b46d2da537b99f2f |
| SHA256 | febcbcc4a17ac6c24b78716b005cbbc40a38bca2207c7b231c7a653198dfdb39 |
| SHA512 | 4115cdb30707540a66ccaec09d15415fd87400570fafd112d2b9ad741cb475cf612aeb14d24c86cf58f00d3782546b9682e2c3a9bea525abd1b3195f9ff07801 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | b8cac8d66fc636852620ef83cd4c4d25 |
| SHA1 | 0327cbd643c4f14cf8cbe667cd55fe6e13ea1872 |
| SHA256 | a26d829727b889e0dad0fc0af4297886d40f3d738ae0f30e4b136bc5867b853e |
| SHA512 | 4b200ebb5f260451b18b8449e226ed65ab6fb31830a131d45faaf758834eaaf01b3d3c5efdd63febd866048e979aba0481ed62610d887ff90341e28eb8287ae2 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | cacd26bcb1bd08ba20de5bc67233756f |
| SHA1 | eaaba5d5b99779affe872c7306f027b7371cbff2 |
| SHA256 | 54c82ef09f4bd8221a66da23c22d4d08a2782b562da40584bdb19a6a0b1dc351 |
| SHA512 | 3e387b636f2de66a4d63775dc6673e3e32adc5be0a8a4391d124656c852e9a5c558592e88a4eac7ec4227c43383ab981891a19e640fb51beb39ee3338d8eb0ec |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 5592deabf2d8216c9a7a305ca1879c6f |
| SHA1 | e1123a8ace4f06616afe0a489780a6510f8464bd |
| SHA256 | caede2596c52ad15535df6a827f5a2d1f9cfca6e42d7b153ec2c31e12348724e |
| SHA512 | 565d1099fca00eebdc03a41e522f010a62f836b45192adc6b7f63e55e3e79d78ec899aaedbd2bfafedaf72cd95a59f0d52281aff1c458e4cbb51eda46575624f |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 66da644087e4079e448b23a352f89812 |
| SHA1 | 9d11cfd4c4cd4033f1971c2d41cf627a3c60a8a9 |
| SHA256 | a72c0d4a0a4825a78fe6765800e2edcc1bad3f89c01ee2b571ce3185577b8db8 |
| SHA512 | 262dc5851d06fbdf76492705822d978b00d774c482fc373ed5beb61a5bb3ec913a2bbe5eeb8a2806bb3e1240772a3b8a18cf9214189b13eae269446ad7529f47 |
C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached_timestamp.txt
| MD5 | 9283e8f3984c6c7b87d772f36721a0ad |
| SHA1 | 864f9fa32988fb72d919de12b93e7f56942849e8 |
| SHA256 | 9d8d4f60565654379c5096e62b0930fc9e87cf49259d31af0a9034fb790a7d50 |
| SHA512 | 9858a8ae89a520eb5ba0126fef080539d7b849498243b1b30f72b915b3b12a48e13712eba8f87e2939630ee44b8c55f894092e38390e6094b756422a784de087 |
C:\Program Files (x86)\Steam\resource\filter_profanity_english_cached.txt
| MD5 | 0b8f38d6f219adb6af9a46e34c8b55c5 |
| SHA1 | abfb7eea3e2073ef536ef4c020b79dce54028174 |
| SHA256 | c6cced2a542c64817209699a48ba5c17f32ad47a5bb799d395d707f665378de8 |
| SHA512 | 4a4dcd5efb3433f23848b7bcc18a430f05107985e48f280874f0058eac863b3ddac9f849ab55271f619c026a6282387f553f1ec25e16eba7cb68c850f314beea |
C:\Program Files (x86)\Steam\resource\filter_banned_english_cached_timestamp.txt
| MD5 | 3dbfab45dc5699ad008586e555592bfe |
| SHA1 | 75481ecccc3cbe1e04dd6bcb215f8a76907a9e08 |
| SHA256 | a668b4e84f298c8b29bef63db15421084a41f7eff163e7812f6a06efe1f706ab |
| SHA512 | 2fffabae1674d33d9199f47864b5eb42031ee47ed5bfae4ea57d986fb586572d8d6dd15a567c761e00788ed912e1d58bf3256df3fd73bc117acccfc0a0135a41 |
C:\Program Files (x86)\Steam\resource\filter_banned_english_cached.txt
| MD5 | 009ca439b8e68dbdb83850d51b07c736 |
| SHA1 | b8dd1986d15aef3dcba09c954577c780b549c582 |
| SHA256 | 4bfbbfd0114ee78d7795835c64aae6dc6b525547748c5dd1150d7d1ff8757c43 |
| SHA512 | 25e90b8b737b30879ec9073457cc7b30bdc46ed71b8885ce14f9c1946476d65c6bbdd0ddc19bb09c406cd9439837aec5c8ad007dbb5a4378842e1634429b093e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | ab2b912889b3469f5ee5ec59d79ad79b |
| SHA1 | e18d1328a143a75f558e4e173f5475beb42b5280 |
| SHA256 | d4dfe2b214bb1ad34b5e4771bd7fdb918725f3b173254ac768070389aa63f3ab |
| SHA512 | 11333e9c57ed56fd5e95f2dd2797431c06359edb474f492a5634e71c3a803fc7bc2668314cd5822fb98d2dd68d73b0a5cc1baa031b23a6ceae448d223edd1ec0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000005
| MD5 | 8f661b8c2dc08d06a2992b1006fbf95d |
| SHA1 | 51f7614ee218ca027670a3bb0d7cfe1f23869602 |
| SHA256 | 8bb39a6f700638d352b26ee0cb86fe5fd1127397dbc18d50a5bf37eb9ef6519a |
| SHA512 | 80789cf71769f1c03910535c610c942aa4be684433bcdff360ba309a6c15b3878920a49d1d1303c322de64f200b8e5d316b428b66668d51f9ddffaac0aa5f80f |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000006
| MD5 | 944531387ce01bdf7ad736937b9b13b6 |
| SHA1 | df6268ebe74638714887588a1f43506b915e717b |
| SHA256 | d6c997210287cecf290cc7c5cc99c13a46d874786d1747cace5f00713069e2a7 |
| SHA512 | 25cbff327f7af6013476a5453847a5f0a4354a8efe773a4f7f8e29c4b8c12ba8105ed344109cf0a83ee6fe986468c2318b212d2eddc1dc2a6fb4ad9c7f9fc4c2 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000007
| MD5 | b63db6116a515c8ec16b58bbb1a0db89 |
| SHA1 | c8b53c1566bc23bf614f3faf2dd0e2be49aae50b |
| SHA256 | 58cf7a378014be774e0348655722edbf63b5470f6a4e84b19bb46e10349189a1 |
| SHA512 | b114bbb09dab653809bc63b9b7ce66be04b4baa50fa4ae938b1cafd86eac94b7742ece421fba8c491ad3b95980960acc9d30dc6f0c5e609f1494571583641ab7 |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 369755a36ee4720a27050fee970b4d58 |
| SHA1 | fe6418070e38e1a64291347c90709d702dbc955f |
| SHA256 | 3066e36e54673060f1f49b04f475442d202ea50642da937c70f44a477c2d5408 |
| SHA512 | 63493baf010cfa5bad1a6eff70c8b41753854d607eba15de44aedf8b28ba9b1ae0da0f77c6d88049c99761b16ec92f5fb00310f01556e6a9cd407f5b6fea18f6 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000010
| MD5 | 38aefef2ea44c17d501cbb38cc0c7e54 |
| SHA1 | 55dc9404f34f790e42508ea8d74d6ac87c8d6a94 |
| SHA256 | 29f8a8da900ab06670e7e9c437bd27528ac311b4995d50c702972b29440ab194 |
| SHA512 | 6cd0e45c109d9ef0e0a3419246af71b9dcca214775116bc5c318df53ab906ca33197d831d0b3c05ba004fd31889a5086454eb6e0ef12e594035d3b89f1d1e157 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000012
| MD5 | 487b3b54635e5e78cb40f06019e3d266 |
| SHA1 | 5f27d3247d223035162688d39b8ca8921d662c38 |
| SHA256 | 6ee6a4b5156c04085388db04e54cd35f0b77f68902545cdcbda5367503c0979b |
| SHA512 | 64cdd50b84d9cc6a8b39c70bf7c442e11af54401a02fa745d72f0a12fb9e72a64b9f2772bb8a98c489ab18a8d5fb6ff753e6c6922e2fe86117eff2fa63efea77 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000013
| MD5 | 757750902210ff3c0d12dee4dc5165c6 |
| SHA1 | a3599ca4bd5da9fb9c83e26813ef62327c541566 |
| SHA256 | 72ff7d67ddc7bd23885cbba07f3889be27b50cb597ba41fd546343416676ba67 |
| SHA512 | ef5cb66e561d5f208a872c65b6732bdaa082d421f9815c8a5a439d5e749890e032c2309c1d7ec66d93d1f897941bb5e2c5f860fd9cf8e13adfbf1ab60aeca27b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | efa8f9058a67601a8cfd6392b6bb5466 |
| SHA1 | 478aa58da86e8b2213fae0c9725245a5952f7e8b |
| SHA256 | cc879160d035de0e02be2ac4b5cd97e41c46c9fdc14cfe00469386f55baaf194 |
| SHA512 | f355934fb4ca0068ceb0c27c45eb3a33637b4ada89dd27bc768373b3b5203ec561abce6749f5f8ea94461d7ab85583f39f1e52d12a76d949d48f62adb6bb7381 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b3e8f97535c2e29d3f9d028a2fe12db |
| SHA1 | a9f620ac92437d0ffbc75e0f3426ffc648c4edfa |
| SHA256 | e040d5ec055127fa8b985eeda6e93ee37f7f69ee52824db49f481350e683ca51 |
| SHA512 | 7b81ec2690ebf1b1b9c021acb353f3ce1b00597001f55cad48adf18be0e2f74f5c8e2ece5436065dd0af256028916c8d0e05f821b9f370dfa41d850fc2caee6b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | e63a5c3213f59c7024ee8c54d9e4ebf7 |
| SHA1 | 6c4911928ca15ccb10a1fe868415d7693a674e40 |
| SHA256 | 8e144e00bc2d2e1a1ca772127d654845453be23b0f6e1ad1c9dd138e915ca208 |
| SHA512 | 66478b5a241f4f5a3f60a6e956b52eb511c52bb5436ce78ae6fbe9d3e3d56e5cd5ed1c4b275493d84fea6bad72596761b3dc3d477a7ad22ce100d3d855e8a3c7 |
C:\Program Files (x86)\Steam\appcache\librarycache\1391110_icon.jpg
| MD5 | 8566b7d265d3299e41928f18d265e801 |
| SHA1 | 728b074ab0cf913a501f71d6c87108d972dd30c9 |
| SHA256 | dc265cedb299f7d0ebf039c2e09bd18e4b581b75da92cb4848f6e2b206c01c4f |
| SHA512 | d6cf8cd1b9428a4b5bbe6073c84433493760f7c3a3df7d0fb70affcbf1970e7dcce9eb849bf26f843b1bd6c042dcd877dc25bd698430bebc65530863168e0d4a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 0bed03405ec46db9d151394d6558110a |
| SHA1 | 2de1377b17562b03c7462d593d8bfb9203148496 |
| SHA256 | 5361180dc68ade2aee114c8cc1e3bec247ce0e9b2d3458fc996a4b8c01c911a2 |
| SHA512 | 2b420a451e7cf4910433d1699c427bc2db665003648818f786ed2147890cfdeb1a41f337cc9c2fd5649b2bd2104f266102433913060aaaab51dbf388d3f89563 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 5f573153240f02f20d138f0ccefc2145 |
| SHA1 | a45eeb35839d5e6f2cd118dfbd34cb01c2f76d8e |
| SHA256 | f731dc29c16d723fa0224a9362a208e63a817db7360ef281711095531bdccea8 |
| SHA512 | 8bb90b24d893e11c51339fa818a3c36b21e526949ff50e9e87efd0abcd190ce1aeed8800a8f19efc51e1ac095f1ada2189f223b4d1eb578c1dfbef455feebac9 |
C:\Program Files (x86)\Steam\logs\cef_log.txt
| MD5 | fcad4452b8ce1b3bf3266f907e108ced |
| SHA1 | ed168ab9c347c742fb08d6160ade5363623fa358 |
| SHA256 | cb59ed63b18f34dda370569671d7eb7e9297a0679060767135dcba258c6e8af1 |
| SHA512 | 1897adf8c711855d3f42d2ee057944da6b62bfb4ee8897a8870cf038afa700d0b6df6a454c9edb31d6d98eee755faa81d1aaf92b5d6cf2eb80163ac20bb57450 |
C:\Program Files (x86)\Steam\dumps\settings.dat
| MD5 | 58f98e85e36fdd77393741e72f0ff7c6 |
| SHA1 | 7bde6a61877bea5249d7c41a3ebf54eaa9c38290 |
| SHA256 | 33cea85174824a3fe6de400e4980ae569a2ac67c64551a3736ffbb05f301d17b |
| SHA512 | eda19c8966361ad601fd799e8aafa82a489e53ef4b9a35644a6118f18b17c1520414b970871b0d52f61ca288aff8424ce4f4fec44557d348fe5c644fbfa4a814 |
C:\Program Files (x86)\Steam\userdata\1214517055\7\remotecache.vdf
| MD5 | f0b500f86360574a1e9b49d0ac699461 |
| SHA1 | 5621b6661119ce156957478937b22b76d030c413 |
| SHA256 | c4872ab01e2e71b33732d25055fabf5ef053f91ea9e773ab89972c1d4187d02b |
| SHA512 | bd76d224754522c6368d2f00b53879351a5e5ceb45607e56d5c1e61c72074cf5c013853b72e2ca554e64c002f634814aa52cf8c5e926cb200a215cd2ec6655f6 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | d51e4ac9ef1725785fb5b1f7c155c0fa |
| SHA1 | f9dba2e422849d9a956064b8460c1813f406ae71 |
| SHA256 | 86e2f029a04f9cb521a60b5a5cac9b592eddc62019b2094c270abd28d5a3bba1 |
| SHA512 | 6f8de7a1f42cc029ecff0a96968e72a3dd20836234960716ff51d83d1f3531ca36598411eee2e9604163337551252434fd0e2093907947ccc9289ec68c42ff4f |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | 29e348db795263aabcb5533b608d3d84 |
| SHA1 | 17c21523a38095c9cdda96756341ed10bdaffe69 |
| SHA256 | 750aae583b9d68362e592c591f63bffc15b55c4e0c58980ba8b54b1be2e5a528 |
| SHA512 | 5dc821b7e37596c8d73354e20e1ef4e3d80e29bc71ac03505941637431374d6d1b1111e5c85e50db4438efe0b7e7aa2e728fd69cb92466fa9d5b02bc328b82fe |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 6d41eaee63c97b3626d6a6fd70a77b79 |
| SHA1 | 5c62e93a0dbcaf0c8463fd28d32af47b853fd694 |
| SHA256 | 006ca19bdc39a8c9614bf3fd67e87d9259b2f7e8b81a0608a982430e33d15615 |
| SHA512 | 4d6b895c09aae565f723b2b779b6651c9cbee4066d90e723a7e377d1722cd17ca6150200dea8146d9b59915a7cd7ff0dc2fac0d1299ec83a640b91e9e3b6ec5d |
C:\Program Files (x86)\Steam\userdata\1214517055\config\localconfig.vdf
| MD5 | eb971e13d14f4c2ff6a80c5046310a29 |
| SHA1 | 3f0507f1b91da73c1f837a0681162d95624462f1 |
| SHA256 | 950671bff94812dd1f5e8e15253dd88750f4bb1862e9fa0c1fb0f150b611659f |
| SHA512 | 7876d796cc7ac000f7fc1e554581db2cce904d8eaea3181ed8aab6202c286d24c436777d9d3695682f363eab2445cd96e769a117a13d090ca652920e0690695b |
C:\Program Files (x86)\Steam\appcache\librarycache\635_icon.jpg
| MD5 | 3d325e63058d54d0d29c96f9a92b500f |
| SHA1 | 2263391453e3f77856db1078f0f168fb99dd2c51 |
| SHA256 | 02d01fd6ca74d92044b8e94621ebbefb17294dcd6bb0c824da2f214823497968 |
| SHA512 | 20ae8d1d06ebb0c17c40ec2dee29f0b7bda83f83fc46c6cfe9a8022727a9e7df70254320ece9f4e3899a568901f376434e2b0055b1177886b9993cd4db5a049f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 6d9a6fd8ec09a0e81c502808ad863abc |
| SHA1 | 4fa82747d4338867fb07fde77aae85b094662045 |
| SHA256 | 86a3177ad0ac372ba6fc5294dd3417d3a17ad6f4ec362d4b3e837aaefb42181e |
| SHA512 | 97d961fed4a5478febcbd0bbc61da29ad99f7871c6aac72f451a5409b13bdd463331008ed298156509ca4003f4ac9c5f7fc974807d9528b1606eb08301389e32 |
C:\Program Files (x86)\Steam\appcache\librarycache\730_header.jpg
| MD5 | 5f565e7dee2204792ee3da3c669a1c87 |
| SHA1 | c9f6868ac237770c63dce472ccec0c8fc648b9cf |
| SHA256 | 3d60645c8fdddc4bfe8a9e55dc1b4650311b2e8220f221908c8ef1cd94f067fa |
| SHA512 | d1f211c877681f2c8b40813f7595b7137c5d6747a6670cc9766f14f923a3e76f8f83734980d2adaf9c1ae7f45ccbb3026f4ad0e04c1289df6101913b89fb8958 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 9e01b37da94b5515258bfa5ccd3febeb |
| SHA1 | 26cb578888bea0fe199426179d6b4a2f70055ed4 |
| SHA256 | 8b94859f6bfb818c8687315aeed2febc1631bbc49c9dcf0279b4dec9de1dd74a |
| SHA512 | 9b8a234dd26253f7310b1ed6ad5717e9499192dc56d8e53233e8eeb2f37964c35e9ab1aa72a955a229c456f394b5faeb422707b77408777708fcffae460f318b |